**Writing about things I find interesting** _Tim Matthews - firstname.lastname@example.org_ No matter how many times I've said to myself - I will definitely remember this - then fail to write it down and forget it when I need it, I still make the mistake. So, I'm using this place to share things I discover and don't want to forget, or find interesting and want to dig in to. Hopefully somebody else will share the interest but either way, there's no better way to properly understand something than by writing it out until it makes sense. [Implementing TLS certs in metrics-server](k8s-certs-metrics/api-extensions-in-k8s-and-metrics-server.md.html): A while ago I wanted to install metrics-server in my test cluster and remembered that by default it doesn't use TLS. Quick research (I googled it) showed that a lot of people had problems configuring it so I thought I'd have a look at what needed to be done and write about it. The article is an analysis of the problems and an implementation of the solution and isn't specific to metrics. If you want to add end-to-end TLS auth in Kubernetes, it shows you how. [Self-hosting Drone CI on Kubernetes](drone-ci/drone-k8s.md.html): A little less successful than the TLS project. I wanted to setup a CI/CD pipeline that would build and deploy from my github to my internal cluster. I chose Drone for a few reasons, but on the way I realised self-hosted appears to be passively deprecated, probably as a result of the buyout. This project stops at the stage where I would add a k8s runner because it seemed pointless to continue with a dead tool. [kubectl in a container](kubectl-in-container/kubectl-in-container.md.html): I am revisiting CI/CD and wanted to build a container image that can deploy to my k8s cluster. Instead of using one of the many existing, I wanted to build my own and write about the process. I create a container that dynamically builds its kubeconfig file from a runtime serviceaccount token. [Hosting kibble.cloud on AWS using Terraform & IaC](kibble-on-aws/kibble-on-aws.md.html): This site currently runs on a DL380-G5 I've had in colo for many, many, many years. Unfortunately the RAID controller battery cache has EOLed itself, so disk throughput has dived. There isn't much running on here now so it's not a _huge_ problem, but it's not ideal. I've been learning Terraform for a while so switching to AWS seems like a good project. [Part one, writing Terraform to build the infrastructure](kibble-on-aws/kibble-on-aws-terraform.md.html) ~~Useful pod debugging tips: Every so often I'd wish I could get a shell inside a running Pod to poke at something but be stuck because there wasn't a minimal OS install inside. Before ephemeral containers were a thing I figured out some useful ways to get a bit better insight without going to the trouble of rebuilding the container.~~ Coming soon - it needs a bit more polishing.