Operations | Monitoring | ITSM | DevOps | Cloud

Have you heard? Docker Hub now limits usage by free anonymous and credentialed accounts. After the number of pulls from an IP address exceeds a fixed threshold within a six hour period (100 for anonymous, 200 for credentialed), Docker Hub throttles bandwidth. You’ll still get your Docker images, but at a much slower speed. You can read our earlier blog post to learn more about the Docker Hub policy changes.

While developing Docker images for Icinga 2, Icinga Web 2 and Icinga DB we stumbled over OpenShift which doesn’t allow images to run as root by default. One has to enable that explicitly. Also admins of K8s environments being more permissive by default may decide not to allow running as the superuser. So we’ve added a USER directive to our Dockerfiles to make our customers‘ compliance departments happy.

The conversation usually starts with a question like “should we let ArgoCD/Flux/whatever synchronize the actual state automatically whenever the desired state changes in Git?” Truth be told, the question is usually not that elaborated, and it is more like “should I enable the auto-sync feature?” But, I wanted to save you from follow-up questions that help me better understand what that means, so I gave you a more extended and more precise version of the inquiry.

Today, most organizations, large or small, are hosting their SaaS application on the cloud using multi-tenant architecture. There are multiple reasons for this, but the most simple and straightforward reasons are cost and scalability. In a multi-tenant architecture, one instance of a software application is shared by multiple tenants (clients).

Managing dependencies across multiple repositories and implementing updates to multiple repositories at the same time can be a time consuming and error-prone task. Thus, organizations have taken the approach of managing multiple projects in the same repository, called a Monorepo. The benefits of using a Monorepo become clear with the right tooling. One of those tools is Lerna, which can be used to manage Node-based Monorepos.

The most common problems and outages in a Kubernetes cluster come from coreDNS, so learning how to monitor coreDNS is crucial. Imagine that your frontend application suddenly goes down. After some time investigating, you discover it’s not resolving the backend endpoint because the DNS keeps returning 500 error codes. The sooner you can get to this conclusion, the faster you can recover your application.

In this post, we will outline a reference architecture for setting up K3s in a High Availability (HA) configuration. This means that your K3s cluster can tolerate a failure and remain up and running and serving traffic to your users. Your applications should also be built and configured for high availability, but that is beyond the scope of this tutorial. K3s is a lightweight certified Kubernetes distribution developed at Rancher Labs that built is for IoT and edge computing.