{"@attributes":{"version":"2.0"},"channel":{"title":"Johan Siebens","link":"https:\/\/johansiebens.dev\/","description":"Recent content on Johan Siebens","generator":"Hugo","language":"en","copyright":"<a href=\"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/\" target=\"_blank\" rel=\"noopener\">CC BY-NC 4.0<\/a>","lastBuildDate":"Fri, 21 Jan 2022 00:00:00 +0000","item":[{"title":"OpenFaaS and HashiCorp Vault","link":"https:\/\/johansiebens.dev\/posts\/2022\/01\/openfaas-and-hashicorp-vault\/","pubDate":"Fri, 21 Jan 2022 00:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2022\/01\/openfaas-and-hashicorp-vault\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2022-01-21\/banner.jpg\"\n    alt=\"photo by Shahadat Rahman on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@hishahadat\">Shahadat Rahman<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"introduction\">Introduction<\/h2>\n<p>The secrets feature of <a href=\"https:\/\/www.openfaas.com\/\">OpenFaaS<\/a> provides a unified experience of working with functions that needs sensitive values like an API token or a password. Whether you are using Kubernetes, faasd or a community-driven faas-provider (e.g. <a href=\"https:\/\/github.com\/jsiebens\/faas-nomad\">faas-nomad<\/a>), managing those secrets is the same:<\/p>\n<ul>\n<li>you can create, list, delete and update secrets via the faas-cli<\/li>\n<li>you can specify secrets via API, CLI or yaml<\/li>\n<li>at runtime, the secrets are made available in the container file system and should be read from a specific location <code>\/var\/openfaas\/secrets\/&lt;name&gt;<\/code><\/li>\n<\/ul>\n<p>But what if we are already using a different system to manage all our secrets?<\/p>"},{"title":"Bootstrap your Google Cloud Foundation with Terraform and Gitlab CI","link":"https:\/\/johansiebens.dev\/posts\/2021\/05\/bootstrap-your-google-cloud-foundation-with-terraform-and-gitlab-ci\/","pubDate":"Tue, 18 May 2021 00:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2021\/05\/bootstrap-your-google-cloud-foundation-with-terraform-and-gitlab-ci\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2021-05-18\/banner.jpg\"\n    alt=\"photo by Shivendu Shukla on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@shivendushukla?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">Shivendu Shukla<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"introduction\">Introduction<\/h2>\n<p>The <a href=\"https:\/\/cloud.google.com\/foundation-toolkit\">Cloud Foundation Toolkit<\/a> is a set of templates written for <a href=\"https:\/\/cloud.google.com\/deployment-manager\">Google Deployment Manager<\/a> or <a href=\"https:\/\/hashicorp.com\">HashiCorp<\/a> <a href=\"https:\/\/terraform.io\">Terraform<\/a>, with Google best practices built into it to provide enterprise-grade Infrastructure as Code for your deployments on Google Cloud Platform.<\/p>\n<p>This toolkit includes over 45 different Terraform modules covering many parts to build an end-to-end solution. Not only modules for the basic components like Google Storage buckets, Pub\/Sub topics or VMs are available, but modules for more complex units, e.g. a project factory or network topologies, are available at Github.<\/p>"},{"title":"A Multi Cluster and Multi Orchestrator home lab","link":"https:\/\/johansiebens.dev\/posts\/2021\/05\/a-multi-cluster-and-multi-orchestrator-home-lab\/","pubDate":"Thu, 13 May 2021 00:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2021\/05\/a-multi-cluster-and-multi-orchestrator-home-lab\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2021-05-13\/banner.jpg\">\n<\/figure>\n\n<h2 id=\"introduction\">Introduction<\/h2>\n<p>In this post, I want to write up a summary of a new home lab setup I have built recently. My goal was to have two small, isolated clusters running a different workload orchestrator like <a href=\"https:\/\/k3s.io\">k3s<\/a> and <a href=\"https:\/\/nomadproject.io\">HashiCorp Nomad<\/a>.\nGoing through the <a href=\"https:\/\/gumroad.com\/l\/netbooting-raspberrypi\">netbooting workshop<\/a> of Alex Ellis, I&rsquo;ve learned a lot on how to install and configure everything correctly.