ebs-bootstrap: Simplifying Stateful EC2 Workloads
Managing block devices in AWS Nitro environments is fraught with complexity due to unpredictable device names; ebs-bootstrap
addresses this by ensuring stable and predictable device mapping, simplifying the management process
Localise debugging of OPA Gatekeeper Rego Policy
Localise debugging of OPA Gatekeeper Rego Policy
Kubernetes - Utilising tmpfs volumes
When it comes to fast volumes in Kubernetes, nothing can quite beat a ramdisk, or specifically, tmpfs
.
Migration to GitHub & GitHub Actions CI
How reecetech migrated from Atlassian Stash (BitBucket Datacentre) and Atlassian Bamboo CI, to, GitHub.com and GitHub Actions CI
GitHub and Tracking a triggered Workflow run
Introduction The worldwide growth and adoption of GitHub Actions has been undeniable. And no different to many others, we at Reecetech also merged with the masses by utilising this offering. Aside from the commonplace with automation of application continuous integration and continuous delivery, we also facilitated manual triggering of some actions through employing the workflow dispatch event. The workflow dispatch event is significant as it is also one of the only ways to trigger a workflow run externally of the GitHub platform.
Terraform CDK - Managing our GitHub Organisation
Preface Introduction At reecetech, we’re currently in development stages of migrating our repositories from Stash (BitBucket) to GitHub. The Delivery Engineering team has been on the forefront of this migration process and slowly have been onboarding teams and helping them migrate their build and deploy plans over. This migration has been in the works for the past several months. What is Terraform? Terraform is a cloud resource provisioning solution that uses straightforward, declarative programming as its infrastructure.
Building Amazon Linux 2 VMs in VSphere
Building Amazon Linux 2 VMs in VSphere Overview Reece utilises many different virtualised Linux based operating systems for on premise and cloud environments. This includes nodes for Kubernetes clusters as well as virtual machines used for other purposes like application servers. For certain use cases we utilise Red Hat Linux and clones such as CentOS and Rocky Linux, however especially for Kubernetes master and worker nodes (which basically just have to be able to run containers), we have switched to Amazon Linux 2 as base operating system (even for our on-premise VSphere environment) - also to align on-premise and cloud environment builds / post build steps where possible.
Edit Helm3 Manifest Secret In Place
Preface Introduction At reecetech we have been using Helm to template and apply Kubernetes resources for a few years. We went through the pain of updating from Helm2 to Helm3, a migration that took far longer than we estimated 😅. Helm3 is a large improvement for us as it uses Kubernetes secrets inside the namespace the Helm chart is installed. This allows for a very small server side footprint for Helm.
Securing Informix database passwords using Hashicorp Vault
The reecetech solution to secure password delivery using Hashicorp Vault, Active Directory, and shell scripts (ksh93 no less!). We used to store passwords in plain-text, but those days are over.
Dynamic Admission Control in Kubernetes
Preface Introduction At reecetech, it is common for personnel to engage with build and deployment pipelines. This also entails configuration of Helm Charts. With consideration that anybody can make a mistake, it only seems sensible to put safeguards within these delivery pipelines. Everyone has a different scope and agenda, so holistically the system can be overlooked and lead to misconfiguration. An example of this may be a Software Engineer desires more Memory and/or CPU to boost their application performance.