Containers
Build multi-architecture container images with OpenShift, Buildah and Tekton on AWS
In 2022, I wrote an article on this subject named Build multi-architecture container images with Kubernetes, Buildah, Tekton and Qemu . The article described the configuration I had set up for my personal projects. It even went beyond its initial purpose as it has also been used by several colleagues at Red Hat who had the same need. While the configuration described in this previous article is still relevant, the approach is somewhat dated. With the increasing availability of ARM servers in the Cloud, I revisited the topic of building multi-architecture container images using the AWS cloud. Continue reading
Build multi-architecture container images with Kubernetes, Buildah, Tekton and Qemu
ARM servers are becoming mainstream (Ampere Altra server, Raspberry Pi SoC, etc.) and people start using them with containers and Kubernetes. While official Docker Hub images are built for all major architectures, the situation is less clear for other Open Source projects. It is possible to acquire an ARM server and use it to build container images, but it puts an additional constraint on the Continuous Integration chain. This article explores another option: build ARM container images on a regular x86 server, using Kubernetes, Buildah, Tekton and Qemu. Continue reading
Deploy OpenShift Single Node in KVM
Starting with version 4.8, OpenShift can now officially be installed on a single virtual machine (instead of three). This effectively lowers the resources requirements and open up new possibilities for home labs or developer workstations. This article explores how to deploy OpenShift Single Node (SNO) using KVM on your Fedora workstation. Continue reading
Install Kubernetes operators in OpenShift using only the CLI
OpenShift 4 went all-in on Kubernetes operators: they are used for installation of the platform itself but also to install databases, middlewares, etc. There are more and more operators available on the Operator Hub. Most software now provide an operator and describe how to use it. Nevertheless, almost every software documentation I read so far, includes the steps to install the operator using the nice GUI of OpenShift 4. But since my OpenShift environments are provisioned by a playbook, I want to be able to install operators using the CLI only! Continue reading
Airgap OpenShift Installation: move the registry created using oc adm release mirror between environments
Some customers, especially large banks, have very tight security requirements. Most of them enforce a complete disconnection of their internal networks from the Internet. When installing OpenShift in such environments (this is named “disconnected” or “airgap” installation), all the OpenShift images have to be fetched (thanks to oc adm release mirror) in a dedicated registry from a bastion host that is both on the internal network and on the Internet. Continue reading
Deploying Miniflux on OpenShift
Miniflux is a minimalist, open source and opinionated RSS feed reader. There is a hosted instance available at a fair price point but wouldn’t it be cooler to host your own instance on your OpenShift cluster? Let’s do it! Continue reading
Deploying Invidious on OpenShift
Invidious is an alternative frontend to YouTube that is slimmer, faster and at the same time offer more features than YouTube itself. And even more important: it’s Open Source! There is a hosted instance at invidio.us if you want to give it a try. But, wouldn’t it be cooler to host your own instance on your OpenShift cluster? Let’s do it! Continue reading
Running Red Hat SSO outside of OpenShift
In an article named Red Hat Single Sign-On: Give it a try for no cost!, I explained how to deploy Red Hat SSO very easily in any OpenShift cluster. As pointed by a reader in a comment, as widespread OpenShift can be, not everyone has access to a running OpenShift cluster. So, here is how to run Red Hat SSO outside of OpenShift: using only plain Docker commands. Continue reading
One-liner to decode a Kubernetes secret (base64 encoded)
Creating a Kubernetes secret from a value is easy: $ oc create secret generic my-secret --from-literal=secretValue=super-secret secret/my-secret created But getting back this value (from a Shell script, for instance) is not so easy since it is now base64 encoded: $ oc get secret my-secret -o yaml apiVersion: v1 kind: Secret metadata: name: my-secret namespace: qlkube type: Opaque data: secretValue: c3VwZXItc2VjcmV0 Hopefully, since the latest versions of Kubernetes, there is now a one-liner to extract the field and base64 decode it: Continue reading