Serveral months ago, I practiced serveral binary leetcode questions, and I was confused about the following several things: I didn’t pay much attentions to it then, I thought I will get the hang of it after serveral practices. However after serveral practice, I still confused in binary search problems. Latest week an article mentions binary search at https://leetcode.wang/. Little searching, I found more information about this such as lower bound, upper bound, equal-range, open/close range, middle point etc.

Shift-left is a things nowadays. Recently I read an articles about that beyond testing and security. Today I gave it a try using datree and found that there are still a lot of places to improve in one of my clusters. It is not just a small number. There maybe are many new concepts, configurations and best practicies behind the numbers. kubectl datree test > test.log rg -n ❌ test.

Kuberneters dashboard doesn’t give enough information about node and cluster information during rececent loading test. I sought to other options. Prometheus and grafana are the de-facto standards. It’s a no-brainer choice. The most important things is how to make them working together. Setup Prometheus and Grafana kubectl create namespace monitoring helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update helm install prometheus prometheus-community/prometheus -n monitoring helm repo add grafana https://grafana.github.io/helm-charts helm install grafana grafana/grafana -n monitoring kubectl get secret --namespace monitoring grafana -o jsonpath="{.

Today I had a case to expose serveral kubernetes dashboard with cert-manager. Initiallly I thought it should be quite easy to setup, but the reality was quite different. My intial yaml is as following. apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ingress-global-dash namespace: kubernetes-dashboard labels: name: ingress-global-dash use-http01-solver: "true" annotations: cert-manager.io/cluster-issuer: "test-issuer" spec: ingressClassName: nginx rules: - host: "dashboard.example.com" http: paths: - pathType: Prefix path: "/" backend: service: name: kubernetes-dashboard port: number: 80 #later changed to 443 according to port of kubernetes-dashboard svc tls: # < placing a host in the TLS config will determine what ends up in the cert's subjectAltNames - hosts: - dashboard.

According to many articles one the web, the way to set timezone is as following: cp /usr/share/zoneinfo/Asia/Singapore /etc/localtime echo 'Asia/Singapore' > /etc/timezone You can indeed get the correct time if you run it in dotnet core 5 docker linux containers. However you couldn’t get the correct local time in dotnet 6.0. I found the issue About time incorrect of docker image about aspnet-6 #62545. After I tried serveral combinations mentioned in the issue, finally I got a working solution.

Prologue I never thought I will use nginx extensively in systems I involved after I found that nginx ingress has some limitations comparing to istio in 2021. Nginx is more than reverse proxy or webservers which I thought initially after several months of extensive usage in the past. Here I list serveral advanced use case I countered or discussed with other experts. CDN MaxCDN use https://docs.nginx.com/nginx/admin-guide/content-cache/content-caching/

I only noticed the steps after one ergent cancelling of creating. I didn’t find corresponding nodes and wondered what happened. I deleted my cluster and recreated one. I knew I can create nodegroup after creating cluster and not sure if I can do those sub tasks this way as well. Leave it here for later investigation. 2 sequential tasks: { create cluster control plane "uat-local-intl", 2 sequential sub-tasks: { 4 sequential sub-tasks: { wait for control plane to become ready, associate IAM OIDC provider, 4 parallel sub-tasks: { 2 sequential sub-tasks: { create IAM role for serviceaccount "backend-apps/s3-reader", create serviceaccount "backend-apps/s3-reader", }, 2 sequential sub-tasks: { create IAM role for serviceaccount "backend-apps/cache-access", create serviceaccount "backend-apps/cache-access", }, 2 sequential sub-tasks: { create IAM role for serviceaccount "kube-system/cluster-autoscaler", create serviceaccount "kube-system/cluster-autoscaler", }, 2 sequential sub-tasks: { create IAM role for serviceaccount "kube-system/aws-node", create serviceaccount "kube-system/aws-node", }, }, restart daemonset "kube-system/aws-node", }, create nodegroup "ng-1", } }

In the past I knew jsonnet, however I didn’t commit too much time to learn it until recently I encountered a data driven scenario, generating istio yaml configurations based on an array of data. The scenario is business driven, and I can foresee that there will be more data coming. What a waste of time to repeat the copy/paste procedures with little tweaks. I hated to do that again and again.

I started one of my certificates using cert-manager and letsencrypt without root domain in one product system. Later I tried to add root domain to the certificate as our customer requested withou success at first day. I figured out how to do that next morning. Here are my the success one and several failed attempts. Here some background information of this system: gitops + argocd Successful solution Considering that the app argocd is in manual synchronization mode, I can do that changes in place in kubernetes instead of the git repo.

In the past 1 week, I encountered an issue that I couldn’t add a column to a table in one of our production database. I thought restart would resolve the issue. After a restart, however the issue still persist. I checked logs in error/mysql-error-running.log in rds and noticed there are two transactions in prepared state after recovery. In the first gooogle search result page, How to Deal with XA Transactions Recovery caught my attention.