Deploy Consul as OpenTofu Backend with Azure & Ansible In this blog post, we provide the necessary steps to setup a single-node standalone Consul server to be used as TF state backend. In doing so, we aim to provide idempotent and reproducible codes using Tofu and Ansible, for the sake of disaster recovery as well as enabling team collaboration within version control system.| Developer Friendly Blog
Deploy Static Sites to Azure CDN with GitHub Actions OIDC In this blog post you will learn how to authenticate and deploy your frontend code to Azure CDN, backed by Azure Blob Storage to deliver low-latency static website to your users. The objective is to avoid hard-coded credentials and only employ OpenID Connect to establish trust relationship between the Identity Provider (GitHub) and the Service Provider (Azure).| Developer Friendly Blog
Cloud-Native Secret Management: OIDC in K8s Explained External Secrets is the de-facto choice for secrets management in Kubernetes clusters. It simplifies the task of the administrator(s) of the cluster, ensuring only the secrets that are explicitly defined are present and accessible. It comes with many great features but most important than all is its integration with major cloud providers. In this blog post you will learn how to deploy it without hard-coded credentials and using only the po...| Developer Friendly Blog
Migration From Promtail to Alloy: The What, the Why, and the How Promtail is (was) the lightweight log collector solution that sends the log over the HTTP to the remote backend. This remote backend is normally Loki but you can choose to send the logs to VictoriaLogs as well. In this blog post, you will see the newer alternative to Promtail, Grafana Alloy. You will see what it is, why it's a good idea to migrate, and the how-to guide to make the jump with least friction.| Developer Friendly Blog
How to Setup Preview Environments with FluxCD in Kubernetes Preview environment is where you see a live state of your changes from your pull request before being merged into the default branch. It gives you a look'n feel of what it would be like if you merged your changes. Kubernetes on the other hand, is what powers the production setups. But that's not all it can do for you. I have spun up preview environments in Kubernetes with different technologies in the past. And in this blog post, I w...| Developer Friendly Blog
3 Ways to Time Kubernetes Job Duration for Better DevOps Knowing how long the exucution of jobs take is a crucial part of monitoring and proactive system administration. Being able to measure, store and query this value over the course of your application lifecycle can help you identify bottlenecks, optimize your infrastructure and improve the overall performance of your application. In this blog post, you are presented with three methods to achive this, starting from one where you have the a...| Developer Friendly Blog
Ente: Self Host the Google Photos Alternative and Own Your Privacy In the recent few years, I keep seeing people being more aware of their privacy and taking it into their own hands. More and more solutions are emerging through the community that address the critical part of our society and personal life; privacy! In this blog post, I will introduce you to Ente, the Google Photos alternative. You will see the codes required to deploy the server into a Kubernetes setup and host the frontend us...| Developer Friendly Blog
How to Deploy Static Site to GCP CDN with GitHub Actions Building and deploying static sites is rarely an issue these days. Most of the PaaS providers already have full support for your live and your preview environments and a clean integration with your favorite Git provider. However, some organizations may choose to stick with big players like GCP for various reasons. In this blog post, you will learn how to build your frontend and deploy your static files to GCP bucket using GitHub Actions...| Developer Friendly Blog
How to Publish to GitHub Pages From Another Repository In this blog post, you will learn how to leverage GitHub Actions to deploy static files to the GitHub Pages of another repository. This can be useful if you keep your source code in a private repository, but also, you may find additional reasons to need this setup. Stick around till the end to find out how to do this with OpenTofu.| Developer Friendly Blog
How to Provision a Production-Ready Autopilot GKE Cluster In this blog post I share my opinioated version of provisioning a Kubernetes cluster in the Google Cloud Platform (GCP) using nothing but Opentofu. The principles discussed here are the ones I have learned while dealing with production setups at the same scale. If you enjoy Kubernetes or want to learn more about GCP, this is for you.| Developer Friendly Blog
Packer: How to Build NixOS 24 Snapshot on Hetzner Cloud Packer is a powerful tool to create immutable images, with support for various cloud providers. In this blog post, I share how I built a NixOS 24 snapshot using Packer on Hetzner Cloud. If you're a fan of NixOS or want to learn more about Packer, this post is for you.| Developer Friendly Blog
