Skip to content

Category: Automation

Automating Highly Available Kubernetes and external ETCD cluster setup with terraform and kubeadm on AWS.

Automating Highly Available Kubernetes and external ETCD cluster setup with terraform and kubeadm on AWS.

Published June 16, 2019

Today I am going to show how you can fully automate the advanced process of setting up the highly available k8s cluster in the cloud. We will go through a set of terraform and bash scripts which should be sufficient enough for you to literally just run terraform plan/apply to get your HA etcd and k8s cluster up and running without any hassle around.

    Part 0 – Intro.
    Part 1 – Setting up HA ETCD cluster.
    Part 2 – The PKI infra
    Part 3 – Setting up k8s cluster.

Part 0 – Intro.

If you do a short research on how to setup k8s cluster you may find quite a lot of ways this could be achieved.
But in general, all this ways could be grouped into 3 types:

1) No setup
2) Easy Set up
3) Advanced Set up
4) Hard way

By No setup I simply mean something like EKS, it is a managed service, you don’t need to maintain or care about details while AWS will do all for you. Never used it can’t say much on that one.

Easy setup, tools like kops and alike make it quite easy – couple commands run kinda setup:

kops ~]$ kops create cluster \
  --name=k8s.ifritltd.net --state=s3://kayan-kops-state \
  --zones="eu-west-2a" --node-count=2 --node-size=t2.micro 
  --master-size=t2.micro --dns-zone=k8s.ifritltd.net  --cloud aws

All you need is setup s3 bucket and dns records and run the command above which I described two years ago in this article

The downside is first of all it is mainly only for AWS, and generates all AWS resources as it wants, so lets say it would generate security groups, asg, etc in it’s own way which means
if you already have terraform managed infra with your own rules, strategies and framework, it won’t feet into that model but just added as some kind of alien infra. Long story short if you want fine grained control over how your infra should be managed from single centralised terraform, it isn’t best solution, yet still easy and balanced tool.

Before I start explaining how to use Advanced Set up, I am just going to mention that 4th, The Hard way is probably only good if you want to learn how k8s works, how all components interact with each other, and as it doesn’t use any external tool to set up components, you do everything manually, you literally know all the guts of the system. Obviously it could become a nightmare to support such system in production unless all members of the ops team are k8s experts or there are some requirements not supported by other bootstrapping tools.

Finally the Advanced Set up.

Continue readingAutomating Highly Available Kubernetes and external ETCD cluster setup with terraform and kubeadm on AWS.
Comments closed
Advanced Jenkins setup: Creating Jenkins configuration as code and setting up Kubernetes plugin

Advanced Jenkins setup: Creating Jenkins configuration as code and setting up Kubernetes plugin

Published March 18, 2018

This blog post demonstrates how anything in Jenkins could be configured as a code through Java API using groovy code, and how changes could be applied right inside Jenkins job. I particularly will demo how to configure Kubernetes plugin and credentials, but the same concept could be used later to configure any Jenkins plugin you are interested in. We will also look at how to create custom config which could be used either for all
or only specific Jenkins instances so you can setup different instances differently based on security policy or any other criteria.

The Why…

Recently I have been working on a task to improve deployment of our master Jenkins instances on Kubernetes.
On of the requirements was to improve the speed, as we have more than 40 Jenkins masters running on different
environments like test, dev, pre-prod, perf, prod etc and deployed in Kubernetes over AWS cluster. The deployment job took around an hour, involved downtime and required multiple steps.

Continue readingAdvanced Jenkins setup: Creating Jenkins configuration as code and setting up Kubernetes plugin
Comments closed
Automating gmail check in your shell

Automating gmail check in your shell

Published February 5, 2018

It you are just like me, who likes doing almost everything through the shell scripts rather than fancy UI apps, then here is a nice and easy way of checking a new emails in your gmail account:


function gmail(){
	emails=$(curl -s -u $1:$2 "https://mail.google.com/mail/feed/atom"\
	 | egrep -o '<fullcount>[0-9]*' | cut -c 12-)
	if [ "$emails" -gt 0 ] ; then echo "You have ${emails} emails in your $1 account"; fi
}		
gmail daenerys.targaryen $(vault read -field=value secret/GPASSWORD)
gmail simply.dany $(vault read -field=value secret/G2PASSWORD)

Simply add this to your .zshrc/.bashrc and you are done, next time you open a new tab you might get this:


Last login: Mon Feb  5 21:27:39 on ttys006
You have 1 emails in your daenerys.targaryen account
➜  ~
Continue readingAutomating gmail check in your shell
Comments closed