<\/p>\n<h2 id=\"bill-of-materials\">Bill of Materials<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.intel.com\/content\/www\/us\/en\/products\/sku\/195503\/intel-nuc-10-performance-kit-nuc10i3fnk\/specifications.html?wapkw=NUC10i3FNK\">Intel NUC kit NUC10i3FNK<\/a> + Samsung 970 EVO PLUS M.2 500GB<\/li>\n<li>6x Raspberry Pi 4 Model B (4GB)<\/li>\n<li>3x <a href=\"https:\/\/thepihut.com\/products\/cluster-case-for-raspberry-pi\">Cluster Case<\/a> for Raspberry Pi<\/li>\n<li>6x <a href=\"https:\/\/shop.pimoroni.com\/products\/fan-shim\">Pimoroni Fan SHIM<\/a><\/li>\n<li>6x SanDisk SD cards<\/li>\n<li>6x SanDisk Ultra Fit 64GB USB drive<\/li>\n<li>2x Kensington UA000E USB 3.0 to Gigabit Ethernet adapter<\/li>\n<li>2x <a href=\"https:\/\/www.netgear.com\/business\/wired\/switches\/unmanaged\/gs105\/\">Netgear GS105<\/a><\/li>\n<li>1x <a href=\"https:\/\/us.anker.com\/products\/a2133\">Anker PowerPort 10<\/a><\/li>\n<li>Short UTP cables (e.g. <a href=\"https:\/\/www.amazon.com\/Logilink-CP0132B-CAT5e-Telephone-Length\/dp\/B00HQIN754\/ref=cm_cr_arp_d_product_top?ie=UTF8\">here<\/a>)<\/li>\n<li>Short USB-C cables (e.g. <a href=\"https:\/\/www.amazon.com\/VOKOO-Cables-inches-Charger-Braided\/dp\/B0711C43JP\/ref=sr_1_1?dchild=1&amp;keywords=Buentek&amp;qid=1620889360&amp;sr=8-1\">here<\/a>)<\/li>\n<\/ul>\n<blockquote>\n<p><strong>A note<\/strong> on the power supply (Anker PowerPort): although such compact multi-port USB chargers look nice and tidy, I&rsquo;ve been warned issues can occur due to not enough power being available. Still, I&rsquo;m using the Anker charger and I&rsquo;m actively monitoring the under voltage occurrences of the Raspberry Pis.<\/p>"},{"title":"OpenFaaS and GKE Autopilot","link":"https:\/\/johansiebens.dev\/posts\/2021\/03\/openfaas-and-gke-autopilot\/","pubDate":"Tue, 16 Mar 2021 00:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2021\/03\/openfaas-and-gke-autopilot\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2021-03-16\/banner.jpg\"\n    alt=\"photo by Rodrigo Rodriguez on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@roka79?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">Rodrigo Rodriguez<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"introduction\">Introduction<\/h2>\n<figure class=\"right-floated center\"><a href=\"https:\/\/cloud.google.com\/kubernetes-engine\/docs\/concepts\/autopilot-overview\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2021-03-16\/Untitled.png\"\n    alt=\"GKE Autopilot logo\" width=\"150\"><\/a>\n<\/figure>\n\n<p>In February this year, Google introduced <a href=\"https:\/\/cloud.google.com\/kubernetes-engine\/docs\/concepts\/autopilot-overview\"><strong>GKE Autopilot<\/strong><\/a>, a revolutionary mode of operations for managed Kubernetes that lets you focus on your software, while GKE Autopilot manages the infrastructure.<\/p>\n<p>GKE offers already a fully managed Kubernetes-as-service that makes setting up and operating a Kubernetes cluster easier. GKE Autopilot takes a step further. In this mode, Google not only takes care of the control plane but also eliminates all node management operations.<\/p>"},{"title":"Control Access to your on-prem services with Cloud IAP and inlets PRO","link":"https:\/\/johansiebens.dev\/posts\/2020\/12\/control-access-to-your-on-prem-services-with-cloud-iap-and-inlets-pro\/","pubDate":"Tue, 29 Dec 2020 00:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/12\/control-access-to-your-on-prem-services-with-cloud-iap-and-inlets-pro\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-12-29\/banner.jpg\"\n    alt=\"photo by Scott Webb on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@scottwebb?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">Scott Webb<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"introduction\">Introduction<\/h2>\n<p><a href=\"https:\/\/cloud.google.com\/iap\"><strong>Google Cloud Identity-aware Proxy<\/strong><\/a>, or in short IAP, is an access control tool on the Google Cloud Platform for controlling access based on <em>who<\/em> is making an HTTP request to your application or <em>who<\/em> is making SSH connections to your virtual servers. As part of the <a href=\"https:\/\/cloud.google.com\/beyondcorp\/\">BeyondCorp<\/a> security model, it enables context-aware access from virtually any location to your applications or VMs without the need for bastion hosts or a traditional VPN.