Now that I have a number of pipelines running I would like to deploy these to Kubernetes through a service account. that is quite simple. As an admin user provide resources such as: the namespaces, optionally with limited resources; an isolated service account with restricted access to one namespace; an encoded config file to be used by the Gitlab pipeline. Service Account with permissions The following file serviceaccount.yaml creates the service account, a role, and attach that role to that account: ...

Earlier I posted about my hobby cluster on GKE which I want to keep under an affordable budget. Unfortunately Google Cloud will start charging a management fee from june 2k20 of 10$ct per hour (=$73/mnth) just like AWS. If they unilaterally change the rules, let’s get out of here! I’m thinking of moving to a self-managed Kubernetes cluster on AWS with spot instances: 1 x 1GiB master-node (t2.micro spot instance, $2.920/mnth) 2 x 2GiB worker-nodes (t3.small spot instance, $5.256/mnth) With a total estimated monthly cost of $13.43 (~€15.10 incl. VAT). So, let’s deploy a self-managed Kubernetes cluster on AWS using Kops. ...

Gitlab-CI is awesomelishiously simple. Let’s assume you have a Terraform Gitlab project with a folder structure like mine: README.md .gitignore terraform │ main.tf │ outputs.tf └──variables.tf You can find a .gitignore example here. Since we can provide our credentials via environment variables, the provider can look like: provider "aws" { version = ">= 2.28.1" } In the Gitlab project page, go to “Settings” > “CI/CD” > “Variables”, and set the following variables: ...

In this post I demonstrate a simple container deployment setup; a Jenkins pipeline to Elastic Container Registry (ECR) and Fargate on Elastic Container Service (ECS). I assume you have Jenkins running, with a pipeline and Git repo webhook tied to it. Besides the default Jenkins plugins, you’ll need the Pipeline Utiliy Steps. Also I assume you already have a ECR repository, a ECS Fargate cluster and an AWS service account with credentials. I decided not to use the AWS credentials plugin since it is too implicit. So instead, set regular username & password: ...

With any project, personal or for clients, I develop and build applications in Docker containers; so it would be really convenient to run these as containers in production. Usually I’ll spin up a small Ubuntu VM (GCP/Azure/AWS/Digital Ocean) and install Docker manually. I would love to run everything with Kubernetes as a container orchestrator, but the costs of such a cluster for personal usage seems rather high. Until I found this article by Remko Seelig, using Kubernetes on Google Cloud with preemptible nodes, which is about half the price of regular instances. You loose some availability but that’s probably no problem in my case. ...