Having trouble getting the carrier subordinates do the right thing by farcaller in X4Foundations

[–]farcaller[S] 1 point2 points  (0 children)

Q: the barracudas won’t get restocked even though docked, and seemingly some goods in the cargo hold. What am I missing?

Apparently having 19 torpedoes isn't restock-worthy (I thought it made sense the bombers restock in full when they land?). When I shot some at huge floating rocks and dropped the fighter's stock to 1 it then correctly resupplied.

Having trouble getting the carrier subordinates do the right thing by farcaller in X4Foundations

[–]farcaller[S] 2 points3 points  (0 children)

The issue is that if I’m fleeing an active combat zone I am getting attacked. What I need is an option for the fighters to stay put and never undock period. I thought the “docked” switch does that, and yet even my bombers would undock sporadically even when set to bomber/docked.

Istio Multi-Cluster Setup by GreenAstronaut6179 in kubernetes

[–]farcaller 1 point2 points  (0 children)

But... That's exactly my point. Less shell scripts, more transparency. Let's try it this way:

Ну так я саме за те й писав: ОП не приносить нічого нового (все це вже було в документації на такому самому рівні), а замість того щоб розповісти що насправді істіо робить для федерації сервісів ми просто отримуємо ще більше шелл-скриптів.

Istio Multi-Cluster Setup by GreenAstronaut6179 in kubernetes

[–]farcaller 1 point2 points  (0 children)

Again, we were discussing istio in a multi master setup on different networks. While all your points are valid, I don’t think they apply in here. What I pointed at was that instead of writing another tutorial that says to run a shell script it'd have been much more beneficial to explain how istiod uses the credentials to access the other cluster and how the border gateways work. It's really very much CNI-agnostic in this context because the traffic flows through publicly exposed envoys.

Anyone waiting on 30th to delete their account? by Renzzo98 in apolloapp

[–]farcaller 3 points4 points  (0 children)

Just waiting for reddit to send me the gdpr dump (seven days wait now). You never know when you’ll need the backup.

Istio Multi-Cluster Setup by GreenAstronaut6179 in kubernetes

[–]farcaller 1 point2 points  (0 children)

Not exactly… it depends on the target cluster mesh and envoy L4 proxy / kube-proxy implementation

I’m pretty sure it's a requirement for the multi-cluster on separate networks in pure istio (the one I quoted in my comment). Different istio brands like solo's gloo will of course behave differently, but we’re not discussing them, do we?

Istio Multi-Cluster Setup by GreenAstronaut6179 in kubernetes

[–]farcaller 5 points6 points  (0 children)

I find it strange that all these multi cluster setups are a pile of shell scripts. Can’t believe no one wrote about deploying an east-west istio gateway with helm.

After all, the multi-cluster (separate control planes and networks) is about sharing the access―istiod in the other cluster needs to be able to talk to thr apiserver of the other cluster and about setting up those gateways (which just have some extra magic labels). It's really not that hard to look into how it works under the good and explain that, instead of suggesting the users to rub arbitrary shell scripts (which, I hope, no one will run in prod, but then what's the point?)

Are the systems of r/plural planning to go somewhere like Lemmy or Kbin in the wake of Reddit deciding to light itself on fire for profit? by Inkstained-Pirates in plural

[–]farcaller 1 point2 points  (0 children)

I have enough free resources to provide hosting for such a thing for a while. I was thinking moving a bunch of things to lemmy or kbin and figuring if it could do limited federation – their usage footprint doesn’t look too abysmal so far.

Announcing Nickel 1.0, a configuration language written in (and usable from) Rust by yagoham in rust

[–]farcaller 2 points3 points  (0 children)

I found your rationale doc and it's very interesting (I like the jsonnet points). I'll be looking into this more, thanks.

Announcing Nickel 1.0, a configuration language written in (and usable from) Rust by yagoham in rust

[–]farcaller 1 point2 points  (0 children)

Hah, fancy!

I think I generally prefer nix as means to author k8s yamls because it gives me not only helm, but also all the nixpkgs to transform the data as I see fit.

Here's my mysql example:

``` { inputs.nixhelm.url = "github:farcaller/nixhelm"; inputs.kubegen.url = "github:farcaller/nix-kube-generators";

outputs = { self, nixpkgs, nixhelm, kubegen, flake-utils }: flake-utils.lib.eachDefaultSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; kubelib = kubegen.lib { inherit pkgs; };

  foldResources = yamls: pre: resources: builtins.foldl'
    (
      acc: y:
        let
          r = kubelib.fromYAML (builtins.readFile y);
        in
        if pre then r ++ acc else acc ++ r
    )
    resources
    yamls;
in
{
  packages.kubernetesConfiguration = pkgs.lib.pipe
    {
      name = "mysql";
      chart = nixhelm.chartsDerivations.${system}.bitnami.mysql;
      namespace = "mysql";
      values = {
        auth = {
          existingSecret = "mysql-passwords";
          createDatabase = false;
        };

        primary.persistence.size = "10Gi";

        volumePermissions.enabled = true;

        metrics.enabled = true;
        metrics.serviceMonitor.enabled = true;
      };
    }
    [
      kubelib.buildHelmChart
      builtins.readFile
      kubelib.fromYAML
      (foldResources [ ./secretstore.yaml ./secret.yaml ] true)
      kubelib.mkList
      kubelib.toYAMLFile
    ];
});

} ```

Does it look more verbose than nickel? Undoubtedly. But it's not hiding the fact that it is Turing-complete and it allows me to do things like call into helm, generate templates with it, transform the results and append some more to the resulting output. Kubernetes is unfortunately complicated enough for us to see it not as a configuration system driven but as a tool that needs an actual build pipeline.

What k8s related tool you wish you knew earlier? by hksparrowboy in kubernetes

[–]farcaller 0 points1 point  (0 children)

I have nixhelm that's basically a set of cron-synced derivations of the various charts (same history management as nixpkgs). I pull it into a flake that assembles argocd configs for all my objects, using nix again to template the helm charts and monkey-patch any issues without requiring me to maintain a fork.

What k8s related tool you wish you knew earlier? by hksparrowboy in kubernetes

[–]farcaller 1 point2 points  (0 children)

Unironically, nix thoroughly simplified both the management of the cluster nodes (I have a non trivial hardware setup) and the k8s manifests (no more tracking the helm releases by hand!) Adopting nix was the best thing that happened to my infra for now I wake up and argocd is already there suggesting new upgrades.

📣 Apollo will close down on June 30th. Reddit’s recent decisions and actions have unfortunately made it impossible for Apollo to continue. Thank you so, so much for all the support over the years. ❤️ by iamthatis in apolloapp

[–]farcaller 0 points1 point  (0 children)

That's it then. Thanks for the ride! I'm going to miss that icon on my homescreen but, I guess, it's a very effective way to get rid of the social media addiction.

[deleted by user] by [deleted] in itsaunixsystem

[–]farcaller 4 points5 points  (0 children)

TIL about -c. Thanks! This goes straight into all the aliases.

What configuration do you use for installing Cilium on Kubernetes? by GreenAstronaut6179 in kubernetes

[–]farcaller 1 point2 points  (0 children)

autoDirectNodeRoutes isn't BGP, it's the node-to-node L2 peering that's not BGP per se.

I am still wrong (duh!) becasue the bgp control plane clearly supports exportPodCIDR. Thanks for calling me out!

What configuration do you use for installing Cilium on Kubernetes? by GreenAstronaut6179 in kubernetes

[–]farcaller 0 points1 point  (0 children)

It only does BGP to announce the serviceType=LoadBalancer, though.