<\/p>"},{"title":"Monitoring Nomad with Prometheus and Thanos","link":"https:\/\/johansiebens.dev\/posts\/2020\/12\/monitoring-nomad-with-prometheus-and-thanos\/","pubDate":"Sun, 20 Dec 2020 10:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/12\/monitoring-nomad-with-prometheus-and-thanos\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-12-20\/banner.jpg\"\n    alt=\"illustration by World Image on Bigstock\"><figcaption>\n      <p>illustration by <a href=\"https:\/\/www.bigstockphoto.com\/search\/?contributor=World&#43;Image\">World Image<\/a> on <a href=\"https:\/\/www.bigstockphoto.com\/\">Bigstock<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"introduction\">Introduction<\/h2>\n<figure class=\"right-floated\"><a href=\"https:\/\/prometheus.io\/\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-12-20\/prometheus-icon-color.svg\"\n    alt=\"Prometheus logo\" width=\"100\"><\/a>\n<\/figure>\n\n<p>If you\u2019ve been around the cloud-native world for a while, I&rsquo;m sure you have already heard of <a href=\"https:\/\/prometheus.io\/\"><strong>Prometheus<\/strong><\/a>, a graduated CNCF project for monitoring and alerting. It is one of the most widely adopted tool for monitoring in the Kubernetes ecosystem.<\/p>\n<p>Prometheus&rsquo;s local time series database stores all the data in a custom, highly efficient format on a local disk.\nBy doing so, the storage is limited by the size of the disk and in fact, Prometheus is not build to keep the metrics data infinitely.<\/p>"},{"title":"Installing HashiCorp Vault on DigitalOcean with hashi-up","link":"https:\/\/johansiebens.dev\/posts\/2020\/12\/installing-hashicorp-vault-on-digitalocean-with-hashi-up\/","pubDate":"Sat, 05 Dec 2020 15:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/12\/installing-hashicorp-vault-on-digitalocean-with-hashi-up\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-12-02\/banner.jpg\"\n    alt=\"photo by Jason Pofahl on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@jasonpofahlphotography?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">Jason Pofahl<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"introduction\">Introduction<\/h2>\n<figure class=\"right-floated\"><a href=\"https:\/\/www.vaultproject.io\/\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-12-02\/Vault_VerticalLogo_FullColor_RGB_small.png\"\n    alt=\"Vault logo\" width=\"150\"><\/a>\n<\/figure>\n\n<p>While every IT environment is not the same, secret management is one of the things that remains constant.\nWhether it is an application, automation script, CI\/CD pipeline, they all rely on some form of credentials to access other services or data.<\/p>\n<p><strong>HashiCorp Vault<\/strong> is a prominent tool in this particular area. It is used for securely storing tokens, passwords, certificates, and encryption keys, while it tightly controls access to that data by authenticating against trusted sources of identity.<\/p>"},{"title":"Quake III Arena, k3s and a Raspberry Pi","link":"https:\/\/johansiebens.dev\/posts\/2020\/11\/quake-iii-arena-k3s-and-a-raspberry-pi\/","pubDate":"Sun, 22 Nov 2020 08:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/11\/quake-iii-arena-k3s-and-a-raspberry-pi\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-11-22\/banner.jpg\"\n    alt=\"banner\">\n<\/figure>\n\n<p>Yesterday I saw a tweet of Chris Campbell passing by in my timeline mentioning <a href=\"https:\/\/github.com\/criticalstack\/quake-kube\"><strong>QuakeKube<\/strong><\/a><\/p>\n<p>Aah, the memories. Quake III Arena, one of my favourite first-person shooter games.<\/p>\n<p>Years ago, I spent (and lost) so much time playing this fast-paced game with friends and foes, and now it is brought into the world of containers and Kubernetes with <a href=\"https:\/\/github.com\/criticalstack\/quake-kube\"><strong>QuakeKube<\/strong><\/a> by <a href=\"https:\/\/twitter.com\/CapitalOneTech\">Capital One Tech<\/a>.<\/p>\n<blockquote>\n<p><em>QuakeKube is a Kubernetes-ified version of<\/em> <a href=\"https:\/\/github.com\/inolen\/quakejs\"><em>QuakeJS<\/em><\/a> <em>that runs a dedicated<\/em> <a href=\"https:\/\/en.wikipedia.org\/wiki\/Quake_III_Arena\"><em>Quake 3<\/em><\/a> <em>server in a Kubernetes Deployment, and then allow clients to connect via QuakeJS in the browser.