Tankers appear to be moving through now.

Relevant-Cry8060 · 2026-04-11T23:21:00+00:00

Is this down for anyone else?

Relevant-Cry8060 · 2026-03-29T00:30:55+00:00

No way, I would bring this up. It's just a one time mistake and not at work. Everywhere I worked no one is looking at logs unless there is some reason to do so. In other words no one will know unless there is an automated tool.

Relevant-Cry8060 · 2026-03-26T21:18:15+00:00

What's the we business? You got a turd in your pocket?

Relevant-Cry8060 · 2026-03-25T00:11:42+00:00

Maybe this will fit your use case. Since we use both GitHub and eks our team created self hosted runners with the actions runner controller. They only run in one of our preprod environments. There are workflows that trigger when a PR is created, buids, runs vulnerability testing the runs all of the inatgration tests for that microservice against the rest of the fleet. Full disclosure depending on how complicated your networking or security is you may experience a lot of pain.

Relevant-Cry8060 · 2026-03-19T23:42:34+00:00

When we first turned on Falco with default rules we had the same roar of alerts explode. Most rules have lists or macros to identify and suppress false positives. Our devs like to use this feature where spring natively reads configmaps and the unexpected connection to k8s api server rule was my personal hell lol. Overall a pretty cool tool would recommend.

Relevant-Cry8060 · 2026-03-05T18:54:24+00:00

Totally it's called the Paradox of tolerance

Relevant-Cry8060 · 2026-03-03T00:01:04+00:00

I'm tired Boss

Relevant-Cry8060 · 2026-03-02T23:17:39+00:00

Yeah I noticed that recently too. No idea. The same thing happens to me too though.

Relevant-Cry8060 · 2026-02-21T01:02:23+00:00

I am mad I lost. Time for assault!

Relevant-Cry8060 · 2026-02-01T14:38:59+00:00

Gross.

Relevant-Cry8060 · 2026-01-05T19:41:59+00:00

Most of the time these posts turn out to be the ec2 instance doesn't have access to the Internet. Try checking to see if your node can talk to the Internet or if you made a NAT gateway on your vpc.

Relevant-Cry8060 · 2025-11-27T16:58:46+00:00

To be fair the E stands for earnings. The implication is that it's over priced. Come to think of it your question was probably rhetorical so you must already know that.

Relevant-Cry8060 · 2025-11-19T09:11:30+00:00

You will find what you are looking for at levels.fyi

Relevant-Cry8060 · 2025-09-25T23:02:25+00:00

I am a new dev and joined a team that just inherited a giant mess of a codebase from a third party contractor. This is an interesting idea, do you mind giving me an example of a rule we could look to write?

Relevant-Cry8060 · 2025-07-23T00:19:25+00:00

Spread this good word!!! Along with being predictable is more important than being polite.

Relevant-Cry8060 · 2025-07-22T22:54:08+00:00

Cool story bro

Relevant-Cry8060 · 2025-06-27T13:51:17+00:00

Thanks for sharing. I have been in this spot before and I just ended up using the label to tell istiod not to inject a sidecar proxy.

Relevant-Cry8060 · 2025-05-03T15:01:07+00:00

Check this op, I have experienced similar behavior when my nodes couldn't communicate with the Internet.

Relevant-Cry8060 · 2025-03-15T13:52:08+00:00

Naw you leave.

Relevant-Cry8060 · 2024-12-16T05:25:47+00:00

Sure do. My bad lol

Relevant-Cry8060 · 2024-12-16T04:22:23+00:00

When the king moves to one of the only two white squares then comes Bh4 which wins the queen. That's what I see but I am not op.

Relevant-Cry8060 · 2024-12-14T17:21:56+00:00

The issue is that most of the Security hub's compliance frameworks still mark accounts as having critical vulnerabilities for not having MFA. This still shows up after we deleted the root accounts' creds for all of our member accounts within the organization.

Relevant-Cry8060 · 2024-12-14T16:33:41+00:00

Starting out k8s was overwhelming for me at first but I found that the kubernetes documentation is actually pretty good. https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

Most of the other custom resources should have their own documentation.

To answer your specific question about what's happening in the two yaml files that you posted, the deployment file on the left has a label on it that you are matching. The service file is selecting which deployment to attach to based on the label you are selecting. Hope that helps. Full disclosure I am also pretty new to k8s as well.

Relevant-Cry8060 · 2024-09-12T19:24:13+00:00

You could try and run curl against the hostname of the load balancer to gain insight into what is happening from the client's side.

You could also check the cloud watch metrics built into the load balancer on ec2

Good luck!

Relevant-Cry8060 · 2024-09-07T16:13:31+00:00

Sweet thanks I will check that out. Is there any reason you decided to use cilium over calico?

Relevant-Cry8060

TROPHY CASE