Blog¶

Kubernetes The Hard Way

You might've solved this challenge way sooner than I attempted it. Still, I always wanted to go through the process as it has many angles and learning the details intrigues me.

This version, however, does not use any cloud provider. Specifically, the things I am using differently from the original challenge are:

• Vagrant & VirtualBox: For the nodes of the cluster
• Ansible: For configuring everything until the cluster is ready
• Cilium: For the network CNI and as a replacement for the kube-proxy

So, here is my story and how I solved the famous Kubernetes The Hard Way by the great Kelsey Hightower. Stick around if you're interested in the details.

How to Deploy Static Site to GCP CDN with GitHub Actions

Building and deploying static sites is rarely an issue these days. Most of the PaaS providers already have full support for your live and your preview environments and a clean integration with your favorite Git provider.

However, some organizations may choose to stick with big players like GCP for various reasons.

In this blog post, you will learn how to build your frontend and deploy your static files to GCP bucket using GitHub Actions and serve it behind GCP CDN.

In this approach we will employ OpenID Connect to authenticate GitHub Actions runner to GCP API to avoid passing hard-coded credentials (Actually, GCP calls this Federated Workload Identity but it is unsurprisingly based on OIDC).

If this sounds interesting to you, let's not keep you waiting any longer.

How to Publish to GitHub Pages From Another Repository

In this blog post, you will learn how to leverage GitHub Actions to deploy static files to the GitHub Pages of another repository.

This can be useful if you keep your source code in a private repository, but also, you may find additional reasons to need this setup.

Stick around till the end to find out how to do this with OpenTofu.

How to Provision a Production-Ready Autopilot GKE Cluster

In this blog post I share my opinioated version of provisioning a Kubernetes cluster in the Google Cloud Platform (GCP) using nothing but Opentofu.

The principles discussed here are the ones I have learned while dealing with production setups at the same scale.

If you enjoy Kubernetes or want to learn more about GCP, this is for you.

Packer: How to Build NixOS 24 Snapshot on Hetzner Cloud

Packer is a powerful tool to create immutable images, with support for various cloud providers.

In this blog post, I share how I built a NixOS 24 snapshot using Packer on Hetzner Cloud.

If you're a fan of NixOS or want to learn more about Packer, this post is for you.

How to Create Your Ansible Dynamic Inventory for AWS Cloud

Most of the modern software deployment these days benefit from containerization and Kubernetes as the de-facto orchestration platform.

However, occasionally, I find myself in need of some Ansible provisioning and configuration management.

In this blog post, I will share how to create Ansible dynamic inventory in a way that avoids the need to write hard-coded IP addresses of the target hosts.

How to Protect ANY Upstream Service with Operational Authentication

In this blog post, I will demonstrate how to use Ory Oathkeeper and Ory Kratos to protect upstream services behind authentication, especially the ones that do not have native authentication built-in, e.g., Prometheus, Hubble UI, Alertmanager, etc.

How to Deploy NodeJS to AWS Lambda with OpenTofu & GitHub Actions

If you're a software engineer in any tier, there's a good chance that you're already familiar with the language and syntax of JavaScript. It has a very low barrier for entry and that is one of its strongest suits and what makes it so widely adopted and popular.

In this article, you'll learn how to deploy a JavaScript application to AWS Lambda using the principles of GitOps and with the help of OpenTofu as the Infrastructure as Code and GitHub Actions for the CI/CD pipeline.

Stick till the end to find out how.

Azure Bastion Host: Secure Cloud Access Made Simple

Discover how Azure Bastion can revolutionize your cloud security strategy. This comprehensive guide explains what a Bastion host is, why it's crucial for secure access to your Azure resources, and provides a step-by-step walkthrough for implementation.

You'll learn how to enhance your network security, simplify remote access, and automate Bastion deployment using tools like OpenTofu and Azure CLI. Dive in to unlock the full potential of secure, scalable cloud access for your organization.

Supercharge Monorepo CI/CD: Unlock Selective Builds

Monorepo is the practice of storing all your code in a single repository, which can be beneficial for code sharing, dependency management, and version control.

However, there is no free lunch! As your codebase grows, managing builds become unavoidably complex and time-consuming. This build time is billed on your organization and it can get quite costly.

In this blog post, we'll explore the challenges of building only changed applications in a monorepo and discuss strategies to optimize your workflow with selective builds.

If this gets you excited, let's dive in!