<\/em><\/p>"},{"title":"Provision a Multi-Region k3s cluster on Google Cloud with Terraform","link":"https:\/\/johansiebens.dev\/posts\/2020\/11\/provision-a-multi-region-k3s-cluster-on-google-cloud-with-terraform\/","pubDate":"Wed, 18 Nov 2020 10:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/11\/provision-a-multi-region-k3s-cluster-on-google-cloud-with-terraform\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-11-18\/banner.jpg\"\n    alt=\"photo by NASA on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@nasa?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">NASA<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<figure class=\"right-floated\"><a href=\"https:\/\/k3s.io\/\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-11-18\/k3s.png\"\n    alt=\"k3s logo\" width=\"150\"><\/a>\n<\/figure>\n\n<p><strong>k3s<\/strong>, a lightweight certified Kubernetes distribution, developed at Rancher Labs. It is one of the three most popular distributions on the CNCF Landscape. Because it is a single binary, it is quite easy to download and install, all while giving you the same bells and whistles like all the other Kubernetes distribution.<\/p>\n<p>With k3s, you can turn any VM or even IoT and edge devices like a Raspberry Pi into a functional Kubernetes cluster. Of course, a single node cluster is good to start with, but when this node crashes for some reason, your applications will suffer a total failure.<\/p>"},{"title":"Secure access using HashiCorp Boundary & inlets PRO Better Together","link":"https:\/\/johansiebens.dev\/posts\/2020\/10\/secure-access-using-hashicorp-boundary-inlets-pro-better-together\/","pubDate":"Sun, 25 Oct 2020 10:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/10\/secure-access-using-hashicorp-boundary-inlets-pro-better-together\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-10-25\/banner.jpg\"\n    alt=\"photo by Nguyen Dang Hoang Nhu on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@nguyendhn?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">Nguyen Dang Hoang Nhu<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<p>A few weeks ago, I had the pleasure to join Hashicorp&rsquo;s second fully virtual conference, <a href=\"https:\/\/hashiconf.com\/\">HashiConf Digital<\/a> 2020. Leading to this online conference, they were teasing all of us with the announcement of two new Open Source products. Spread over two keynotes, Armon and Mitchell gave an introduction to those highly kept secret products, <a href=\"https:\/\/www.boundaryproject.io\/\"><strong>Boundary<\/strong><\/a> and <a href=\"https:\/\/www.waypointproject.io\/\"><strong>Waypoint<\/strong><\/a>.<\/p>\n<p>I haven&rsquo;t looked at Waypoint in detail yet, but here I want to talk specifically about Boundary and what it is. And of course, if you read my previous posts, I couldn&rsquo;t resist to see if this new project can be of any use in my private Raspberry Pi home lab.<\/p>"},{"title":"Consul Service Mesh across a private Raspberry Pi and a public Cloud","link":"https:\/\/johansiebens.dev\/posts\/2020\/09\/consul-service-mesh-across-a-private-raspberry-pi-and-a-public-cloud\/","pubDate":"Wed, 23 Sep 2020 18:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/09\/consul-service-mesh-across-a-private-raspberry-pi-and-a-public-cloud\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-09-23\/banner.jpg\"\n    alt=\"photo by Alina Grubnyak on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@alinnnaaaa?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">Alina Grubnyak<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<p>In my <a href=\"https:\/\/johansiebens.dev\/posts\/2020\/09\/scale-out-your-raspberry-pi-nomad-cluster-to-the-cloud\/\">previous post<\/a>, I wrote about expanding a Consul and Nomad cluster in a private lab to a public cloud. All the nodes, a Raspberry Pi on-premise, or a VM in a public cloud share the same private network provided by Tailscale, and workloads running on Nomad are spread across both environments. Everything is working well, but after a few days running this setup, I wasn&rsquo;t sure if using Tailscale is the right approach for scaling out a local Nomad cluster to the cloud. Don&rsquo;t get me wrong; I still love Tailscale; it is easy to install and use and is a perfect fit for accessing servers from everywhere. But in a more dynamic environment, where nodes are more cattle instead of pets, can come and go when required, other solutions may be better.