Photo by Tadas Sar on Unsplash

Azure Resource Manager (ARM)| Snapshot | Azure CLI

Have you ever had a need to replicate a Virtual Machine using an Existing Operating System (OS) Disk on Azure? Well, i know i did. So this article will explain how to do this.

  • Assumes you already created a Virtual Network (VNet), Network Security Groups (NSGs), and Subnet to associate to the below Virtual Machine.
  • Assumes you have Azure CLI Installed
  • Assumes you have the capability to run ARM Templates

You can create a snapshot with easy by using the Azure CLI commands. I have written a powershell script that will do just this:

# Must already have a Virtual…

Photo by Scott Webb on Unsplash

OpenShift | Kubernetes | CI/CD | Tekton

I recently had some connectivity issue using the Trivy image from inside a very restrictive environment. The Trivy image would not communicate to the DB. I saw some documentation about an AirGap exchange of the database. This article is to explain how to set this up and run it.

  • That you have an OpenShift Cluster or Kubernetes Cluster with Tekton
  • Assume that you have privileges to run Tekton Tasks and Task Runs.
  • Have access to Quay.io

The first process of this is to pull down the Trivy Database. In order to do this I used wget instead of curl. I…


Photo by Florian Berger on Unsplash

Hashicorp

Static Keys are trouble as well as very difficult to manage. For that key rotation is needed. This article will explain how to set up Key rotation within the Hashicorp Vault for AWS Gov Cloud. This process is very easy, however, I wrote this article as Hashicorp Vault does not offer a Gov Cloud selection for the region. So there is a little workaround to get this done. You can also apply this same setup for any region if needed as well.

  • Already have a HashiCorp Vault Server unsealed with admin privileges.
  • Should also have a Token used to login…


Photo by Ferenc Almasi on Unsplash

Kubernetes | ArgoCD CLI

This article will talk about really how easy it is to add a user into ArgoCD. However, the process is a little different.

  • ArgoCD is installed on a Kubernetes Cluster
  • That you can access the ArgoCD via the ArgoCD CLI
  • Have access to update a ConfigMap within the Kubernetes Cluster

The first step is to access the CLI and review the current list of users. To do this first log in to ArgoCD via the CLI by running:

argocd login <hostname> --username admin --grpc-web-root-path /

Review a list of users by running;

argocd account list

Note: When writing this article…


Photo by Markus Spiske on Unsplash

Ambassador | Mappings | Kubernetes / K8s

I like to write articles that will help others spend less time finding information. In this case, I spent quite some time trying to figure out how exactly I needed to configure the Ambassador API Gateway Mappings in order for the ArgoCD Command Line Interface (CLI) to communicate.

  • That you already have a Kubernetes (K8s) cluster with Ambassador API Gateway Installed
  • Already have ArgoCD installed

The service that controls the ArgoCD User Interface is the “argocd-server”. You can by default find this by running the below; of course, if ArgoCD is installed in another namespace then change the namespace.

kubectl…

Photo by Remotar Jobs on Unsplash

Chrome | No Advanced

I recently ran into an issue with one of my PCs where I could not access particular sites that utilize a self-signing certificate. Now, most websites will utilize self-signing certificates for development or be corrected by adding the certificate to your list of approved; however, sometimes you will run into company websites that will require self-signing certificates. I search for some time to find this nice hack to get around this issue. It is almost like finding a hack for the old PC games with codes.

Open up the site in Chrome where the error ERR_CERT_REVOKED shows up. Now click…


Photo by Artem Sapegin on Unsplash

Infrastructure as Code | GitLab | AWS | HashiCorp

I currently use the GitOps approach with Kubernetes deployments with ArgoCD, but why not do this with IaC. So that is indeed what this article is about. This article is about how to set up your current or new Terraform projects to be run within GitLab CI/CD.

The first question that might come to mind is why are we doing this?

Reason 1:

Well, the reason is that it is best practice to remove your state management from your engineer's local machine. This allows for multiple engineers to work together to develop the infrastructure.

Reason 2:

Another reason is that…


Photo by NOAA on Unsplash

Tekton | Google | CI/CD | GitHub | Image Registry | Build |

Understanding Tekton alone is a little difficult to understanding coming in. Then you add how to set up Kubernetes secrets and authentication to a GitHub project on top of that. Well, it gets a little overwhelming. That is why I am writing this article to hopefully simplify the process by example.

What is a Task Run?

Well, a Task Run is an executed set of instructions that then tell the “Task” what to do. For instance, you use the Task Run to push parameter values to the Task.

What is a Task?

A Task is an actual flow that is…


Photo by gentina danurendra on Unsplash

Azure | CLI | Snapshots | Portal | osDisk | DataDisk | VHD

I recently had some issues with a VHD where the osDisk would not allow me in via RDP. That is the reason I am writing this article. This article will cover how to create an Unattached Managed osDisk that can be attached to a new Virtual Machine.

Create a Snapshot from existing Virtual Machine osDisk or dataDisk:

az snapshot create --resource-group <resource-group-name> --source "<source id of the disk>" --name <name-of-snapshot>
az disk create --resource-group fac-trax-dev --name osdisk-geoserver --source <snapshot-source>

Note: You can add the following attributes:

--size-gb > Identifies the size of the disk
--sku > Identifies the type of storage…

Photo by Sajad Nori on Unsplash

Azure | CLI | AzureRM | Storage Account Explorer | ARM Template

I decided to write an update to date article on how to transfer the osDisk snapshot to a storage account. Most articles I saw online were outdated on the Azure CLI. So let's begin.

There are some prerequisites for this article.

  1. That you have an Azure Portal Account with the Azure CLI Installed.
  2. That you already have an osDisk snapshot that can be exported.
az storage account keys list --resource-group <resource-group-nm> --account-name <destination-storage-account-name> --query '[0].value'

The query command will output the first key that can be used to…

⚗ Kevin Summersill 🔋

Enterprise Solution Architect | Certified Kubernetes Administrator ⚓ | SAFe SPC | LeSS Practioner | AWS Solutions Architect | Dev*Ops/GitOps Engineer 🔥

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store