Recent Posts

More Posts

kubernetes, iptables, gke, gcp, vpn
Note: Since writing this post, I joined Google. We have released a feature called IP Aliases that addresses the problem described in this article, and much more. I recently ran into a problem while using Google Container Engine (GKE), the managed Kubernetes by Google. This lead me to an interesting solution that can be used for a large range of issues you could encounter in Kubernetes. The Problem I was unsuccessfully trying to have my pods communicate with an application available through a VPN: everything was working as expected from a VM but the pods in the GKE cluster had no network connectivity with the services on the other side of the VPN.

CONTINUE READING

aws, reinvent
This is the second and last part of my AWS re:Invent recap. Go check out the first part if you haven’t done so already. In this second post, I will outline the products announced by Werner Wogels during his keynote. You will also find a small opinionated analysis of the impact of each product, based on the current market and ecosystem. I tagged the really important ones with a [Game Changer] in the title.

CONTINUE READING

aws, reinvent
Two weeks ago, thanks to my company, Oxalide, I had the chance to attend AWS re:Invent, in Las Vegas. This is the first part of a recap of all the announcements (yes, there are so many things to talk about that it doesn’t fit in a single post). You will also find a small opinionated analysis of the impact of each product, based on the current market and ecosystem.

CONTINUE READING

aws, k8s, kubernetes, high-avaibility, gitlab
Update March 2017: EFS now supports a single mount point for a volume, so the setup is now much easier because you don’t have to differentiate between AZs. Take that into account while following this blog post. Introduction In the last post we saw how to create a production-ready Kubernetes (K8s) cluster on AWS with Kops. Now, let’s see how to use it in conjunction with AWS managed services to host a highly available application: Gitlab.

CONTINUE READING

aws, k8s, kubernetes, high-avaibility, kops
Introduction Kubernetes is the leading container orchestration solution. It promises to standardize the way you run applications, without worrying if you are running on bare-metal, on a public cloud provider or on a private cloud. AWS being the leading public cloud solution, it is important to be able to run Kubernetes easily on this provider. In this post, I will show you how to create a production-ready Kubernetes cluster on AWS from scratch.

CONTINUE READING

Contact

  • theo.ch+blog@mley.fr
  • @mrtrustor on Keybase.
  • PGP Public Key:
    -----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: GPGTools - http://gpgtools.org

