Developing Go Services For Kubernetes with Telepresence and konfig

The Problem As a developer when you are working on a Kubernetes application on your local machine, if you want to test or debug something, you have the following options: A full environment running using docker-compose. A full environment running in a local Kubernetes cluster (Minikube or Docker-for-Desktop) Pushing instrumented code, building, testing, and deploying to a dev Kubernetes cluster through CI/CD pipeline. The problem with the first two options is the environment you get is not close by any means to your actual final environment (staging and production)....

Mar 4, 2020 · 4 min · Milad Irannejad

Dynamic Configuration Management and Secret Injection with konfig

TL;DR Dynamic configuration management and secret injection refer to updating an application with new configurations and secrets in a non-disruptive way. Kubernetes ConfigMaps and Secrets mounted as files into containers will be updated with new values automatically. konfig makes dynamic configuration management and secret injection very easy to implement and use for Go applications. The Problem Dynamic configuration management and secret injection refer to a situation that your application can update its configurations and secrets without needing a restart....

Mar 4, 2020 · 5 min · Milad Irannejad

The Configuration Complexity Curse

TL;DR Three different approaches to dynamic configuration: Templating Examples: Helm, gomplate, etc. Text templating very quickly becomes fragile, hard-to-understand, and hard-to-maintain. Template writers lack the tools to build abstractions around the data. Layering Examples: kustomize Data layering breaks down when configurations grow in complexity and scale. Template writers lack abstraction and type validation. For large scale projects, inheritance creates deep layers of abstractions. Semantics are locked into an opaque tool and not exposed as language features....

Feb 22, 2020 · 1 min · Milad Irannejad

GitOps?

TL;DR GitOps is an operation model for cloud-native applications running on Kubernetes (created by Weaveworks). To the most part, it is infrastructure-as-code with continuous integration and continuous delivery. The idea is having Git as the source of truth for all operations. A single Git repository describes the entire desired state of the system. Operational changes are made through pull requests. Changes can be peer-reviewed, versioned, released, rolled back, audited, etc. Diff tools detect any divergence and sync tools enable convergence....

Jul 14, 2019 · 2 min · Milad Irannejad

Service Meshes and SMI Demystified

TL;DR Microservices are about communicating through APIs! A service mesh defines the communication interface between microservices. In an orchestrated environment (Kubernetes), containers talk to each other on top of overlay networking. Service mesh is a central source of truth for controlling the information flow between microservices. Mesh enables both the scalability benefits of microservices as well as centralized advantages of monoliths. Service meshes come with built-in observability (logging, metrics, and tracing) for microservices communications....

Jun 10, 2019 · 2 min · Milad Irannejad