<\/p>"},{"title":"Scale out your Raspberry Pi Nomad cluster to the cloud","link":"https:\/\/johansiebens.dev\/posts\/2020\/09\/scale-out-your-raspberry-pi-nomad-cluster-to-the-cloud\/","pubDate":"Tue, 01 Sep 2020 20:00:09 +0200","guid":"https:\/\/johansiebens.dev\/posts\/2020\/09\/scale-out-your-raspberry-pi-nomad-cluster-to-the-cloud\/","description":"<figure class=\"center rounded\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-09-01\/banner.jpg\"\n    alt=\"illustration by blackboard on Bigstock\"><figcaption>\n      <p>illustration by <a href=\"https:\/\/www.bigstockphoto.com\/search\/?contributor=blackboard\">blackboard<\/a> on <a href=\"https:\/\/www.bigstockphoto.com\/\">Bigstock<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"intro\">Intro<\/h2>\n<p>A few months ago, I stumbled upon a blog post written by <a href=\"https:\/\/twitter.com\/vogti\">Christophe Voigt<\/a> about how he managed to scale out a Raspberry Pi Kubernetes cluster to the cloud with Tailscale.<\/p>\n<p>In a nutshell:<\/p>\n<ul>\n<li>He grabbed a couple of Raspberry Pis and created a k3s cluster by following the instructions of Alex Ellis.<\/li>\n<li>After learning about <a href=\"https:\/\/tailscale.com\/\">Tailscale<\/a>, a &ldquo;no config&rdquo; private networking solution based on Wireguard, allowing encrypted P2P communication between hosts, across NAT, firewalls, and other networking hurdles, he saw entirely new possibilities. Every machine capable of running k3s and Tailscale can join his k3s cluster, no matter where it&rsquo;s location is.<\/li>\n<li>He was able to build a setup to add and remove nodes of various cloud providers - all via configuration.<\/li>\n<\/ul>\n<p>I do recommend reading his <a href=\"https:\/\/blog.nativecloud.dev\/scale-out-your-raspberry-pi-k3s-cluster-to-the-cloud\/\">full stories<\/a> as it explains in details how he achieved his goals.<\/p>"},{"title":"Argo CD for your private Raspberry Pi k3s cluster","link":"https:\/\/johansiebens.dev\/posts\/2020\/08\/argo-cd-for-your-private-raspberry-pi-k3s-cluster\/","pubDate":"Sun, 23 Aug 2020 17:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/08\/argo-cd-for-your-private-raspberry-pi-k3s-cluster\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-08-23\/banner.jpg\"\n    alt=\"photo by Patryk Gr\u0105dys on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@patrykgradyscom?utm_content=creditCopyText\">Patryk Gr\u0105dys<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<p><a href=\"https:\/\/k3s.io\/\"><strong>k3s<\/strong><\/a>, a lightweight Kubernetes. Smaller, but just as powerful. Certified and fully compliant. Perfect candidate for fitting on your edge ore IoT infrastructure. No wonder it is the favourite go-to distribution for many of us when building a Kubernetes cluster on Raspberry Pis.<\/p>\n<p><a href=\"https:\/\/argoproj.github.io\/argo-cd\/\"><strong>Argo CD<\/strong><\/a>, a declarative, GitOps continuous delivery tool for Kubernetes. Accelerates deployment and lifecycle management of applications. Supports a variety of configuration management tools, like <a href=\"https:\/\/kustomize.io\/\">Kustomize<\/a> and <a href=\"https:\/\/helm.sh\/\">Helm<\/a>.<\/p>"},{"title":"A serverless appliance for your Raspberry Pi with faasd","link":"https:\/\/johansiebens.dev\/posts\/2020\/08\/a-serverless-appliance-for-your-raspberry-pi-with-faasd\/","pubDate":"Mon, 17 Aug 2020 18:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/08\/a-serverless-appliance-for-your-raspberry-pi-with-faasd\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-08-17\/banner.jpg\"\n    alt=\"photo by Luca Bravo on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@lucabravo?utm_content=creditCopyText\">Luca Bravo<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h2 id=\"intro\">Intro<\/h2>\n<p>Serverless computing is not a new concept anymore. It is already quite known and nowadays getting more and more traction as all major cloud providers offer some serverless compute runtime, sometimes also referred to as a Function-as-a-Service (FaaS). AWS Lambda, Google Cloud Run and Azure Functions are some popular implementations.