As part of the DevOps team, I get to work on multiple different tools and applications. Recently, I had the opportunity to work on a click app in python which connects to AWS to get data. I am using setup.py build for the deployment(setup.py is a build script for setuptools. It tells setuptools about the package (such as the name and version) as well as which code files to include). A problem that I encountered was how to write test cases that will mock AWS calls. There is good documentation around each component like how to test click app, how…


Overview:

As migration towards microservices increase so does the demand to manage them. Kubernetes has become the de-facto standard for deploying microservices so the ecosystem around managing these services has grown exponentially. In this article, I will go over how we are leveraging Prometheus and ancillary systems for metrics collection and monitoring on k8s.

What & Why Prometheus:

Prometheus is an open-source systems monitoring and alerting tool. It addresses the highly dynamic container environment. Honestly, I didn't find a good alternate tool that is free. It also provides exporters which can convert metrics from an existing system into Prometheus metrics. Few of the exporters that…


Overview:

There are a lot of good articles for Jenkins. A rollout in our case consists of two parts: Application code and Infrastructure. I am not going to talk about Jenkins. I am going to focus on how we are designing rollout using Jenkins Shared Library.

Depending on your requirement you can roll out a project in multiple ways. I am highlighting two options.

  1. Create a single repo that consists of all the components related to a project: app and infra.
  • app: application code
  • infra: consists of Terraform, Datadog, WAF, anything not related to the application

The idea behind this…


k8s PSP

In the last few years, Kubernetes has becomes the defacto standard for deploying containerized applications. There are a lot of interesting posts on Kubernetes. In this post, I am going to highlight how we are implementing PodSecurityPolicies(PSP) on k8s. To begin with, we are running k8s 1.16.6 with RBAC enabled.

What is PodSecurityPolicy — PSP is a cluster-level resource for managing security related aspects of a pod specification.

There are multiple ways to implement PodSecurityPolicy. One way is to use Role Based Access Control (RBAC): Roles and Role bindings. For a PodSecurityPolicy(PSP) to take effect, Cluster User or ServiceAccount that…

tomarv2

some kind of engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store