This article walks through building and pushing Docker images to Google Artifact Registry using GitHub Actions and Workload Identity Federation — without storing service account keys. It explains each step, from GCP setup to secure, keyless CI/CD.
Prometheus failed to scrape metrics due to missing RBAC permissions. This guide explains the symptoms, diagnosis, and fix using Role and RoleBinding, with YAML examples and logs for reference.
This article explores the challenges of deploying Calico in eBPF mode for Kubernetes, focusing on issues like the need for an external load balancer, VIP certificate configurations, and circular dependencies when the control plane fails. Solutions for these challenges are also discussed.
MetalLB (controller-only) with Calico BGP does not bind VIPs to any node interface, causing ARP failures. Services stay unreachable externally. Solution: locally bind VIPs, enable strictARP, and disable rp_filter to restore correct traffic flow.
This article examines how to build a self-hosted Kubernetes cluster on bare-metal infrastructure, focusing on networks, high availability, DNS, and storage. It targets academic infrastructure engineers managing clusters under 50 nodes, contrasting with managed cloud solutions.