kubernetes – ariel's weblog

Cilium BGP Lab, locally!

Maybe you already know about Cilium, You don’t?
Go read https://docs.cilium.io/en/stable/overview/intro/ and come back !!

Hello again!
So now you want to learn about Cilium BGP functionality, for me this is one of the most exciting features of Cilium, maybe the reason is the addiction that I already have for BGP, who knows (AS207036). Back to the point, with Cilium you can establish a BGP session with your routers (Tor, border, or core, you decide.) and announce PodCIDR or LoadBalance for services.

For this learning exercise, we will use Kind and other tools to run a K8s cluster locally on any Linux (Windows or MacOS) machine. There is a lot of info on the internet on how to get Kind up and running and even how to install Cilium, I decided to build a collection of Cilium Labs (ciliumlabs) to speed up the process of getting a Cilium testing environment up and running.

First, go and clone the repo, all the information is on the README of each lab type, in this case, bgp/README.md is the one with the steps to get this ready, but we first need to install the prereqs. The prerequisites are listed in the main README file. In my environment, all this is met so I can proceed with the lab creation.

Continuar leyendo «Cilium BGP Lab, locally!»

Platform9 KubeVirt solution.

This is my opinion about this platform.

A few weeks ago, Platform9 announced a Hands-on-Lab for their KubeVirt implementation, and after using Harvester for running VMs mainly for deploying Rancher RKE clusters, I got my hands on this platform and the differences are huge.

First, Platform9 keeps its offering very close to the upstream project, what does this mean, it looks like you installed KubeVirt manually in your K8s cluster, this is good. The good thing about it is that you are more familiar with the solution and when the time to move to another KubeVirt offering comes, the changes will be minimal.

Continuar leyendo «Platform9 KubeVirt solution.»

I want to see more KubeVirt out there…

Let’s do this.
I think this is the second English-post in the entire history of this blog. Be gentle with me.

KubeVirt, is a known name for the people already doing containers, a normal player for people in the OpenShift world, but why if you come from others environment (VMware?) is like this doesn’t exist or is just being ignore?

If you can read Spanish and go back in the post history of this site, you can see that when is about VMs, VMware was the only option, not the same with Kubernetes, I started playing with K8s since 2018 and by that time, VMware didn’t have an offering that can compete with K8s. so I stick with K8s installed directly with kubeadm or the Rancher’s offering (RKE, RKE2 and K3s).

Why did I do a little recap?
Because is time to start trying new solutions to manage our VMs.

I love Harvester, love the fact that it can connect to Rancher UI and can be managed from the same place that I already have my containers, but is so resource intensive! The same host that was running Proxmox and ESXi can’t cope with the demand, I hope that this solution keeps growing and get my hands on others! (looking at you Platform9!).

My next steps, read more about plain KubeVirt to know more how this thing works behind the nice UI provided by Rancher or OpenShift… wish me luck !

Kubernetes – Explorando un Cluster de Kubernetes con VMware Octant – Update.

Ya hace un tiempo, tal vez demasiado, había hablado de este cliente desktop para conectarnos a un cluster de k8s. En ese momento lo miré y no me sentí muy convencido de cuáles eran las bondades de usar algo así, y la principal razón era que estaba muy emocionado con Rancher UI.

Continuar leyendo «Kubernetes – Explorando un Cluster de Kubernetes con VMware Octant – Update.»

RPKI con GoRTR de Cloudflare – en Kubernetes!

RPKI con GoRTR de Cloudflare – en Kubernetes !

Hace un tiempo probé con RPKI, en esos días estaba tomando unos entrenamientos de MANRS, con RPKI podemos asegurar que los prefijos que recibimos vía BGP con de quien realmente deberían ser, en otras palabras, si por alguna razón un tercero mal intencionado se hace con un bloque de direcciones IP que no le pertenece, pero esta tiene ROA habilitado, el trabajo de RPKI es no permitir que esos bloques de direcciones IP sean insertados en nuestra tabla de enrutamiento.

https://github.com/cloudflare/gortr

Continuar leyendo «RPKI con GoRTR de Cloudflare – en Kubernetes!»