This post will explore the juxtaposition of acronyms, keywords and correlation of the needs versus the actual wants. Specifically, as far as the mesh is concerned.

In my own experience working with the Kubernetes cluster environments, one thing becomes a certainty, — this technical arena is incredibly fast paced. So much so, that as some acronyms come, others get left behind on all-too-regular basis. It becomes ever bit tedious to make sense of the Kubernetes components, dependencies, risk impacts, and overall infrastructure considerations from the high-level design & architecture standpoint, never mind the finer details.

Remember the Kubernetes storage volume…


To start, it was certainly a good idea to have booked off all 3 days (UK time meant 4–5 pm start) for this CNCF Conference.

It was full on, packed with updates and announcements, not forgetting the genuine new best practices and learnings you ought to catch up with.

While I have several years of experience working with Kubernetes and I am both CKA and CKAD certified but, jumping into the abyss of true native GitOps CI/CD, and recently with The Service Mesh, — I was not quite ready for the cognitive overload that ensued.

I believed, with my experience…


I was recently fortunate enough to be tasked to investigate, develop and deliver a suitable open source testing framework for the terraform code base, as part of the infrastructure release pipeline.

The “Quality Assurance for everything” intent is nothing new. The implementation however, does depend and varies across organisational infrastructure maturity and risk tolerances, it may be comfortable with, — before [any such] go-live stages.

TL;DR
Whatever your team size. Implementation of a good terraform-based infrastructure configuration analysis, and end-to-end sanity testing, does not need to be long nor complicated.

Taking a fresh look at this are of “testing the…


Welcome back! This is another technical post, building up on the previous terraform and kubernetes Infrastructure-as-code themed write-ups, we have at Contino.

TL;DR
Whatever your team size. Implementation of a good terraform-based infrastructure configuration analysis, and end-to-end sanity testing, does not need to be long nor complicated.

I was fortunate enough to receive a great challenge to investigate, develop and deliver a suitable open source testing framework for the terraform code base, as part of the infrastructure release pipeline. The “Quality Assurance for everything” intent is nothing new. …


Anyone who has worked with OSS monitoring tools like Prometheus and Grafana would attest that these are some great and the #1 choice of tools to be deployed within the Kubernetes containerised environment.

There is a long list of admin overhead to be considered while configuring the monitoring stack to benefit from all the features it offers, such as tuning, customising, and simply made to work.

It takes time, and given the must-have insight you achieve within your container cluster, there is really no doubt about the value of monitoring. I will just leave it as that. fact.

Prometheus Monitoring…


Anyone who has worked with OSS monitoring tools like Prometheus and Grafana would attest that these are some great and the #1 choice of tools to be deployed within the Kubernetes containerised environment.

There is a long list of admin overhead to be considered while configuring the monitoring stack to benefit from all the features it offers, such as tuning, customising, and simply made to work.

It takes time, and given the must-have insight you achieve within your container cluster, there is really no doubt about the value of monitoring. I will just leave it as that. fact.

Prometheus Monitoring…


Kubernetes is already hard.
We know it. They know it. Steve knows it.
Then why, you’d be right to say — Why!? — is the node labelling is called “Tainting” and why-oh-why does the Pod need to “Tolerate”.

Well, let’s figure this one out.

If you are reading this, You’re keen, inquisitive but also brave. Major Kudos!

Let’s start with the Why.

As the average Joe, you kubectl run nginx — image=nginx — port=80 — expose, and you would be right to be done with it.

But we don’t want to be the average Joe!

In the [any] environment in…


If you are here, then you’ve surely heard about GitOps. Your colleagues rave on about it, perhaps folks in your office whisper it about, or you sat on the bus next to some chap who does ‘use’ GitOps.

Have a read of GitOps Processes and Integration with flux which was recently written by my colleague Sean Rigby which has great coverage of a high-level overview of the topic.

Otherwise, let’s recap the features and dive deeper into components and implementation.

The key features of GitOps implemetnation

  • Strong release consistency and standardisation across environments — You are guaranteed to have your…


If you are here, then you’ve surely heard about GitOps. Your colleagues rave on about it, perhaps folks in your office whisper it about, or you sat on the bus next to some chap who does ‘use’ GitOps.

No? Then have a read of GitOps Processes and Integration with flux which was recently written by my colleague Sean Rigby

And If you did hear about #GitOps, then welcome to the club of the relatively-few. But you’re in the right place, and read on…

The technology pre-requisites of the #GitOps release model are Google Kubernetes Engine, Cloud Build, and good ol’…


I did say ‘part deux' was coming in my previous Blog Post Istio-Proxy Ingress SSL Certificate Integration the old fashioned* way(no SDS) — so here it is.

At first, you work with Containers and this is it! then you discover the new world of Kubernetes, and this becomes it again. Now add the ‘steroids’ of Istio Service Mesh, and we’re integrating the whole system end-to-end with Google Cloud, trying to piece together how we can make do with The Best of both worlds. Easy, right?

Well, spoiler alert, It works a treat. …

Jaroslav Pantsjoha

All about engineering lean-mean infrastructure solutions by day and serial seed/blockchain technology investing by night

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store