How to Create Your Ansible Dynamic Inventory for AWS Cloud Most of the modern software deployment these days benefit from containerization and Kubernetes as the de-facto orchestration platform. However, occasionally, I find myself in need of some Ansible provisioning and configuration management. In this blog post, I will share how to create Ansible dynamic inventory in a way that avoids the need to write hard-coded IP addresses of the target hosts.| Developer Friendly Blog
Over the years of administering and maintaining production-grade systems at different companies, I have found myself in the situations where I needed to deploy internet-accessible services that may or may not provide built-in authentication. These services are usually valuable assets and solutions to the current problems of the organization/platform. Having them exposed and accessible over the internet would benefit the employees and administrators a lot. However, the downside is that not hav...| Developer Friendly Blog
This guide walks through deploying a NodeJS application to AWS Lambda using OpenTofu and GitHub Actions. We cover setting up the development environment, creating a basic AWS Lambda function, and implementing a CI/CD pipeline for ongoing development. We also discuss GitOps principles, security considerations, and performance optimization for Lambda functions. If you're an engineer and want to learn about AWS Serverless, JavaScript, Infrastructure as Code, and Continuous Integration/Continuous...| Developer Friendly Blog
Learn how to create and implement Azure Bastion for secure, scalable access to your cloud resources. Step-by-step guide and best practices included.| Developer Friendly Blog
Optimize monorepo builds: Implement selective builds in CI/CD with GitHub Actions. Reduce build times and improve productivity in large codebases.| Developer Friendly Blog
Leveraging Ory Keto, Permission Handler and Policy Enforcer for Scalable and Secure Access Control: A Developer's Guide to RBAC and ABAC.| Developer Friendly Blog
Master the art of efficient software development: A step-by-step guide to deploying preview environments for pull requests with GitHub Actions and Kubernetes.| Developer Friendly Blog
Best time-series database. How to deploy VictoriaMetrics? Prometheus vs. VictoriaMetrics. Prometheus drop-in replacement. Grafana datasource.| Developer Friendly Blog
How to protect HTTP backend services with Ory Oathkeeper and Kratos. How to secure public or private upstream applications from unauthorized access.| Developer Friendly Blog
Learn how to protect HTTP backend services with Ory products using Oathkeeper as proxy-server and Kratos as authentication server.| developer-friendly.blog
Kubernetes, GitOps, CI/CD, Infrastructure as Code (IaC), and Site Reliability Engineering topics from seven years of production deployments.| developer-friendly.blog
Secure your Azure resources with Bastion. Learn to implement and optimize this powerful tool for seamless, cost-effective remote access and compliance.| developer-friendly.blog
Optimize monorepo builds: Implement selective builds in CI/CD with GitHub Actions. Reduce build times and improve productivity in large codebases.| developer-friendly.blog
Leveraging Ory Keto, Permission Handler and Policy Enforcer for Scalable and Secure Access Control: A Developer's Guide to RBAC and ABAC.| developer-friendly.blog
Learn the secrets to faster code reviews: How to deploy individual preview environments for each pull request using GitHub Actions and Kubernetes.| developer-friendly.blog
Discover why monitoring is crucial, explore VictoriaMetrics & deployment steps, and seamlessly migrate from Prometheus. Perfect for all monitoring workloads.| developer-friendly.blog
Step by Step guide on how to run integration tests using GitHub Actions to automate the application lifecycle and follow DevOps best practices.| developer-friendly.blog
Kubernetes, GitOps, CI/CD, Infrastructure as Code (IaC), and Site Reliability Engineering topics from seven years of production deployments.| developer-friendly.blog
Kubernetes, GitOps, CI/CD, Infrastructure as Code (IaC), and Site Reliability Engineering topics from seven years of production deployments.| developer-friendly.blog
What is GitOps Kubernetes? Learn FluxCD with a practical real-world example to automate & optimize GitOps repository structure.| developer-friendly.blog
Learn how to deploy a lightweight Kubernetes cluster using k3s on Ubuntu 22.04 with OpenTofu & Ansible on Hetzner Cloud and Cilium as the CNI.| developer-friendly.blog
Understand the inner workins of Kubernetes by setting up the components from scratch using Vagrant, VirtualBox, and Ansible on your local machine.| developer-friendly.blog
Learn how to fetch secrets from external sources and create Kubernetes Secret resources using the External Secrets Operator.| developer-friendly.blog
Learn how to grant an Azure Virtual Machine access to AWS services without passing hard-coded credetials, with the power of OpenID Connect.| developer-friendly.blog
Learn how to automate your TLS certificate retrieval from AWS & Cloudflare in Kubernetes using the cert-manager operator.| developer-friendly.blog
The immutable flag on ExternalSecret resource can catch you off guard if you are not careful. Learn how to get on top of it in this blog post.| developer-friendly.blog
Learn how to use OpenID Connect to establish a trust relationship between AWS & a Kubernetes cluster to grant pods access to AWS services.| developer-friendly.blog
