4340 links
  • Arnaud's links
  • Home
  • Login
  • RSS Feed
  • ATOM Feed
  • Tag cloud
  • Picture wall
  • Daily
Links per page: 20 50 100
◄Older
page 1 / 217
  • Annotations - AWS Load Balancer Controller
    • https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group#health_check

    Condensed annotations doc

    
    # INGRESS GROUP
    
    alb.ingress.kubernetes.io/group.name: my-group
    # [-1000,1000] default 0, not sure who has priority: bigger or smaller?
    alb.ingress.kubernetes.io/group.order:
    
    # TRAFFIC LISTENING
    
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
    #Once defined on a single Ingress, it impacts every Ingress within IngressGroup.
    alb.ingress.kubernetes.io/ssl-redirect: '443'
    
    # TAFFIC ROUTING
    
    alb.ingress.kubernetes.io/load-balancer-name: custom-name
    alb.ingress.kubernetes.io/target-type: ip
    
    # protocol to reach backend HTTP, HTTPS
    alb.ingress.kubernetes.io/backend-protocol: HTTP
    
    # protocol version to reach backend : HTTP1 (default) or GRPC or HTTP2
    alb.ingress.kubernetes.io/backend-protocol-version: HTTP1
    # can use subnetName tag!
    alb.ingress.kubernetes.io/subnets: subnet-name-a, subnet-name-b, subnet-name-c
    
    # ACCESS CONTROL
    
    # internal or internet-facing
    alb.ingress.kubernetes.io/scheme: internal
    
    # When this annotation is not present, the controller will automatically create one security group
    # we can use sg name!
    alb.ingress.kubernetes.io/security-groups: nameOfSg1, nameOfSg2
    
    # AUTHENTICATION (oidc)
    alb.ingress.kubernetes.io/auth-type: oidc
    alb.ingress.kubernetes.io/auth-idp-oidc: '{"issuer":"https://example.com","authorizationEndpoint":"https://authorization.example.com","tokenEndpoint":"https://token.example.com","userInfoEndpoint":"https://userinfo.example.com","secretName":"my-k8s-secret"}'
    alb.ingress.kubernetes.io/auth-on-unauthenticated-request: authenticate
    alb.ingress.kubernetes.io/auth-session-timeout: '86400'
    alb.ingress.kubernetes.io/auth-session-cookie: auth-service-a
    
    # HEALTH CHECK
    
    alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
    alb.ingress.kubernetes.io/healthcheck-path: /ping
    
    # The range is 5-300. Default to 30
    alb.ingress.kubernetes.io/healthcheck-interval-seconds: 5
    
    # The range is 2–120 seconds, default to 6
    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: 2
    
    #  The range is 2-10. Defaults to 3.
    alb.ingress.kubernetes.io/healthy-threshold-count: 2
    
    # The range is 2-10. Defaults to 3.
    alb.ingress.kubernetes.io/unhealthy-threshold-count: 2
    
    # TLS
    # can be discovered automatically see https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.13/guide/ingress/cert_discovery/
    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:xxxxx:certificate/xxxxxxx
    
    # CUSTOM
    
    # enable access log to s3
    alb.ingress.kubernetes.io/load-balancer-attributes: access_logs.s3.enabled=true,access_logs.s3.bucket=my-access-log-bucket,access_logs.s3.prefix=my-app
    
    # enable http2 support
    alb.ingress.kubernetes.io/load-balancer-attributes: routing.http2.enabled=true
    

    Main Ingress example

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: shared-ingress-a
      namespace: default
      annotations:
        # Ingress group
        alb.ingress.kubernetes.io/group.name: shared-ingress-a
        # Traffic Listening
        alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
        alb.ingress.kubernetes.io/ssl-redirect: '443'
        # Traffic routing
        alb.ingress.kubernetes.io/load-balancer-name: shared-ingress-a
        alb.ingress.kubernetes.io/target-type: ip
        alb.ingress.kubernetes.io/subnets: subnet-name-a, subnet-name-b, subnet-name-c
        # Access control
        alb.ingress.kubernetes.io/scheme: internal
        alb.ingress.kubernetes.io/security-groups: nameOfSg1, nameOfSg2
        # Health check
        alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
        alb.ingress.kubernetes.io/healthcheck-path: /ping
        alb.ingress.kubernetes.io/healthcheck-interval-seconds: 5
        alb.ingress.kubernetes.io/healthcheck-timeout-seconds: 2
        alb.ingress.kubernetes.io/healthy-threshold-count: 2
        alb.ingress.kubernetes.io/unhealthy-threshold-count: 2
        # TLS => should be autodiscovered
        alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:xxxxx:certificate/xxxxxxx
    
