January 21, 2022
- 3 mins read time
- 603 words
- garrardkitchen
Pod Disruption Budget When working with Kubernetes, one crucial component of configuration is known as a PDB (Pod Disruption Budget). A PDB will ensure your workload remains running when you work through a Voluntary Disruption.
What on earth is a Voluntary Disruption? A Voluntary Disruption is when you trigger an action that causes the disruption. For example, if you wish to upgrade a Minor AKS version or any action that recycles a Node Pool.
...
January 18, 2022
- 2 mins read time
- 310 words
- garrardkitchen
Adding more GitHub Self-Hosted Runners To help build out our numbers of GitHub Self-Hosted Runner, we took a shortcut and had cloned an existing Linux VM.
Unfortunately, the by-product of doing this resulted in (a) the clonee (source) Linux VM had their Self-Hosted hijacked by the new VM and (b) we had a Runner registered in GitHub that didn’t actually have a running runner - Offline 🤪.
Madness!
Ok, so what to do?
...
January 15, 2022
- 3 mins read time
- 532 words
- garrardkitchen
We’re migrating our on-premise workloads to Azure. This has presented several challenges. One of which is what I am covering specifically here in this post and that is …
How to reduce code change effort?
This isn’t about updating runtimes, this is about having workloads spread across different platforms that need to talk to each other (with some HTTP chaining 👀). It is not uncommon for one HTTP API to need to talk to another HTTP API.
...
January 15, 2022
- 3 mins read time
- 514 words
- garrardkitchen
Right, what’s the deal with all the labels and metadata in a Deployment manifest?!!!!
Take this example:
apiVersion: apps/v1 kind: Deployment metadata: namespace: default name: nginx-deployment labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx foo: baa template: metadata: labels: app: nginx foo: baa spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80 Here, we see metadata twice, and also there’s mention of matchLabels in selector??? What does it all mean?
...
January 15, 2022
- 3 mins read time
- 617 words
- garrardkitchen
Defender for Cloud Containers Setting up Defender for Cloud Containers to work with your CICD pipeline is quick and uncomplicated. I do not walk through these set up steps in this post. For that, you can follow those few steps here in this Microsoft post instead âž¡ Setup. The goal of this post is to highlight a few areas of interest and to share my opinions on this feature. I have understandably obfuscated sensitive information.
...
January 11, 2022
- 4 mins read time
- 651 words
- garrardkitchen
Today a PR Merge resulted in a GHA failure. Sadly, this is not the only CICD pipeline to fail this year! This particular pipeline builds a NodeJS Image, pushes the image to ACR and deploys the service to a production Docker Swarm (on merge to main).
This was the error:
[3/7] RUN npm install:
#7 1.469 npm ERR! code E401
#7 1.470 npm ERR! Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/736f9f**-09-49-86**-b******31f407, Basic realm=“https://pkgsprodsu3weu.
...
January 8, 2022
- 4 mins read time
- 693 words
- garrardkitchen
In my current role as Head of Cloud Platform, I am leading the technical effort of migrating our entire on-premise real-estate to Azure. Part of this mission, is to upgrade the runtimes of our applications, regardless of their current placement; IIS Web apps, Windows Services and Docker Swarm containers. I say “part of this mission” as another aspect of this migration is to create a new foundation for our platform - AKS.
...
January 8, 2022
- 5 mins read time
- 992 words
- garrardkitchen
.net framework,
.net core,
.NET 6.0,
.NET 3.1,
end-fo-life support,
linux,
windows,
syntax,
self-hosted runner,
cicd,
microsoft fasttrak,
code quality,
image scanning,
licensing,
cve,
nuget,
npm
In my current role as Head of Cloud Platform, I am leading the technical effort of migrating our entire on-premise real-estate to Azure. Part of this mission, is to upgrade the runtimes of our applications, regardless of their current placement; IIS Web apps, Windows Services and Docker Swarm containers. I say “part of this mission” as another aspect of this migration is to create a new foundation for our platform - AKS.
...
January 7, 2022
- 3 mins read time
- 497 words
- garrardkitchen
Out of the blue today, my first day back after Christmas break, I got this when running a GH Actions Workflow on one of our Self-Hosted Linux Runners 😱:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get “http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied
We have several GitHub Self-Hosted Runners running on Linux and Windows O/S that produce, amongst other artefacts, Linux and Windows images.
...
November 6, 2020
- 3 mins read time
- 563 words
- garrardkitchen
TL;DR: Not as forgiving as I’d have liked …
I was a speaker at a meet-up in Manchester in late 2020. I spoke about Dapr, Keda and the NestJS Framework. My talk topic was on “Writing less code - let your architecture and abstractions help with your *-cases”. The * in the title is a wildcard for use/edge/corner.
My code examples can be found here (includes both docker compose & Kubernetes manifests) - https://github.
...