Blog

Discuss this post As most of you might know Germany has been hit pretty hard by Russia’s war on Ukraine and the subsequent lack of natural gas supply out of Russia. A consequence of that development is that gas prices have been raised for all customers in Germany (i.e. nearly 20 million homes) by around a factor of 3. The German government has set a goal for the nation to save 20% of the gas compared to last year’s usage to prevent an emergency situation in terms of a lack of gas....

Discuss this post This is the story of a seemingly simple task of creating a GitHub Actions workflow that … escalated quickly. I hope you people can learn from my mistakes and do better (or quicker). You’ll find the tl;dr version here. Over at Weaveworks we try to automate as many engineering processes as possible. That’s especially true for the tedious work of releasing a new version of one of the components we build....

Discuss this post EDIT January 11, 2022: In previous versions of this article I advertised the try_files directive which made the solution vulnerable to path traversal attacks. Using the return directive and sending a 301 redirect fixed this. Thanks to Penple for making me aware of this vulnerability. With Mastodon being all the rage right now and people massively moving over, new opportunities arise. One of these is that Mastodon allows you to take ownership of your identity using the WebFinger protocol....

To learn how Kubernetes works you should run your own Kubernetes cluster on bare-metal hardware. Discuss this post In the world that I live in Kubernetes is all the rage. This is the world of professional software development and deployment where medium- and large-sized companies are trying to reduce cost and complexity of their IT platforms while at the same time becoming faster at making changes to the software that they run as services to either their internal or external customers....

In the last weeks I have been working a lot on supporting Kubernetes in air-gapped environments, i.e. environments that don’t have any access to the internet. Many companies prefer to run their IT infrastructure in such a way to minimize the attack vector against it and be able to tightly control what’s running on their clusters. Part of these setups naturally is a Docker registry that runs on that air-gapped infrastructure and in order to properly reproduce such a scenario, I had to run a Docker registry on my kind cluster as well and I thought sharing the manifests may help anyone out there get setup faster next time....