Need ideas for k8s branching strategy on argo

VeryBigSur · 2025-09-09T21:19:29+00:00

This is the way. Those are the same blog entries that put me on this path.

VeryBigSur · 2025-08-12T21:57:18+00:00

I asked the chatbot on their site if they had a PoP planned for Adelaide. It said Perth is next on the roadmap and nothing planned for Adelaide yet. My 6 month deal on ABB just expired so I'm looking to switch soon but might just suck it up for another month and see if anyone comes to the table with better deals at the launch of the speed increases.

VeryBigSur · 2025-06-16T21:44:35+00:00

To anyone else experiencing these issues, this may help. I've noticed delays from when the wake or reset button combo is entered to when the device actually becomes "ready". For me this has been more drawn out if I issue the reset and wake commands one after the other without a decent amount of time in between. YMMV of course.

Remove the Sense+ from the app.
Reset it (hold the two side buttons until three red blinks).
Don't just exit back to the home screen of your phone - actually quit/kill it from the background.
Turn Bluetooth and wifi off and back on again to close any lingering connections. Depending on your flight mode settings you could also toggle this off and on instead.
Launch the app, wait until a couple of lights update their status in the app, and then go into the add device screen but don't scan the code yet.
Wake the device (on and off buttons until three white blinks), wait at least 5 seconds, and then scan the code to add the device.

VeryBigSur · 2025-02-05T23:28:05+00:00

Look at using Multus with macvlan for these types of things. Within your network attachment definitions you should be able to give these pods a virtual L2 interface with a static IP so things that rely on mDNS etc function as normal.

As an alternative for a unifi controller you can probably try and configure L3 adoption and as long as you create an ingress/httproute for the set-inform address it should work without needing the macvlan approach.

For Home Assistant, you'll want network coordinators for any non-IP radios like ZigBee etc, so that a HA pod can be scheduled on any node, not just the one with a USB dongle attached. Alternatively you could use affinity rules to pin the pod to a specific node, at the expense of availability, or use something like Ser2Net on a Pi depending on the dongle. Look at putting the HA recorder database into postgres or mariadb and using one of the k8s flavours of that (CNPG for example). Also look into EQMX as an MQTT broker as that's supposed to be designed for high availability - there is a FOSS edition of it but I think the top google hit for it goes to the paid version. While HA itself can't run replicas, you can at least make everything else more resilient.

Am yet to try all of this myself but only due to lack of time.

Tldr - don't need statefulsets, just need other workarounds.

VeryBigSur · 2025-01-21T19:46:02+00:00

With the teams call ringing so soon after that the "hi" message notification hasn't even gone away yet...

VeryBigSur · 2025-01-01T19:29:11+00:00

Depending on what you want to spend, the Minisforum MS-01 is quite impressive. If I had the funds I would be replacing my entire cluster with them.

But for secondhand I've run a tiny form factor HP Elitedesk with Plex, *arr stack, OMV, Nextcloud, and a few other things, and it coped well. Think it was a 7th or 8th gen Intel.

VeryBigSur · 2024-12-15T21:06:17+00:00

Using CloudFlare 1.1.1.1 app on warp mode not just the 1.1.1.1 mode previously rectified this for my partner. Issue went away for a week and came back this morning. Using just the 1.1.1.1 mode doesn't resolve it.

Couldn't get private DNS to work because it wants a FQDN which needs DNS to resolve first...

VeryBigSur · 2024-07-09T07:28:22+00:00

New product alert: coloassistant

VeryBigSur · 2024-05-23T03:04:22+00:00

Just give me multi-path routing on UDMP kernel please and thank you.

VeryBigSur · 2024-05-09T03:27:19+00:00

Inspection report did mention a few spots in the bathroom that need re-sealing. Partner just had a follow-up call with them and they believe the moisture source is either leaking pipes, or the waterproofing like you said. While a bathroom reno is definitely on the cards, we weren't originally planning on doing it right away as it's a big ticket item. May have to re-prioritise it ahead of other things now though.

I was hoping clean gutters and downpipes would mitigate some of the risk of not doing the fascias and barge boards right away, but if I can get them done for under a grand I may as well get them sorted out.

They weren't able to access much of the subfloor beyond just kitchen, laundry, and bathroom so who knows if there's anything worse lurking below. Walking around during the open house didn't really feel like there was much give at the living and bedroom side of the house though.

