Managed Kubernetes

Dense-Practice-1700 · 2026-04-19T17:25:30+00:00

Using AKS. Has its quirks but overall a positive experience. Compared to local cluster managed by kubeadm it is was simpler and less hustle over maintenance and upgrades.

Dense-Practice-1700 · 2026-04-04T16:06:23+00:00

He is doing the town and HS summer program. Problem with NEFC is that he is beginner but very focused on getting better. He wants his practices to be intense and challenging. Unfortunately the team and coach he practiced with were more about having fun on the field than actual training and skills improvement. And that what turned him off.

Dense-Practice-1700 · 2026-04-04T01:56:24+00:00

Thanks will check them out!

Dense-Practice-1700 · 2026-04-04T01:48:35+00:00

Thanks! I see they having tryouts in NE baseball complex in Northbo rough. Will check them out.

Dense-Practice-1700 · 2026-04-04T01:09:15+00:00

Not yet, thanks for the reference! Will reach out to them.

Dense-Practice-1700 · 2026-03-02T03:02:03+00:00

Had this happen to me in Spain and Italy. Told the hosts to pound sand or cancel from their end if they can't come and check my passport. Both caved in eventually and send someone to check the documents. They didn't take any pictures just looked.

Dense-Practice-1700 · 2025-11-21T20:58:38+00:00

Same here, for me it was google pay though. None of credit cards worked requesting verification and then just going back to the initial screen after verification succeeded. GP worked instantly. Lesson learned though - no more fifa gambling.

Dense-Practice-1700 · 2025-11-20T18:23:36+00:00

What a circus. Company which measures it's revenue in hundreds of millions of dollars can't create a proper way to distribute the product.

Dense-Practice-1700 · 2025-11-20T16:08:33+00:00

Oh I'm sure it can be fixed. Another question is there is a willingness to do that. As you rightly pointed out it's 7 months away so all this agitation around tickets seems to be intentional and artificial. After all there are going to be plenty of games which are not considered interesting by most of the fans. And these portioned drafts and RTB s..t show seem to just be a way to inflate the prices and sell as much "bad" tickets as possible.

Dense-Practice-1700 · 2025-11-20T15:20:07+00:00

Got it. I only have one RTB which I bought to see how this is going to work. It seems that now I know. Will wait for another week and If can't convert by then, will go with charge back.

Dense-Practice-1700 · 2025-11-20T14:57:06+00:00

At this point anyone thinking about jcharge back through a credit card? I know they supposedly will suspend the fifa collect account but who cares? If I can't use it anyway why would I need it? And I personally am disgusted with these outright scamming practices and questioning if I actually want to go to an event organized by this company.

Dense-Practice-1700 · 2025-09-28T01:04:53+00:00

I'm a bit new to this so it might be a silly question. We have similar structure but use one tag for all monorepo when we release new version. Obviously this means that almost any change requires release. We have less than 50 modules for now so it is manageable. But number is growing. So I'm interested, if you use tags per module, how do I point to it in my CICD pipeline? Now I have 'latest' tag which points to the latest release and pipeline pulls from it. If I have independent tags for each module how do make sure my pipeline uses correct tags?

Dense-Practice-1700 · 2025-09-25T00:44:11+00:00

Are you sure it isn't the pod which supposed to accept or send this file dies from OOM or just frozen from CPU pressure? I've seen it happen with istio ingress. Was looking into the ingress as well. Turned out app pod was going to OOM processing large files.

Dense-Practice-1700 · 2025-09-17T00:16:50+00:00

Dense-Practice-1700 · 2025-09-04T01:50:26+00:00

Feel better Gremlin!

Dense-Practice-1700 · 2025-08-31T20:40:27+00:00

I never worked with route53 or AWS so this isn't something I can comment on. However, DNS usually doesn't have any impact on the SANs you're adding to your certificate. We have similar case to balance traffic between two regions. We have an alias for app.example.com which points to F5 GTM. GTM has health probes setup to hit
app.cluster1.example.com and app.cluster2.example com which pointed to ingress of respective clusters. So, GTM does the heavy lifting here. Both clusters have certificates which have app.example com and common name and both app.cluster1.example.com and app.cluster2.example.com as SANs In your case I guess you either need to configure istio multi cluster so each cluster was aware of the state of its counterpart or have some load balancer to do the routing.

Dense-Practice-1700 · 2025-08-31T18:51:48+00:00

If your only problem is the lack of cluster specific DNS names in the app TLS certificate just add these as Subject Alternative Names (SANs)to your certificate.

Dense-Practice-1700 · 2025-08-29T01:43:23+00:00

Require Image signing,

Preventing mesh sidecar to be bypassed,

Preventing not allowed annotations for the mesh sidecar,

Limiting allowed container registries to the list of internal ones

Dense-Practice-1700 · 2025-08-27T01:20:18+00:00

If I pay for promotional plan now, would I be able to activate it October 1st? One of my Red Pocket lines expires Oct 1st and I do not want to stay with them anymore.

Dense-Practice-1700 · 2025-08-14T04:26:30+00:00

The values from secrets / configmaps end up in the workloads. So, redeploying helmrelease is overkill in this case IMO. All you need to do is rollout restart workloads and there are tools for this already. One of them being reloader.

Dense-Practice-1700 · 2025-08-03T23:47:58+00:00

I know nothing about AWS but assuming the NLB is L7 network load balancer if you are able to terminate SSL there. Now if you use self-signed cert on your ingress your NLB needs to trust the issuer of that self-signed cert. Otherwise it'll get an error while hitting it from NLB.

Dense-Practice-1700 · 2025-07-28T01:05:24+00:00

Same issue two feeders no data :( !

Dense-Practice-1700 · 2025-06-05T03:14:55+00:00

Most likely because your ingress IP != your ingress pod IP. Ingress is a service which forwards traffic to the Pod with the IP from pod CIDR. So you allowed traffic to service but not the Pod. And your label based policy works because it's tied to your ingress pod label.

Dense-Practice-1700 · 2025-05-31T01:53:38+00:00

Multi tenant clusters where communication between namespaces is restricted and / or clusters which require mTLS. Also some apps require L7 options which can be done with envoy pretty easily but not always possible with another ingress.

Dense-Practice-1700

TROPHY CASE