mQMuBEu8VcsRCAC/Z5PO5nqL87I0cpXUramD+Ipk6d0OfwHV1eUZeAwWIrJwGqk3
09xr6FGNj2hkXMIGexQg2q4qVpAef9yscczNTNeFyk/wVtVxc6I2VC1g5BlrHUP8
ExE4aIiI30NNyvrT464WOV20fJoVcxncNcn10TkeA4WDRP5dC/KC50FkStmQyT/Z
RTxbAtP0KXuSmbyfpPeict3yN/Pr75+FgLxDscMa8+jteZ9aTXbPdgVYI1u3qD5S
YJc9MkuxwHRXy6NmvAYewOyM9iedm/Gs/zn0tChw/fUqbVWzmNkr7KgJY1fXE2hC
TdCwD3J0LoXeNg3PX6rVM+lmi04Edfk6wz7XAQDkaxIOzNKas28efTQfiy8dK6vR
Lt+rH2z5ZOYVVRSzSQf+OvOyFn79olPbid50glmwePSW5gT/2yXq56zbAxVNYRxt
7OcyO8D6VVU4/CG1kAdfl/jh2PM2kNMdpvDw7w6N+NddDvvAg5uouOBFNDQLzNq0
C9eIeFC3veAwUCJs6RQ79nexFDzuawGEYoZA/4xIZI5uyeh4xMljkfuWVFFsH8Mj
6tKZU05KS/n/QEN3L85bb7FVcH2hoT68V7ffSoTK2wGS3vraPI9tRa8X27hqO9YU
uYsZX92IC6YE8VMl/evhMU+QrrOHW3UXkT75TPNQUBU0QwLikEek69olUYOHyqB5
5iJ1d3ys22lcZq8dWjAFYbv4xzZTqj3/HsoYI+kQUQf/fFSJjO5KfuRSvOK+MZuI
I5jfZtscmH/iT/SbU6668bjX5ignSd8GXpPEys8O3AlqqLGpyjSgvSGaKCv9FoXG
HKHDvGAB5onyvngeN6bDPtJp1/CURx4okwg76+8rwaRLfYaq4ZVfP8tPhaYCgSWQ
iQnfIr/386MQjU/Pg2zEsekjxgN5cm4KylNLYSUHwPqq9QJ37EBvHP1TkFkWNt+A
zZu5+aWWhjc3Ep+B87tG/14nFdvwvke1wPG1HrHLC87PUTC3g8byC8LJtxk76Sxk
YACqWJ5dlhYo8kQN0Xft4c4cSbkD2Jli6M92f2tQNgn1ULl1Y5oqfbvU7yHCCvYt
Y7QfVGjDqW8gQ2hhbWxleSA8dGhlby5jaEBtbGV5LmZyPoiDBBMRCAArAhsDBQkM
UfAfBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCUgao5wIZAQAKCRAjX3ZrAyFS
X1UvAP9fjf603SiJLivixZ3wxGfFjAJo8xX9dIlFBZ0MlPGvuwEAruCpK7pL1QTZ
uNyyYkDASLQaqQpuBJ52GSSnoFzbgxy0JlRow6lvIENoYW1sZXkgPHRoZW8uY2hh
bWxleUBnbWFpbC5jb20+iIAEExEIACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
AheABQkMUfAfBQJSBqjnAAoJECNfdmsDIVJfez4A/2VpVAv4rAl3d3GqJ85UgtWL
pFaJscHT6vbQEvug0RxSAP9k+sB26LAhOUUruFKOPdJZ6KNiU4ZqYjrlGsRCxwFZ
OLQsVGjDqW8gQ2hhbWxleSAoS1RIIGFkZHJlc3MpIDxjaGFtbGV5QGt0aC5zZT6I
gAQTEQgAKAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlCJd/EFCQxR8B8A
CgkQI192awMhUl+wpgD/WUOnyNEpv+cU/PkAD+HEkpqQbBFgxXbsBZsGROwyZiQA
/3iI8FX2aCmYm0lbKRJbAKlgTQdGRSIdK6IsUsTVZeAMtC1UaMOpbyBDaGFtbGV5
IChvbGQgYWRkcmVzcykgPHRydXN0b3JAZnJlZS5mcj6IgAQTEQgAKAIbAwYLCQgH
AwIGFQgCCQoLBBYCAwECHgECF4AFAlCJd/EFCQxR8B8ACgkQI192awMhUl9QAAEA
soCVcvp7cQrr4//m7Z1n0E21cfdwJEmTwMHj/RbGOGEA/3QhONuSZp0j5OuV7oV5
DpS4KndlHyICVpJrNvBOmQYTtD1UaMOpbyBDaGFtbGV5IChFQ0wgYWRkcmVzcykg
PHRoZW8uY2hhbWxleUBlY2wyMDEyLmVjLWx5b24uZnI+iIAEExEIACgCGwMGCwkI
BwMCBhUIAgkKCwQWAgMBAh4BAheABQJQiXfxBQkMUfAfAAoJECNfdmsDIVJfqnAA
/jbPKwQDiCJ/xiLtFuQKTlblNsgJWBsT5lGwIrI2of2PAP9AjLMEAueF1Bs7KaHT
KCk7L96ktp2209OBkYPd5b+Rd7QoVGjDqW8gQ2hhbWxleSA8dGhlby5jaGFtbGV5
QG94YWxpZGUuY29tPoiBBBMRCAApBQJXjM9UAhsDBQkMUfAfBwsJCAcDAgEGFQgC
CQoLBBYCAwECHgECF4AACgkQI192awMhUl/0gwD/YYyl026/YxKLmXs0OW8OiymO
GdGLGm/sqnLsAoLcikEA/18N+naFMuGmbhzu0y7VK/+OeJ7s6jXLHL6TAtKceF+z
uQINBEu8VcsQCACsXWi/KQIoFGgurPT5ki8ir59fVfh3GMdib+B3+L/FJLnitiNS
4Gj6axlp1HTUb7Ux0kwc8i4y8RnRb8QsIG/dmVbAw9aR7RrLCFJE1r2kgBgaJBRa
SQtb+JnigM0Ip21gygtfSLceryBp9MGtbC0CSQEIx0F4zfogiafz4xAMh4LAKCK2
zYzAkbmNd90G+d3usf9KqT9dXCAlcub/P1t4bUwnxNq4czvlukr2bsyCDIctRqs6
x1+Cz9uPsFjlNvbqMqWkCWdD/APFktR58r2PKbAfiZ+6qPI/ZFhC2adtkCz2X0p+
9HYiU3SnYxdprP5vMObfQazNMak8irBe7GifAAMFCACFCdaANYIrCG/KmlDwEfQh
YRv+b7WQW3Ylp3oJ4+E8WDVLFfHeW3ebvr58+W4T6e9aR2aRlpRPzAGmBK2xUA2z
sRfO7IZr21yYd2CDV7pI0th/bSoYV6z6nRw4z5R0iicP8InanPrR25+h9SBrkEFX
Qjex8uOECqwAt33xIJP05EoyeX+XGD5AsA2PkooS2cjM1AhSz3b3AThTcA2r+41D
RqVr1mwd7oxFsx6F2VYIwkUJ6UnW6LU755wEmVZbp9wefguX2BSA3LqRlyP6Qeez
Iw/iTIWblDSRIavRSes1RcDyKmoluYipLk/AnGdsdSOy4miHDTtahD+74XV31aPV
iGcEGBEIAA8CGwwFAlCJeBAFCQxR8EUACgkQI192awMhUl+FQAEAqdJOVxHxsQE9
3TZBt7nJF5azLitAjnYXTbG5vKTOB40A/iST4+rk+lXPGCku9roRHLBnuKeZNQXA
xiq0GYIOGiR+
=3H5w
-----END PGP PUBLIC KEY BLOCK-----