We have a couple of pods that get pretty intense memory use. It’s possible there is a memory leak because it OOM’d a node due to a spike in usage. One of our temporary solutions while we investigate is to put a pod anti-affinity rule in the deployment. What this means is that we don’t…
Kubernetes Cron Jobs vs. AWS Lambdas
I’ve always stressed that it should never be Kubernetes or Serverless, but rather: What is the right tool for the job. Both technologies are great and both technologies carry their own baggage. This week as I was working on some design and thought about its implementation I had to decide whether I should add a…
Kubernetes Ingress pass through to internal services (not on the Kubernetes cluster)
This is a pretty confusing title but the gist of it is this: We have a service, let’s suppose its a database, running internally. We can get to it from our Kubernetes cluster, but resources outside of Kubernetes can’t get to it. And the only way we can get to Kubernetes services is through a…
EKS Additional users
In our EKS Kubernetes cluster we want multiple AWS users to be able to use the kubectl command to examine resources and for now, they can even have admin access to a few select groups. The way I’ve always done this in the past is I create new stanza in the aws-auth configMap in the…
Prometheus Service Monitors
Prometheus is confusing. It’s such a great project and there is all kinds of information out there, but it’s taken me a bit of legwork to understand it. The first issue is: How are you going to install it? Since I’m running this on Kubernetes it makes sense to use whatever most people are doing….
AWS Client VPN SAML authentication with Google G-Suite
Note: Video for this Blog Post is Here. When dealing with cloud resources the two opposing needs are security and accessibility. When we often deploy resources in a private network inside of an AWS VPC that are not accessible directly from the outside. To access these resources, we can use a bastion server or VPN….
Lens and EKS
Lens is a really cool front end dashboard for Kubernetes clusters. One issue I ran into from connecting to the cluster was that I typically use different AWS Profiles for different clusters. Typically I’ll do something like: To set my user. To put this in Lens so that it can connect, we just add this…
Allowing Applications in AWS EKS to access other AWS services
I have an application that runs in a container. The application is pretty simple in that all it does is list the contents of a DynamoDB database I created. The code is here, as well as all the YAML files for deploying to EKS. The problem is, when we pull this up on a standard…
ARCoachingOverlayView and SwiftUI
These last few weeks I’ve been diving into Apple’s RealityKit for iPhone. I’ve chosen to use SwiftUI instead of UIKit as I like the similarities between it and ReactJS. I thought I’d start posting a few things I learn as I find Apple’s documentation is great if you already know what you’re doing. Unfortunately, if…
Building a Business
I’ve done many coding projects in my career but until this year I’ve never created a project that actually earns money. I have always had big aspirations to do this, and I’ve always talked about it, but until September of this year I had never done it. Well, I’ve done it! Humbly, but I’m still…