Pim Widdershoven

PHP developer and enthusiastic about almost everything that has to do with technology

Deploy Kubernetes Cluster with Rancher Kubernetes Engine (RKE)

In this blog post, I'll explain how you deploy a brand new Kubernetes Cluster with Rancher Kubernetes Engine (RKE). Rancher Kubernetes Engine doesn't include the Rancher management application itself and will deploy a vanilla Kubernetes Cluster for you, the exact same thing as kubeadm can do for you but much more simple!

Written by Pim on Thursday November 28, 2019 - Comment - Permalink
Categories: docker, rancher - Tags: kubernetes, rke, rancher

Install Keycloak on CentOS 7 with MySQL backend

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. I'm using Keycloak as an Identity Broker and have multiple Active Directories added to Keycloak.

Written by Pim on Tuesday October 23, 2018 - Comment - Permalink
Categories: devops, technology, howto - Tags: centos7, authentication, keycloak, mysql, nginx, jboss, identity-provider, active-directory, security

Use Kubernetes Certificate Manager to automatically add SSL/TLS certificates to ingresses

Kubernetes Certificate Manager (cert-manager) is a native Kubernetes controller helping you to issue certificates from a variety of sources, such as Let's Encrypt, HashiCorp Valut, a signing keypair and self-signed. The Certificate Manager ensures certificates are valid and up-to-date, and attempt to renew certificates at a configured time before expiry.

Written by Pim on Tuesday October 16, 2018 - Comment - Permalink
Categories: devops, technology, howto - Tags: kubernetes, lets-encrypt, certificates, helm, tiller, kubernetes-ingress, SSL, TLS, security

Docker on CentOS 7 machine with XFS filesystem can cause trouble when d_type is not supported

At my work, we try to automate almost everything. We're using Docker to containerize our in-house developed software and are running these containers on CentOS 7 machines. When you're using a modern CentOS 7 version, the XFS filesystems are configured correctly with d_type support activated. But when you want to run Docker containers on an older version of CentOS 7, d_type support could be disabled causing a lot of trouble when you're chowning and chmoding files in a container: files are not found or skipped, etc.

Written by Pim on Monday August 27, 2018 - Comment - Permalink
Categories: docker, devops, technology - Tags: docker, centos7, centos, xfs, storage

GitLab Kubernetes Integration with RBAC enabled

Officially, GitLab doesn't support RBAC enabled Kubernetes clusters yet, but with some manual configuration, it is possible to integrate your Kubernetes cluster into Gitlab with RBAC enabled.

Caution: The configurations in this blog post adds cluster administrative access to your GitLab server. Unfortunately, GitLab 11 needs this access to query the cluster and install applications on it.

Written by Pim on Tuesday July 31, 2018 - Comment - Permalink
Tags: kubernetes, gitlab, rbac, security

Backup Percona XtraDB Cluster or Galera Cluster with TwinDB

Database servers and clusters should be backed up regularly to prevent data loss when an error or disaster occurs. You can backup database servers logically using mysqldump, but you can also backup databases physically using Percona XtraBackup. XtraBackup enables you to run full and incremental backups, stream backups, compress and encrypt backups. TwinDB has simplified the usage of Xtrabackup and will automatically backup your Percona XtraDB cluster on an hourly basis.

Written by Pim on Friday March 23, 2018 - Comment - Permalink
Categories: devops, technology, howto - Tags: xtradb-cluster, ha-proxy, high-availability, twindb, backup