Browsed by
Month: September 2018

Monitoring Your Kubernetes Cluster + Auto Scaling GCE + Regular GCE Instances on Google Cloud Platform with Prometheus, Grafana and Graylog

Monitoring Your Kubernetes Cluster + Auto Scaling GCE + Regular GCE Instances on Google Cloud Platform with Prometheus, Grafana and Graylog

Intro As one can understand from the topic, I had a task to set up monitoring for a project on Google Cloud Platform, which consisted from: regular GCE instances GCE auto scaling instances Kubernetes cluster This project had to have its own monitoring, which, in turn, had to be integrated with the main Prometheus instance used to monitor for many other projects that did not have their own Prometheus instance. The tech stack that is going to be used to…

Read More Read More

Limit Access to Your GKE Kubernetes Pods on Google Cloud Platform

Limit Access to Your GKE Kubernetes Pods on Google Cloud Platform

Currently, there are 3 ways of applying GCP Firewall rules to your instances: All instances in the network Specified target tags Specified service account Unfortunately, none of these will work, if you want to allow a certain port of some container to be accessed by a limited number of IPs. I had a case where client’s Prometheus that was being run as a Kubernetes Pod should have been accessed by the main Prometheus instance (used for centralized monitoring) in order…

Read More Read More

OpenVPN + iptables: Limit Access To Your Internal Services on Google Cloud Platform

OpenVPN + iptables: Limit Access To Your Internal Services on Google Cloud Platform

IMPORTANT This article does not cover GCE instance creation and OpenVPN installation steps – there are a lot of guides on the Internet. Just make sure you enable IP Forwarding during instance creation in order for your VPN to work. Why VPN? Now that people more and more often use cloud computing services, they don’t really need VPNs, because all your cloud services share the same internal network. Moreover, you can create your own private subnets in a few mouse…

Read More Read More

GitLab CI + Kubernetes Executor: Setup and Typical Issues

GitLab CI + Kubernetes Executor: Setup and Typical Issues

Intro GitLab Runner has several types of executors, and the most widely used are shell and docker. While everything is clear about these two, the kubernetes executor type is not that popular. First, Kubernetes itself is a specific software and it does not fit every project; second, the kubernetes executor is a good choice in case your CI jobs require much server resources, which usually are CPU and RAM, but you don’t want to be extra charged for the time…

Read More Read More