Posts

Context I had the need to allow Power BI to connect to a PostgreSQL database running in Kubernetes, fronted by Traefik using a TCP entrypoint. At first, I hoped to terminate TLS at Traefik, the same way you’d do for HTTPS traffic. But this turned out not to be possible with standard PostgreSQL clients (psql, libpq, psycopg, etc.). Here’s why. Why This Happens Unlike HTTPS, PostgreSQL does not start a TLS handshake immediately. Instead, a libpq/psql client first sends a special SSLRequest packet: ...

Vim extension in Cursor, Zed, or VS Code on macOS — arrow keys and held hjkl don’t repeat. macOS disables key repeat for some Electron apps by default. Fix: disable ApplePressAndHoldEnabled for the app (keeps accent popup off, enables key repeat). Get the app’s bundle ID: osascript -e 'id of app "Cursor"' # or "Zed" or "Visual Studio Code" Enable key repeat for that app: defaults write <BUNDLE_ID> ApplePressAndHoldEnabled -bool false Examples: ...

🧭 Why Build a Homelab? I recently completed the first phase of my cloud-native homelab — a Kubernetes cluster on AWS built from scratch with kubeadm, provisioned using Terraform, Packer, Ansible, and Cilium. This wasn’t just for fun (though it was). I designed this homelab as: A hands-on way to prepare for the CKA certification A platform to host real-world workloads later A personal sandbox to understand what’s happening under the hood, not just run kubectl apply ...

When you’re setting up a Kubernetes cluster using kubeadm, one of the first questions is: “How do I automate the init/join logic without hardcoding IPs or manually copying tokens?” In my AWS-based Kubernetes homelab, I wanted a fully automated, reproducible setup — including both control plane and worker nodes joining the cluster automatically as soon as they boot. This blog explains how I accomplished that using: EC2 instance tags and metadata ...

🛠️ How Rosetta Broke My Terraform Setup (and How I Fixed It on Apple Silicon) Everything was working fine — until it wasn’t. While setting up a Kubernetes homelab using Terraform inside a devbox environment on my M1 Mac (macOS 15.5, Apple Silicon), I started hitting this dreaded error: Error: Failed to load plugin schemas Error while loading schemas for plugin components: Failed to obtain provider schema: Could not load the schema for provider registry.terraform.io/hashicorp/aws: failed to instantiate provider "registry.terraform.io/hashicorp/aws" to obtain schema: timeout while waiting for plugin to start.. Re-running terraform validate or terraform plan produced the same issue, even though terraform init was succeeding. ...

Managing sensitive information in a Git repository can be challenging, but tools like git-crypt make it easier by encrypting specific files. When adding a new contributor to such a repository, the admin needs to ensure they have the necessary access to decrypt and work with these sensitive values. This tutorial aims to provide a detailed, step-by-step guide to help admins manage contributors effectively, as the official git-crypt repository provides only basic setup instructions. ...

Remove execution permission to “others” on every regular files inside a directory find directory_name -type f -exec chmod a-x {} ';' # Avoid using 'chmod -R' as the execution permission is interpreted differently on a directory compared to a regular file. Edit your cron configuration file crontab -e # Always use -e and not crontab file_name # Also do NOT edit it directly in /var/spool/cron/<user> Write errors to the filesystem playbook Determine which filesystem (FS) is full and which file is filling it up 1. `df -h` to look for FS that's 100% or more (possible) full 2. `du -h XX | sort -h` on the identified FS to determine which directory is using the most space. Rinse & repeat command until all the large files are discovered 3. Try `fuser` or `lsof` in case you cant determine which process is using a file Note: `df` & `du` can have disparity in the space reported Write useful shell scripts error messages * Error messages in STDERR * Include name of the program that's issuing the error * State what function / operation failed * If a system call fails, include the perror string * Exit with some code other than 0 Write shell script steps 1. Develop the script as a pipeline, 1 step at a time, on the command line. Use bash. 2. Send output to stdout and check to be sure it looks right 3. At each step, use the shell's command history to recall pipelines and tweak them 4. Once the output is correct, execute the actual commands and verify they worked 5. Use `fc` to capture your work Ex: `find . -type f -name '*.log' | grep -v .do-not-touch | while read fname; do echo mv $fname `echo $fname | sed s/.log/.LOG/`; done | sh -x` Save systemd journal between reboots ...

Cloud Development Kit for Terraform (CDKTF) is a framework that allows you to use familiar programming languages to define and provision infrastructure using Terraform. CDKTF supports multiple languages, including Python, which is a popular choice for DevOps engineers. Unfortunately, there is currently no official Docker image for it. Using a Dockerfile, you can ensure that your CDKTF application has all the dependencies and configurations needed to run smoothly and consistently. In this blog post, I will show you the Dockerfile I built for my project that uses CDKTF with Python to create a Kubernetes cluster. ...

Create on-demand environments dynamically triggered by a CI/CD pipeline, so teams don’t have to wait weeks. Automate your deployments as much as possible, so any developers can autonomously deploy when needed. Automate your tests and add them to the CI pipeline, so teams can process deployments safely. Design loosely coupled architecture, so developer’s changes are deployed in smaller chunks more frequently with confidence. Those strategies allow teams to improve the delay between the time the customer creates a ticket and its completion.

What Will We Cover Build an OS image for AWS with a Jenkins ready to use Provision an EC2 instance to host the Jenkins server See all the code for this article here: https://github.com/hoaraujerome/devops_cicd Using Packer with Ansible to build an AMI image Packer tool is responsible for creating the OS image, while Ansible is responsible for installing everything we need on this image. The final version of the image has Jenkins (with “GIT”, “Pipeline”, and “Pipeline: AWS Steps” plugins), Docker, AWS CLI, Terraform, and Java installed for running Jenkins pipelines hosted on GitHub. ...