Another one IT blog

Introduction We are running Kubernetes in AWS with EKS and Bottlerocket Linux as OS for nodes in the cluster. For a few specific workloads we need to use storage-optimized instances. But after instance start attached drive is not partitioned and not formated. So you need to do it as part of cloud-init process. In Amazon Linux 2023 we had for this easy-to-use command called setup-local-disks. But Bottlerocket is different and we need a different solution for it. ...

The Problem We’re Solving Managing Terraform versions across different environments is challenging because: Local development uses whatever version developers have installed CI/CD pipelines (like Atlantis) may use different default versions Multiple teams might prefer different Terraform versions Legacy projects may be stuck on older versions This inconsistency leads to: Plans that work locally but fail in CI/CD Unexpected resource changes due to version differences Provider compatibility issues Time wasted debugging version-related problems How it starts In every company, you eventually reach a point where you have Terraform plans applied with different versions of Terraform, various provider versions, and validated with varying tool versions. The obvious solution is to freeze all versions through company policy or enforce them via CI/CD (which, in our case, is Atlantis). ...

What is Nomad? HashiCorp Nomad is a flexible workload orchestrator that deploys and manages containers and non-containerized applications across on-premises and cloud environments at scale. Unlike Kubernetes, Nomad is designed to be simple to operate while still providing powerful scheduling capabilities. Key benefits of Nomad include: Simplicity: Single binary with minimal operational overhead Flexibility: Supports containers, virtual machines, and standalone applications Multi-region: Native support for multi-datacenter deployments Resource efficiency: Lower resource overhead compared to Kubernetes Background I started my homelab years ago and decided to take a unique approach by running containers in Nomad instead of Kubernetes, Docker Swarm, or other orchestration solutions. When I upgraded my server and installed TrueNAS Scale to manage storage, I needed a way to continue running Nomad for my homelab. This guide shows you how to accomplish this. ...

Introduction In this article, we will discuss a common issue encountered in Kubernetes deployments involving the expiration of the etcD Prometheus certificate. We will also provide a step-by-step guide on how to renew the certificate using OpenSSL. Problem In our Kubernetes deployment, we encountered an error related to the etcD. The error message was as follows: 1 etcd-manager-main-i-0ee1f712d597448db etcd-manager {"level":"warn","ts":"2024-02-21T12:24:18.774Z","caller":"embed/config_logging.go:169","msg":"rejected connection","remote-addr":"10.239.31.99:41644","server-name":"","error":"tls: failed to verify client certificate: x509: certificate has expired or is not yet valid: current time 2024-02-21T12:24:18Z is after 2021-10-04T20:49:28Z"} This error indicates that the client’s certificate has expired or is not yet valid. ...

Solution To unlock your user in ESXi web UI you need to connect to go through the following steps: Connect to your server over SSH: 1 ssh <your-esxi-user>@<your-esxi-ip> Run PAM command to unlock user: 1 2 3 [<your-esxi-user>@r710:~] pam_tally2 --user <user-to-unlock> --reset Login Failures Latest failure From <user-to-unlock> 33 12/27/23 11:23:24 unknown