Blog

BLACK LIVES MATTER

Kubernetes Pod Disruption Budget and the Helm hasKey Function

January 21, 2022  -   3 mins read time -   603 words -  garrardkitchen

Pod Disruption Budget When working with Kubernetes, one crucial component of configuration is known as a PDB (Pod Disruption Budget). A PDB will ensure your workload remains running when you work through a Voluntary Disruption. What on earth is a Voluntary Disruption? A Voluntary Disruption is when you trigger an action that causes the disruption. For example, if you wish to upgrade a Minor AKS version or any action that recycles a Node Pool. ...

Adding more Github Self-Hosted Runners

January 18, 2022  -   2 mins read time -   310 words -  garrardkitchen

github self-hosted runner, linux, issue

Adding more GitHub Self-Hosted Runners To help build out our numbers of GitHub Self-Hosted Runner, we took a shortcut and had cloned an existing Linux VM. Unfortunately, the by-product of doing this resulted in (a) the clonee (source) Linux VM had their Self-Hosted hijacked by the new VM and (b) we had a Runner registered in GitHub that didn’t actually have a running runner - Offline 🤪. Madness! Ok, so what to do? ...

Hybrid Origins Http Traffic

January 15, 2022  -   3 mins read time -   532 words -  garrardkitchen

cloudflare, dns, uri forwarder, page rules, zones, domain, hostname

We’re migrating our on-premise workloads to Azure. This has presented several challenges. One of which is what I am covering specifically here in this post and that is … How to reduce code change effort? This isn’t about updating runtimes, this is about having workloads spread across different platforms that need to talk to each other (with some HTTP chaining 👀). It is not uncommon for one HTTP API to need to talk to another HTTP API. ...

K8s Selectors and Labels

January 15, 2022  -   3 mins read time -   514 words -  garrardkitchen

kubernetes, k8s, deployment, pod, replicaset, selectors, equality-based, set-based, kubectl

Right, what’s the deal with all the labels and metadata in a Deployment manifest?!!!! Take this example: apiVersion: apps/v1 kind: Deployment metadata: namespace: default name: nginx-deployment labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx foo: baa template: metadata: labels: app: nginx foo: baa spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80 Here, we see metadata twice, and also there’s mention of matchLabels in selector??? What does it all mean? ...

Azure Defender for Cloud

January 15, 2022  -   3 mins read time -   617 words -  garrardkitchen

azure, defender for cloud, cicd, cve, github actions, windows containers

Defender for Cloud Containers Setting up Defender for Cloud Containers to work with your CICD pipeline is quick and uncomplicated. I do not walk through these set up steps in this post. For that, you can follow those few steps here in this Microsoft post instead âž¡ Setup. The goal of this post is to highlight a few areas of interest and to share my opinions on this feature. I have understandably obfuscated sensitive information. ...

Npm E401 and CERT_NOT_YET_VALID

January 11, 2022  -   4 mins read time -   651 words -  garrardkitchen

github actions, npm, nodejs, e401, cert_not_yet_valid, docker, acr, npmrc, GH Secrets

Today a PR Merge resulted in a GHA failure. Sadly, this is not the only CICD pipeline to fail this year! This particular pipeline builds a NodeJS Image, pushes the image to ACR and deploys the service to a production Docker Swarm (on merge to main). This was the error: [3/7] RUN npm install: #7 1.469 npm ERR! code E401 #7 1.470 npm ERR! Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/736f9f**-09-49-86**-b******31f407, Basic realm=“https://pkgsprodsu3weu. ...

Github Actions Workflow Env Vars

January 8, 2022  -   4 mins read time -   693 words -  garrardkitchen

github actions, linux, windows, syntax, self-hosted runner, environment variables, workflow, cicd

In my current role as Head of Cloud Platform, I am leading the technical effort of migrating our entire on-premise real-estate to Azure. Part of this mission, is to upgrade the runtimes of our applications, regardless of their current placement; IIS Web apps, Windows Services and Docker Swarm containers. I say “part of this mission” as another aspect of this migration is to create a new foundation for our platform - AKS. ...

Runtimes

January 8, 2022  -   5 mins read time -   992 words -  garrardkitchen

.net framework, .net core, .NET 6.0, .NET 3.1, end-fo-life support, linux, windows, syntax, self-hosted runner, cicd, microsoft fasttrak, code quality, image scanning, licensing, cve, nuget, npm

In my current role as Head of Cloud Platform, I am leading the technical effort of migrating our entire on-premise real-estate to Azure. Part of this mission, is to upgrade the runtimes of our applications, regardless of their current placement; IIS Web apps, Windows Services and Docker Swarm containers. I say “part of this mission” as another aspect of this migration is to create a new foundation for our platform - AKS. ...

Permission Denied While Trying to Connect to the Docker Daemon Socket

January 7, 2022  -   3 mins read time -   497 words -  garrardkitchen

docker, linux, github actions, GHA, self-hosted runner, dotnet, Azure Container Registry, acr, containers, pods

Out of the blue today, my first day back after Christmas break, I got this when running a GH Actions Workflow on one of our Self-Hosted Linux Runners 😱: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get “http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied We have several GitHub Self-Hosted Runners running on Linux and Windows O/S that produce, amongst other artefacts, Linux and Windows images. ...

My First Outing With Dapr

November 6, 2020  -   3 mins read time -   563 words -  garrardkitchen

dapr, kubernetes, redis, secret store csi driver, aks, nestjs, keda

TL;DR: Not as forgiving as I’d have liked … I was a speaker at a meet-up in Manchester in late 2020. I spoke about Dapr, Keda and the NestJS Framework. My talk topic was on “Writing less code - let your architecture and abstractions help with your *-cases”. The * in the title is a wildcard for use/edge/corner. My code examples can be found here (includes both docker compose & Kubernetes manifests) - https://github. ...