latest posts

  • Capturing Network Traffic from a Kubernetes Pod with Ephemeral Debug Containers

    he other day I had a situation where I needed to debug network traffic between an app and its sidecar proxy. The app was using a minimal distroless container image and didn't have easy access to tcpdump. Fortunately, newer versions of Kubernetes have alpha support for ephemeral debug containers which allow us to spin up temporary containers (with debug tools) inside a running pod! In this post we'll see how we can use ephemeral containers and tcpdump to capture network traffic from a running pod.

  • Public Routing to a Private Kubernetes Cluster

    For personal projects and hacking around on Kubernetes, I'm a fan of inexpensive managed clusters. For about ten bucks a month, I can spin up a small single-node cluster and hit the ground running. Unfortunately, with these small clusters you only get about a gig of usable RAM and a single vCPU at best. If you want more, prices quickly climb. At home, I've got a pretty decent Linux box with 12 vCPU and 48G of RAM that I've lovingly named `tomorrowlan`. A similar configuration on Digital Ocean would run about $240 a month! When I'm messing around on personal projects, I really don't care about resiliency or production worthiness. It would be awesome to use my existing hardware while retaining the ability to share what I've built with others on the wider internet. Thanks to a handful of open-source tools, I can make this dream a reality. With Inlets, Contour, KinD, and external-dns, I can easily spin up new clusters and get them externally routable within seconds.

  • The Great Raspberry Pi Cooling Bake-Off

    Why is my Raspberry Pi 4 running so hot? You may know you need something to cool it down, but what? In this post we compare the performance of various Raspberry Pi coolers. All the way from the humble heatsink to a massive cooling tower complete with RGB fans.

    , updated
  • Save Money and Skip the Kubernetes Load Balancer

    LoadBalancer Services are super convenient. Create one and your cloud provider will provision a new cloud load balancer, external IP address, and firewall rules to make your workload reachable to the world. They also come with a cost. In this post I'll show how you can save money by skipping the load balancer for your development clusters. We'll see how with a few minor tweaks we can route traffic with an Ingress Controller and plain old fashioned DNS.

  • Using kbld to Rapidly Iterate on Kubernetes Deployed Apps

    When creating applications that extend or interact with Kubernetes, there are times when it's necessary to deploy and develop against a real K8s cluster. While Kubernetes makes it trivial to apply and roll out new changes, the building and pushing new dev Docker images for your application can be a rigamarole. On top of that, you also have to remember to configure the imagePullPolicyfor your containers to Always. Fortunately, there is a tool that can help solve all of these problems: kbld. The kbld CLI (pronounced "k build") assists with all things around image building and pushing for Kubernetes.

  • Leaving Breadcrumbs

    This post is going to be a bit meta. I'm going to write a bit about why I take notes publically and, to a lesser extent, blog in general. I started posting to this blog six years ago for kind of a lame reason. I had purchased the `downey.io` domain name and had no clue what to do with it! My earliest content is reflective of that lack of intentionality. Nowadays, I primarily write for three reasons: to cement my own understanding of a subject, to create content where there is none, and to leave digital breadcrumbs for myself and others to find in the future.

  • Desired State Versus Actual State in Kubernetes

    It was once acceptable — and even expected — for web services to go down for maintenance or when under heavy load. Today, however, services are measured in the number of nines of availability they provide. A single server no longer cuts it. One way to achieve higher availability is by running countless copies, or replicas, of our services across geographies. Now, though, we've got ourselves a distributed system to wrangle! In this post we touch on the CAP theorem and the concept of Desired vs Actual State in distributed systems.

  • 2020 Goals

    When it comes to goals and self-improvement, I have a nasty habit of being over-ambitious and over-committing myself -- as evidenced by the piles of technical books and unused yoga equipment cluttering my apartment. In this post I describe what goals, both technical and otherwise, that I will focus on for 2020.

  • Reflections on Kubecon 2019

    A little over a week ago, I had the privilege of attending Kubecon in San Diego. It was an amazing experience, if not just a tad overwhelming in attendance and scale. It was a lot to take in -- and also a lot of fun! Now that I've had a bit of a break, I've had a chance to revisit my notes. In this post, I'll jot down a few of my takeaways from the conference.

  • Simplify Kubernetes App Deployments With Cloud Native Buildpacks and kapp

    In recent years the Kubernetes wave has taken the software world by storm. And for good reason. Kubernetes makes it easy for developers to build robust distributed systems. It provides powerful building blocks for deploying and managing containerized workloads. This makes it an enticing platform for the sprawling microservice "apps" of today. In this post we'll look at simplifying app deployments on Kubernetes with Cloud Native Buildpacks and kapp.