There’s a lot more to Minio now than you probably knew about

The metrics dashboard provided by the Minio operator.

Introduction

For the past few years, I’ve been moving on and off Minio’s Kubernetes operator. I forget why now, but every time I moved to it, I would discover it was missing something, documentation was confusing, or it was just too much of a pain to deal with compared to their official Helm chart. Then I saw this a couple of months back:


Implementing the new reCaptcha Enterprise on Nodejs

Detect bots and other unwanted users interacting with your site.

Well, there’s another version of Captcha. This one is called enterprise, and it is the fourth version.

It works basically the same as v3 with some additional features on the implementation side. A comparison can be found here:

reCaptcha comparison

Integrating with it was pretty painful. The documentation is just wrong in several places, the examples are not functional, and several API fields are never really explained.

I’m referring to the example here, in addition to other places:

Bad reCaptcha example

I ended up going through the code files to figure out how to use the module as well as…


Make sure you’re using the Kubernetes Dashboard for the right reasons and with the right security roles

Keeping the dashboard secure is a simple matter of adding the right roles.

I’m sure everyone knows about the Kubernetes Dashboard. This post is to talk about the right reasons for using it, how to secure it properly, and some additional tips (like getting it to work correctly with ingress-nginx).

When should you use the Kubernetes Dashboard?

Well, let’s start out with when you shouldn’t use it. You shouldn’t use it for your operations engineers. kubectl is what they should use. It always has the latest features and capabilities. Plus, a CLI will always be much faster to use than a browser based GUI. …


After using Istio in production for almost 2 years, we’re saying goodbye to it. Learn why, as well as the current state of the Service Mesh Wars.

A raging fire
The Service Mesh Wars are raging. My vote goes to Linkerd, for now.

Let’s get some of the basics out of the way.

Why use a service mesh?

  • It provides traffic monitoring between your micro-services, including a map of service communication and http status codes occurring between them.
  • Adding a service mesh enables you to add mTLS, or in other words, encrypted http traffic between your services.

That’s it, in my opinion. Those two tools are very useful to almost everybody.

A lot of service meshes offer advanced features like traffic splitting, retries, timeouts, etc. I rarely believe these are useful or I think it’s a feature that shouldn’t be handled by a…


A Complete End-To-End DevOps Platform

An illustration of a developer working in the zone
Launch your journey into the simplest and smoothest DevOps flow

Introduction

Welcome! Polymatic Systems is a company that offers a complete end-to-end platform for your applications on Kubernetes. Where most companies can only offer portions of a modern DevOps system, our platform offers a turn key tech company ready to go.

Let’s talk about what setting up a complete end-to-end DevOps platform looks like and what we offer:

VCS (Version Control System)

To start off with, you’ll need a version control system. All of your code, including build and deployment instructions, are stored and versioned.

Secrets Management

You’ll need a secure way to store and version your environment variables as well…


Setting up metrics with alerts, then installing a metrics sidecar exporter that works in Istio’s service mesh.

So many numbers… what do they all mean?

Introduction

This is a full tutorial on setting up Prometheus with Alertmanager on Kubernetes along with the alerts I use. Alerts will be hooked up with Slack (as I never look at emails, lol). The focus will be on getting useful alerts, as opposed to using metrics for determining resource usage. Finally, I found setting up exporters as sidecars in pods using Istio’s service mesh a bit of a challenge, so I’ll include an explanation of how to get that going at the end.

What This Tutorial Covers

  1. Installing Prometheus with Alertmanager
  2. Explanation of the Alerts
  3. Setting Up Nginx Exporter as a Sidecar in Istio’s…


Setting up EFK with some basic examples of usage.

Logging… get it? 🤔🤐💀

Introduction

Here’s a basic example of installing and using unified logging on Kubernetes. I assume you now nothing about it for this tutorial. My personal preference is to use the EFK stack, which is Elastic Search for storage and indexing, Fluentd for aggregating logs for all of your containers, and Kibana to visualize and search through your logs.

What This Tutorial Covers

  1. Installing Elasic Search
  2. Installing Fluentd
  3. Installing Kibana
  4. Basic EFK Usage

What You Need For This Tutorial

A Kubernetes Cluster


Using SocketIO to publish Mongo database change streams to clients

Create a NodeJS app that streams Mongo data changes over web sockets.

This is a full tutorial on creating a NodeJS app that listens for changes in a Mongo database and streams those changes to clients who connect to the app through a SocketIO web socket. The tutorial will also include the setup on the client side and the Mongo configuraiton.

Using this setup, the Mongo database will be the “Source of Truth” and users can get live updates on any changes.

For the full working example, reference this repo: MongoChangeStreamSockets

What This Tutorial Covers

  1. Installing & Configuring Mongo For Change Streams
  2. Creating A NodeJS App With SocketIO & Mongo Driver
  3. Configuring A Back End For…


Practical examples of setting up Istio and using its proxy and telemetry

Setting up Istio with open source telemetry, then installing a basic app and observing it.

This is a full tutorial, complete with working examples, on installing Istio with open source telemetry (like Jaeger, as opposed to Google Stack Driver), configuring the proxy to serve an application, and a peak into how to observe the telemetry using their UIs.

I use GKE to manage my Kubernetes clusters, so there is some GCP specific stuff in here. A lot of it though is generic and can be applied to any Kubernetes cluster, managed or upstream.

What This Tutorial Covers

  1. Installing Istio On A Kubernetes Cluster
  2. Configure Istio’s Envoy Proxy To Serve An App In A Different Namespace
  3. View The Telemetry UIs…


Setting up Kubernetes and Helm on GKE with Odoo as a sample application.

Setting up Kubernetes and Helm on GKE with Odoo as a sample application.

This is a practical introduction to setting up and using Kubernetes, which includes setting it up on Google Kubernetes Engine, installing Helm and Tiller with TLS, installing Nginx and Cert-Manager for TLS secured ingresses, and finally installing Odoo as an example application.

What This Tutorial Covers

  • Creating A Cluster On Google Kubernetes Engine
  • Installing Helm and Tiller For Launching Applications On Kubernetes
  • Installing Nginx and Cert-Manager For TLS Ingresses
  • Installing Odoo As An Example

What You Need For This Tutorial

  • A Google Cloud Platform account

Eric Fossas

Twitter: @ericfossas | Github: efossas

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store