One thing which I tried doing differently this time with one of my side projects is to do TDD from the start. Someone may ask why? It's just a side project no? (1/n) One reason is that, for some of my past side projects, when someone creates an issue/submits a PR. I wouldn't necessarily remember everything which I did/why I did x instead of y, when I would have authored it (more on how this can be improved later) (2/n)

Releasing v0.2.0 for Bhola github.com/tasdikrahman/b…! This release comes with the ability to push SSL cert expiry notifications to @SlackHQ for the domains which bhola is tracking

https://twitter.com/tasdikrahman/status/1306945863369936896?s=20

(1/n) It will alert for all the domains, which have already expired/are about to expire within the buffer period which you have set & send notification to your slack channel via webhook endpoint, periodically checking in the interval set by the operator, for expiration. (2/n)

Took this out for a spin for my repo

https://twitter.com/tasdikrahman/status/1308601332853436417?s=20

(1/n) Another player in the container registry space, but none the less, I now don't have to play around with my @Docker hub credentials, to push the container image for my repo's, one less thing to worry about (2/n)

Have been using @github pipelines for one of my public repositories and it has been a great experience so far, having the CI experience (build, lint, run tests etc.) right in front of you, was something had been missing in their UX. (1/n) Rather than delegating the CI experience to an external entity, which would create another lookup and another thing to worry about. This pretty much has taken the developer experience a step further. (2/n)

Do you sometimes wake up, with a call by someone from your team, telling you some SSL cert has expired? Do you keep track of SSL cert expirations on your to do notes or excel sheets? Would you like to be on top of such x509 cert renewals? github.com/tasdikrahman/b… is for you (1/n) v0.1 of Bhola, will give you a dead simple API, which you can use to ask Bhola, to track domains which have certs attached to it. It automatically checks for the cert expiration in the background keeping note of when is it expiring. (2/n)

Thinking of installing @The_Pi_Hole on this one.

https://twitter.com/tasdikrahman/status/1291600291649843201?s=20

Load average seems decent so far, although the ssh is unusually laggy, no process seems to hog too much of resource, will dig on this later.

TIL

https://twitter.com/QuinnyPig/status/1291577181810724864

If you are wondering what the tweet is talking about, just do a `$ ls -l /usr/bin | head` and if you're on linux, you will see something like [

A few notes on @kubernetes cluster upgrades on GKE (1/n) Quite a few things are GKE specific, but overall quite a few things would apply irrespective. (2/n)

5 years back, sitting in @sai_ashirwad 's room, we both tried to dual boot @ubuntu on my laptop. We did get it installed on my laptop, the only caveat being, that we also managed to wipe the whole windows setup which I had. No backups apart from some important docs. (1/n) Add on top of this, I had only used @Windows till that point of time as my only Operating system. Zero experience in even interacting with any linux machine. Zilch. (2/n)

A few observations and learning over the networking API's of @IstioMesh while running it in production. (1/n) To help visualize this better, there would be a workload, which can be thought as a logical unit (VMs, k8s pods etc.), which is the source of traffic. A workload comprises of a service(svc) + envoy proxy sidecar. So 2 workloads would comprise of 2x set of service + proxy. (2/n)

Was trying to get the pods of a deployment get created in a rollingUpdate fashion in @kubernetesio , and not try getting scheduled at the same time when the deployment object gets created (1/n) Turns out, this is possible only in the case of a stateful set without any volumes, that would work too in this case if you want such behaviour. (2/n)

A few observations while running maintenance activities for @etcdio (1/n) For starters, to avoid running out of space for writes, the keyspace history has to be compacted. Once reached, this would be obvious from the errors gotten by your client using etcd. Better to track `etcd_mvcc_db_total_size_in_bytes` emitted by default (2/n)

If you haven't had a look at pod-affinity and anti-affinity, it's a great way which one can use to distribute the pods of their service across zones. kubernetes.io/docs/concepts/… (1/n) One can use preferredDuringSchedulingIgnoredDuringExecution, which can be used for podAntiAffinity, for the scheduler to not be fixated on the constraints you put, rather it would give a best case effort to schedule the pods based on your constraints. (2/n)

If you're deploying @HashiCorp 's consul as stateful set, be careful on not to have PodManagementPolicy as OrderedReady(default) with readiness probe enabled. OrderedReady means that if there are 3 pods in total in the deployment, consul-0 would not come up (1/n) @HashiCorp The reason why consul-0 would not come up is that the health check would fail in this case, as the leader would have not been elected, consul-1 would not come up due to OrderedReady being set, this causes the pods to come in an ordered fashion. (2/n)

And we are at the all new mechanical keyboard meet-up in Bangalore hosted at @obvious_in
~ @oddtazz @captn3m0 Goes by the name “Half of dactyl Manuform” coming with gateron yellow switches.

.#TIL $ kubectl explain pod.spec.containers

will give you a swagger doc of the resource which you have requested for

#Kubernetes $ kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
foo-bar-sdvma 49m 7% 75Mi 17%
#TIL

.@kevinbheda and Preethi talking about the use cases of @EnvoyProxy at @gopayindonesia #DevOpsDaysIndia2019 .@EnvoyProxy setup at @gopayindonesia #DevOpsDaysIndia2019

Have a #microservices, but don't want to introduce a #servicemesh?
- Want circuit breaking? github.com/Netflix/Hystrix solves it for you
- Want a gateway service? github.com/Netflix/zuul got you covered
- Standardize #RPC calls? github.com/Netflix/ribbon is out there
(1/n) - Service discovery? github.com/Netflix/eureka, github.com/hashicorp/cons… and a few other proven projects
- Tracing? github.com/openzipkin/bra… and a few others
- Metrics? github.com/Netflix/specta…, github.com/prometheus and a few others.
(2/n)

Started reading @Google 's #SRE book and some insights from it so far, will keep updating the thread as I finish the chapters. (1/n) @Google The initial chapter touches upon the idea, that fixes being pushed with human-interruption need to scale linearly as the product grows/scale increases. Practicing the ideology of building systems which would in turn manage the hand holding which #syadmins do is radical (2/n)

.@stahnma talking about legacy software circleci.com/blog/the-littl… (1/n) TIL there's a term called as Newton’s Third Law of #sysadmin, which says “a system untouched will remain online.” Where he elaborates that this isn't true after a point. (2/n)

Migrations in #infrastructure and in engineering product teams as a whole are inevitable. If you have built something which is no longer serving its purpose, the people building it mostly would have built it to satisfy the earlier required use cases and not overengineering (1/n) It's often helpful to work with 1 or 2 of the most challenging teams, work with them to build, evolve and migrate to the newer system, creating a sense of confidence, reliability around what you are building, in the process having covered most of the edge cases if not all. (2/n)