Max Rosin

There are thousands of memes that DNS is the cause of (almost) all computer issues, so debugging DNS issues is necessary more often than anyone would like. One question that comes up often when debugging DNS is: Which server is my actual DNS resolver? An easy way I found to answer this question is the whoami tool of Akamai . whoami.ds.akahelp.net will always respond with the IP address of the requesting server.

Max Rosin

Recently I had an odd problem with Ansible . I had a bunch of servers and knew that all of them had an IP address from a specific subnet but I couldn't be sure which network interface this IP would be (automatically, outside of my control) assigned to. Well, Ansible discovers all network interfaces and IP addresses of our hosts, so that should be easy, right? Let's take a look at those Ansible facts: In theory we have all the facts right there and for the human eye it is quite easy to spot which IP belongs to which interface. But (as far as I know) there is no obvious way in Ansible to query the interface based on an IP. We could use the shell module and call some ip a | sed | foo…

Max Rosin

A week ago I shared on Twitter that I quit my job at SysEleven after half a decade. Those years have been an incredible ride from "part time in support" to "senior kubernetes architect" while learning a ton of things, not only as an engineer but also as a human. If our paths crossed during this time as coworkers or in some other capacity I want to thank you! I am also very happy that some of those work relationships evolved into friendships that will hopefully outlast any job changes. In December 2011 I bought rented my first server from Hetzner Online , since then there hasn't been a month without an invoice from them... accumulating to a surprising amount of money. In November 2018 I…

Max Rosin

In January and February we started our ongoing journey to build a k3s Kubernetes cluster on Hetzner cloud in part 1 and part 2 . We continued this in February with part 3 and 4 where we deployed the hcloud cloud controller manager , cert-manager and nginx ingress controller to get traffic into our cluster. youtube: https://www.youtube.com/watch?v=fHyRrV0eUaU youtube: https://www.youtube.com/watch?v=WkKnfdRa99U

Max Rosin

I am using Tanka to template and deploy namespaces and network policies to Kubernetes. To do this in GitLab CI I am using the official Tanka image on Docker Hub , my .gitlab-ci.yml for it looked like this: Until recently it worked fine like this, but suddenly it stopped working and started to produce the following error: So, this is rather weird... it sounds like GitLab CI tries to run something like tk sh ... , why would it do that? There is no tk sh command in my .gitlab-ci.yml , it doesn't seem to make any sense. After searching a bit I found this helpful explanation: https://gitlab.com/gitlab-org/gitlab-foss/-/issues/65110#note_198073241 . Looking at the Dockerfile of Tanka…