<\/p>\n<figure class=\"right-floated\"><a href=\"https:\/\/www.openfaas.com\/\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-08-17\/OpenFaaS_10_31_2.5_png.png\"\n    alt=\"OpenFaaS logo\" width=\"200\"><\/a>\n<\/figure>\n\n<p>Also in the Open Source community are some very popular implementations available, like <a href=\"https:\/\/www.openfaas.com\/\">OpenFaas<\/a>. It allows you to build your Function-as-a-Service platform on top of Docker Swarm or Kubernetes, avoiding vendor lock-in. One of the unique selling points of OpenFaas is maybe its <a href=\"https:\/\/docs.openfaas.com\/architecture\/faas-provider\/\"><code>faas-provider<\/code><\/a> interface. It makes the platform open for extension by allowing to add other runtimes like HashiCorp Nomad, AWS Fargate, &hellip;<\/p>"},{"title":"Building a Nomad cluster on Raspberry Pi running Ubuntu server","link":"https:\/\/johansiebens.dev\/posts\/2020\/08\/building-a-nomad-cluster-on-raspberry-pi-running-ubuntu-server\/","pubDate":"Sun, 09 Aug 2020 14:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/08\/building-a-nomad-cluster-on-raspberry-pi-running-ubuntu-server\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-08-09\/banner.jpg\"\n    alt=\"photo by Jeff Loucks on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@jeffloucks?utm_content=creditCopyText\">Jeff Loucks<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<p>Recently I started building a tool <a href=\"https:\/\/github.com\/jsiebens\/hashi-up\">hashi-up<\/a> which installs HashiCorp <a href=\"https:\/\/www.consul.io\/\">Consul<\/a> and <a href=\"https:\/\/www.nomadproject.io\/\">Nomad<\/a> on any remote Linux host, whether it is a laptop, VM or Raspberry Pi.<\/p>\n<p>In this article, I will describe how to set up a small Consul and Nomad cluster on a bunch of Raspberry Pis running Ubuntu 20.04. I took <a href=\"https:\/\/ubuntu.com\/download\/raspberry-pi\">Ubuntu Server<\/a> instead of <a href=\"https:\/\/www.raspberrypi.org\/downloads\/raspberry-pi-os\/\">Raspberry Pi OS<\/a> (previously called Raspbian), for two reasons: it comes with a 64bit version, and it has better support for cloud-init.<\/p>"},{"title":"Deploying a highly-available Nomad cluster with hashi-up!","link":"https:\/\/johansiebens.dev\/posts\/2020\/07\/deploying-a-highly-available-nomad-cluster-with-hashi-up\/","pubDate":"Wed, 29 Jul 2020 22:00:00 +0000","guid":"https:\/\/johansiebens.dev\/posts\/2020\/07\/deploying-a-highly-available-nomad-cluster-with-hashi-up\/","description":"<figure class=\"rounded center\"><img src=\"https:\/\/johansiebens.dev\/uploads\/2020-07-29\/banner.jpg\"\n    alt=\"photo by ian dooley on Unsplash\"><figcaption>\n      <p>photo by <a href=\"https:\/\/unsplash.com\/@sadswim?utm_source=unsplash&amp;utm_medium=referral&amp;utm_content=creditCopyText\">ian dooley<\/a> on <a href=\"https:\/\/unsplash.com\">Unsplash<\/a><\/p>\n    <\/figcaption>\n<\/figure>\n\n<h1 id=\"introduction\">Introduction<\/h1>\n<p>In this blog post, I will introduce you to a new tool, <a href=\"https:\/\/github.com\/jsiebens\/hashi-up\" title=\"hashi-up\">hashi-up<\/a>, I created to install a <a href=\"https:\/\/hashicorp.com\" title=\"HashiCorp\">HashiCorp<\/a> Nomad cluster in a matter of minutes.<\/p>\n<blockquote>\n<p>This project is heavily inspired on the work of <a href=\"https:\/\/www.alexellis.io\/\">Alex Ellis<\/a> who created <a href=\"https:\/\/k3sup.dev\/\">k3sup<\/a>, a tool to to get from zero to KUBECONFIG with <a href=\"https:\/\/k3s.io\/\">k3s<\/a><\/p><\/blockquote>\n<h1 id=\"what-is-hashi-up\">What is hashi-up?<\/h1>\n<p>hashi-up is a lightweight utility to install HashiCorp <a href=\"https:\/\/www.consul.io\/\">Consul<\/a> and <a href=\"https:\/\/www.nomadproject.io\">Nomad<\/a> on any remote Linux host. All you need is <code>ssh<\/code> access and the binary <code>hashi-up<\/code> to build a Consul or a Nomad cluster.<\/p>"}]}}