    spec:
      ingressClassName: alb

    Child Ingress example

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: my-service-a
      namespace: my-service-a
      annotations:
        alb.ingress.kubernetes.io/group.name: shared-ingress-a
        alb.ingress.kubernetes.io/group.order: 
    spec:
      ingressClassName: alb
      rules:
        - host: my-service-a.example.com
          http:
            paths:
              - path: /*
                pathType: ImplementationSpecific
                backend:
                  service:
                    name: "my-service-a"
                    port:
                      number: 80
    6 septembre 2025 à 09:38:13 UTC+2 * - permalink - archive.org - https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.13/guide/ingress/annotations/#health-check
    alb ingress
  • Troubleshooting | Karpenter
    27 août 2025 à 13:24:24 UTC+2 * - permalink - archive.org - https://karpenter.sh/docs/troubleshooting/#maxpods-is-greater-than-the-nodes-supported-pod-density
    karpenter maxPods
  • Assign more IP addresses to Amazon EKS nodes with prefixes - Amazon EKS
    27 août 2025 à 13:23:59 UTC+2 * - permalink - archive.org - https://docs.aws.amazon.com/eks/latest/userguide/cni-increase-ip-addresses.html
    aws cni prefix
  • thumbnail
    Crossplane project on LinkedIn: KubeCon Europe 2024: Watch these 8+ Crossplane-y talks
    22 avril 2024 à 21:21:06 UTC+2 * - permalink - archive.org - https://www.linkedin.com/posts/crossplane_kubecon-europe-2024-watch-these-8-crossplane-y-activity-7188201362034233349-i3d7
    crossplane k8s
  • thumbnail
    aws/amazon-ec2-spot-interrupter: The ec2-spot-interrupter is a simple CLI tool that triggers Amazon EC2 Spot Interruption Notifications and Rebalance Recommendations.
    14 avril 2024 à 11:42:33 UTC+2 - permalink - archive.org - https://github.com/aws/amazon-ec2-spot-interrupter
    aws ec2 karpenter spot tools
  • Principles behind the Agile Manifesto
    17 février 2024 à 22:51:13 UTC+1 - permalink - archive.org - https://agilemanifesto.org/principles.html
    agile manifest
  • thumbnail
    (16) How To Create A Management Kubernetes Cluster For Crossplane - YouTube
    15 février 2024 à 21:32:11 UTC+1 - permalink - archive.org - https://www.youtube.com/watch?v=IlaYGgyg06o
    crossplane egg
  • thumbnail
    (16) How To Shift Left Infrastructure Management Using Crossplane Compositions - YouTube
    15 février 2024 à 19:46:07 UTC+1 - permalink - archive.org - https://www.youtube.com/watch?v=AtbS1u2j7po&t=0s
    crossplane
  • thumbnail
    (10) Les tests de personnalité sont-ils bullshit ? Réponse avec Albert Moukheiber - YouTube

    :)

    12 février 2024 à 20:59:57 UTC+1 - permalink - archive.org - https://www.youtube.com/watch?v=hu68GXP6vZE&list=WL&index=2
    personnalite test
  • Pushover: Pricing

    To replace pushbullet on iphone

    12 février 2024 à 18:33:47 UTC+1 - permalink - archive.org - https://pushover.net/pricing
    ios notification
  • thumbnail
    Bucket - ACK
    12 février 2024 à 13:43:05 UTC+1 - permalink - archive.org - https://aws-controllers-k8s.github.io/community/reference/s3/v1alpha1/bucket/
    ack aws s3
  • Bucket - upbound/provider-aws-s3@v1.0.0
    12 février 2024 à 13:39:11 UTC+1 - permalink - archive.org - https://marketplace.upbound.io/providers/upbound/provider-aws-s3/v1.0.0/resources/s3.aws.upbound.io/Bucket/v1beta1#doc:spec-forProvider-forceDestroy
    crossplane s3
  • thumbnail
    GitHub - neatnik/calendar: A simple printable calendar with the full year on a single page
    11 février 2024 à 14:48:28 UTC+1 - permalink - archive.org - https://github.com/neatnik/calendar
    calendar
  • Using RDS Data API - Amazon Aurora
    8 février 2024 à 16:34:24 UTC+1 - permalink - archive.org - https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html
    aurora rds
  • Predefined SSL security policies for Classic Load Balancers - Elastic Load Balancing
    7 février 2024 à 11:34:41 UTC+1 - permalink - archive.org - https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html
    aws policy ssl
  • thumbnail
    robusta-dev/krr: Prometheus-based Kubernetes Resource Recommendations
    7 février 2024 à 10:29:32 UTC+1 - permalink - archive.org - https://github.com/robusta-dev/krr?tab=readme-ov-file#usage
    cpu k8s memory report
  • Working with presigned URLs - Amazon Simple Storage Service

    If you created a presigned URL by using a temporary token, then the URL expires when the token expires, even if you created the URL with a later expiration time. For more information about how the credentials you use affect the expiration time, see Who can create a presigned URL.

    So you have to use regular IAM user instead of IAM role for service generating presigned urls..? :-/

    12 août 2023 à 10:53:10 UTC+2 - permalink - archive.org - https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-presigned-url.html#who-presigned-url
    aws iam presigned s3
  • thumbnail
    Network Load Balancer now supports security groups

    Finally!

    12 août 2023 à 10:51:38 UTC+2 - permalink - archive.org - https://aws.amazon.com/fr/about-aws/whats-new/2023/08/network-load-balancer-supports-security-groups/
    aws nlb
  • thumbnail
    go-survey/survey: A golang library for building interactive and accessible prompts with full support for windows and posix terminals.

    multiplie choice
    multiline input

    5 juin 2023 à 17:33:06 UTC+2 * - permalink - archive.org - https://github.com/go-survey/survey
    cli go lib
  • thumbnail
    GitHub - derailed/popeye: 👀 A Kubernetes cluster resource sanitizer
    16 mai 2023 à 08:58:41 UTC+2 - permalink - archive.org - https://github.com/derailed/popeye
    audit k8s
Links per page: 20 50 100
◄Older
page 1 / 217
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Help/documentation