When running other people’s software, there are a variety of ways that one can impact the deployment. Developers typically provide a set of configurations that can be set during deployment. Additional configurations are available once it’s running. These are design choices to decide which levers to provide and how flexible to make them. I wanted my instance to do some stuff that the latest release doesn’t do.[Read More]
Proper Mastodon, Proper Permissions
After a kind exploitation, I'm taking it even more seriously
You know how every time any startup deployed software for the 2010s, a news article was posted 6-12 months later about how their files were all stored in a completely unprotected S3 bucket? It’s my turn and it’s a speedrun![Read More]
And Now, a Proper Mastodon Instance on Kubernetes
After seeing the community trajectory, I'm taking it more seriously
Since the Fediverse stuff is catching on, I decided to upgrade the deployment. New name, Kubernetes deployment, encryption, the whole thing. Also moving my account across instances went pretty well.[Read More]
Deploying a Relatively Solid Mastodon Instance
Not entirely Kubernetes but it's in there
I feel compelled to write this up because of the struggles I faced along the way. Nothing was terrible or difficult but some of the docs were outdated and I had to find random gists and do some code archeology.[Read More]
Certification Series: CKA in 2021
Mike sets sail with containers and Kubernetes
Picture it, Silicon Valley (but remote), twenty nineteen.
I’m working at GitLab after being hired despite the job description saying “needs Kubernetes experience” and my interview featuring the concession:
Yeah, we don’t really see anybody with Public Sector and Kubernetes experience.
Coder Enterprise vs Raw Code-Server
Comparing my Frankenstein code-server with Coder Enterprise
Coder recently made their enterprise offering free for up to 10 developers. Since my solution, which I will henceforth call “ICSW”, supports 1 developer, it is well within that limit. I configured a new namespace in the same cluster to run the Coder Enterprise system to see how they compare.
TL;DR: Coder Enterprise has a lot of benefits for centrally managed code-server deployments as well as a multi-image workflow.[Read More]
Upgrade Code Server to 3.5.0
Nice and easy, update 2 files
iPad Code-Server Owns Its Namespace
Code-server pod can create resources in its namespace
The new capability is running additional pods and services (and ingress and statefulsets) within the
development namespace using the
developer service account. This limited access role can’t impact other services but can start a container and use internal DNS and services to access them.
iPad and Code-Server in Kubernetes Workflow
Building software with a comfortable device and capable tools
Kubernetes Problems to Solve
GitLab's delightful Kubernetes development workflow
One of GitLab’s strengths is creating productivity-boosting constraints that positively impact system architecture and DevOps cycles. This is very clear in the Kubernetes-powered workflow, but discovering this can be impossible if an org is already locked into an ops-focused Kubernetes deployment.
Also, Kubernetes is entirely optional so don’t force it before the operations team is ready. Avoid ClickOps, even if that means delaying orchestration.[Read More]