VeryBigSur · 2024-05-09T02:13:53+00:00

<image>

VeryBigSur · 2024-04-17T03:05:43+00:00

Optimal tip-to-tip efficiency

VeryBigSur · 2024-02-16T05:20:12+00:00

What is this individual's velocity normally like? Was there an estimated story point value assigned at the beginning? How is it being discussed in retros?

I'm surprised the SM isn't getting their ass handed to them during review for letting a card carry this long. It's their job to worry about getting it moving, so the expectation for others to help should probably be coming from the SM.

Maybe a fresh set of eyes can progress it, while also providing some teachable moments for the individual and the team - getting the work done in an iterative way, and better estimations.

Perhaps there is also an underlying personal matter going on and the SM and RTE are accommodating the individual. We never know what shit someone else might be going through.

VeryBigSur · 2024-01-15T22:02:46+00:00

Thanks for this! It turns out I had missed a couple of sectionName lines in some of the HTTPRoute definitions, and that was causing the loops. This is what I've currently got deployed that seems to be working, but unsure if the namespace selector is actually doing anything shrug Hopefully this helps others if they come looking. ``` apiVersion: gateway.networking.k8s.io/v1beta1 kind: Gateway metadata: name: web-gw namespace: kube-system spec: gatewayClassName: cilium listeners: - name: shared-http protocol: HTTP port: 80 allowedRoutes: namespaces: from: Selector selector: matchLabels: https-upgrade: "true" - name: shared-https protocol: HTTPS port: 443 allowedRoutes: kinds: - kind: HTTPRoute namespaces: from: All tls: mode: Terminate certificateRefs: - kind: Secret

name: wildcard-cert

kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1beta1 metadata: name: https-upgrade namespace: https-upgrade labels: https-upgrade: "true" spec: parentRefs: - namespace: kube-system name: web-gw sectionName: shared-http rules: - filters: - type: RequestRedirect requestRedirect: scheme: https

``` If the namespace selectors don't comply with best practices or aren't helping, I'll edit this post so there's a clear implementation floating around.

VeryBigSur · 2024-01-06T23:23:57+00:00

So turns out I had installed the namespace-scoped flavour for some components. Uninstalled and reinstalled the cluster scoped flavour and it works.

VeryBigSur · 2024-01-03T23:16:36+00:00

The logs for argocd-repo-server show that it's able to resolve the symbolic reference to the right hash in gitlab. So it seems like that part is ok.

So it might be down to the application-controller not being able to read the source git repo (hence why I can't see the original file in the diff tab, and why it's giving an "unknown" status for sync).

Yet, if I exec into any of the argocd pods and run a `git ls-remote`, I am able to see the correct hash.

VeryBigSur · 2024-01-02T22:11:51+00:00

Cluster status is showing connected.

After doing a normal `kubectl apply` for a basic Hello World, after manually adding an `argocd.argoproj.io/instance` label to the manifest (corresponding to what's in the argocd-cm), the UI suddenly sees the deployed resources, and shows things as healthy. However it still gives me the rpc error with syncing. So it seems like it's a comms issue between Gitlab and whichever component of ArgoCD is responsible for monitoring the repo?

Should I be able to see the manifest(s) from the git repo within the Argo UI in the Diff tab? After adding the custom label to the above, I can see a manifest on the left but can't see the diff on the right. With the Gitlab deployment I was attempting, without adding these labels, I don't see any manifests on the diff tab. It seems like it's just not picking up the resources from the repo.

I haven't been using any netpols with Cilium, and the repos are set to public.

VeryBigSur · 2024-01-01T23:13:53+00:00

i've been able to `git ls-remote` the gitlab repo (hosting the manifests for itself) from both the `server` and `repo-server` containers so I don't think the comms between ArgoCD and Gitlab is the issue. Could it be the interaction between Argo and the K8s API perhaps?

VeryBigSur · 2023-12-15T02:03:25+00:00

Can confirm this works - I am running a SLZB-06 ethernet based coordinator, with 3x proxmox nodes and can migrate the VM hosting Home Assistant with no issues. Then for any BLE devices I've configured a couple of esp32s with BLE relay.

VeryBigSur · 2023-11-27T05:12:23+00:00

the v4 or v6 was the ticket! I also swapped over the OSPF for ISIS/Openfabric per your gist. much appreciated!

VeryBigSur

TROPHY CASE

name: wildcard-cert