The content of this post can be summarized in one sentence: there are still people debating vim versus emacs (vim, obviously). Instead of engaging in this debate, I want to discuss the “dream” of a standardized development environment. Many companies and engineering teams strive to find the right tools for the job, but it is rare to find something that makes everyone happy. Often, I hear about “paved paths”, but there are pitfalls in this concept that we need to be aware of.…
This week I had to work more than usual with lots of Kubernetes resources which (ab)use environment variables and I thought I would write about the topic because there was enough that I think is somewhat confusing or surprising.
Starting from the official Kubernetes doc, we’re greeted right away with a relatively complex example of what is possible, defining an environment variable that combines other environment variables defined in the same resource.…
This week I embarked on an unexpected journey to figure out how the Status on DaemonSets work. I was trying to debug a problem in a piece of software that I maintain at work, which involves computing the Status for DaemonSet objects in Kubernetes, and I naively assumed that DaemonSets were just a “regular resource” in Kubernetes, but unfortunately I should have remembered that there are only guidelines for resources to implement Statuses and that controllers are pretty much free to do whatever they want.…
This post is just a quick summary of what we have discussed as part of a maintainers’ meeting that we held on 2023-08-10.
Next priorities We’re going to focus on a few things:
Webhook provider, which has this PR as single pre-requisite. We have a plan of testing with new external providers (i.e. IONOS) and hope to get some feedback on its implementation. This will allow us to plan the move of some of the alpha providers to be out of tree and enable new providers to be created.…
I have been working for GitHub for a few years and, as you surely know, GitHub is a big fan of pull requests. The teams I have been working with have been mostly distributed anywhere between UTC+2 and UTC-7 and that meant very little overlap opportunities for synchronous work. At the same time, during my tenure at the company, I did quite a bit of opensource work on ExternalDNS, which meant working with different sets of people, different cultures, different skills and, at the end of the day, different ways of collaboration.…
This post is the short story of an incident that I experienced while operating services at a previous job.
At the time, we were running a microservices architecture and we had a small service that was responsible, without going too much in the details, about user employee authentication. The service was a real microservice: it was doing exactly one thing and doing it well. At the time my team inherited that service, it was stable and not being developed anymore.…
When talking about Kubernetes, a key concept is the one about desired state vs actual state and the functionality of reconciling the actual state to match the desired state. While that is easy to understand, the idea of the desired state needs to be discussed a bit further. What is the desired state from a user’s point of view?
A growing system In the early days of Kubernetes, there were only a few resources: ReplicationControllers, Services, ConfigMaps and a few other things.…
This week I had to compute some stats on how much time pods take to shut down for a few specific workloads and that required knowing what “Terminating” means for Kubernetes pods. If you have used kubectl to interact with a Kubernetes cluster, you have surely noticed that immediately after a pod is deleted and is shutting down, it is indeed shown as “Terminating”.
What not everybody knows is that “Terminating” is not a status for pods, but only something that is shown (for convenience?…
Navigating to this blog, I realized that I haven’t written a blogpost in a year. It seems quite a long time, but 2022 has been a huge mess in my personal life. I had different health issues that affected my life and my mood and I didn’t really find a lot of time to write anything tech related. I’m gonna do this now: my topic for today is “keeping ExternalDNS secure”.…
I wanted to write this blogpost for a long time, but always procrastinated doing it to work on more important things. Now I found a bit of time so I decided to just do it, but keep it reasonably short.
The problem As you might know, I am the maintainer of ExternalDNS. The work I do requires, among other things, to take care of the release process of the project. ExternalDNS is not a project that is continuously delivered: we review PRs periodically which need to pass unit tests and when everything is green, we merge them to the default branch.…