Happy Monday morning!
server utility: Reloader
There’s a great tool created by stakater called Reloader, which is worth installing in every cluster. I should republish this one once a quarter. This operator monitors things like Deployments, Daemonsets, and Statefulsets that reference ConfigMaps or Secrets, and restarts the parent resource when the ConfigMap or Secret changes. This allows you to skip the types of hacks that we all have to get around this lack, things like:
annotations:
checksum/config: {{ .Values.config|toYaml|sha256sum }}Instead, we can add the following annotation, and remove the configmap from our helms values files altogether:
annotations:
reloader.stakater.com/auto: "true"secrets: 1password
This one surprised me when I found it: you can use 1password as a source of secrets! Install the 1password operator into the cluster, create a new “API Credential” item in 1password, and create a resource like the following, and the operator will generate a Secret for you, refreshing it with updated values as necessary.
kind: OnePasswordItem
metadata:
name: <item_name> #this name will also be used for naming the generated kubernetes secret
spec:
itemPath: "vaults/<vault name>/items/<name of item>"All keys and values from your 1password will be synced with your cluster! As a bonus, you get free backups, an RBAC system that allows your employees to see the correct vaults, etc. Pretty great for less than $20/month, plus you get to use it as a password manager.
database: bitpoke’s mysql-operator
MySQL has stood the test of time, but it’s not the most cloud friendly software. Enter bitpoke’s operator, which handles the full lifecycle of the database, including backups, restores, and recovery. It’ll also push that backup to places like S3 without too much extra effort.
monitoring: victoriametrics
Anyone spending much time in kubernetes has heard of prometheus. Anyone who’s spent time with prometheus at scale has likely been frustrated by it scaling options, namely that it’s fairly difficult to scale it horizontally. Victoriametrics forks prometheus, ensures scrape and query compatibility (mostly), and splits it up into multiple components so you scale out the pieces you need. After wiring them up to communicate with each other, you should be in a much better place to scale up as your traffic does!