Introduction This the beginning of a series explaining the Cilium CNI plugin. Part 1 will explain what Cilium is and how it works. Part 2 will discuss its implementation of the Gateway API. Finally, part 3 will talk about securing your cluster with network policies. What is Cilium? Cilium is a plugin that implements the Container Network Interface (CNI). Like every CNI plugin, it governs how traffic is managed in a Kubernetes cluster. Read more...

Running commands like crictl on rootless k3s can be a little tricky. The filepaths are a little different, due to everything not being in paths that would normally be associated with a root process. I ran into this discussion, which shed light on how it works. I’m not as familiar with linux namespaces and how they are operated on by container processes, so I don’t think I’d be able to do the concepts justice. Read more...

This is a post in a series of posts regarding my solutions to problems on leetcode. Consider this a braindump for my thought process as I solved a problem. In this post, I solved Trapping Rain Water. A water trap is two columns with at least 1 empty block between them. An empty block is a cell in a column whose height is below the maximum height of the trap. So, given columns: Read more...

Containers are great. You, for the most part, get to own your app’s config (in terms of dependencies and platform), while ops only needs to worry about making sure you have a VM (for docker) or a cluster (for k8s) ready. However, there are a few gotchas that you’ll probably run into in getting them to run. Note that this could vary depending on your infrastructure and platform. Don’t run as root Configs Initial configuration as root is fine: Read more...

I was studying for my AWS Solutions Architect exam and realized that I was pretty weak on some web concepts. I’ve been mostly working on internal automation/ETL tools and some enterprise web, so I haven’t had the chance to deal with large-scale web traffic. After reading a bit of RFC 1034, various articles, and tinkering with dig, I think I’ve gotten a hand of how DNS works. The gist of, say, looking up google. Read more...

Learned how to build a VPC with high availability, auto-scaling EC2 instances, and a bastion host for secure administration. On a high-level, you’d you want your architecture to look more or less like this: It’s a lot to go over, so we’ll cover each piece step by step. First, create a Virtual Private Cloud (VPC). AWS will create some default components to go along with it, but we’ll be ignoring those. Read more...

Virtual Private Cloud (VPC) is a pretty important topic for the AWS Solutions Architect cert. Here, I attempt to quickly summarize the different parts of a properly architected VPC. A typical system has web servers and database servers. Your web servers sit on the demilitarized zone (DMZ), while your database servers are protected in a private network. In a VPC, you’d create two subnets: a public one, and a private one. Read more...

Going through a course for my AWS Solutions Architect Associate cert. Learned about planning for fault-tolerance with EC2 instances. Apparently the trick is to think of the worst case failure. For example, say you have three availability zones (AZs), and three MUST have 100% availability. Think of the worst case failure, i.e. the AZ with the most number of EC2 instances fails. Then come up with a setup that has three instances running, despite the failure. Read more...

Overview When tasked with an R-based project, you might find yourself wanting to connect to an Oracle database. ROracle is one library you can use. This post is a guide on installing the library on CentOS 7. Oracle Instant Client First thing we need to do is install the right dependencies. Install the yum repo and gpg key for Oracle Instant Client: export ORACLE_INSTANT_CLIENT_VERSION=18.3 export ORACLE_YUM_URL=https://yum.oracle.com export ORACLE_HOME=/usr/lib/oracle/${ORACLE_INSTANT_CLIENT_VERSION}/client64 export ORACLE_YUM_REPO=public-yum-ol7.repo export ORACLE_YUM_GPG_KEY=RPM-GPG-KEY-oracle-ol7 rpm --import ${ORACLE_YUM_URL}/${ORACLE_YUM_GPG_KEY}; curl -o /etc/yum. Read more...

Working with Rscript without a strong statistics background can be a little daunting. Some of its functions seem to have pretty mysterious properties, and the documentation can be a challenge to grok without prior knowledge. One such function I’ve recently encountered is quantile. The wikipedia article defines quantiles as: cut points dividing the range of a probability distribution into continuous intervals with equal probabilities, or dividing the observations in a sample in the same way. Read more...