Analyzing Load Balancer VIP Routing with Calico BGP and MetalLB
https://www.ahdark.blog/analyzing-load-balancer-vip-routing/
MetalLB (controller-only) with Calico BGP does not bind VIPs to any node interface, causing ARP failures. Services stay unreachable externally. Solution: locally bind VIPs, enable strictARP, and disable rp_filter to restore correct traffic flow.
https://www.ahdark.blog/analyzing-load-balancer-vip-routing/
MetalLB (controller-only) with Calico BGP does not bind VIPs to any node interface, causing ARP failures. Services stay unreachable externally. Solution: locally bind VIPs, enable strictARP, and disable rp_filter to restore correct traffic flow.
AHdark Blog
Analyzing Load Balancer VIP Routing with Calico BGP and MetalLB
MetalLB (controller-only) with Calico BGP does not bind VIPs to any node interface, causing ARP failures. Services stay unreachable externally. Solution: locally bind VIPs, enable strictARP, and disable rp_filter to restore correct traffic flow.
Deployment and Challenges in Calico's eBPF Mode
https://www.ahdark.blog/deployment-and-challenges-in-calico-ebpf-mode/
https://www.ahdark.blog/deployment-and-challenges-in-calico-ebpf-mode/
AHdark Blog
Deployment and Challenges in Calico's eBPF Mode
This article explores the challenges of deploying Calico in eBPF mode for Kubernetes, focusing on issues like the need for an external load balancer, VIP certificate configurations, and circular dependencies when the control plane fails. Solutions for these…
1Password Enterprise,Kubernetes 和 GitHub CI 似乎可以形成一个非常高效可靠的 DevOps 联动,期待新文章吧
Why Prometheus Failed to Scrape Monitors' Metrics
Prometheus failed to scrape metrics due to missing RBAC permissions. This guide explains the symptoms, diagnosis, and fix using Role and RoleBinding, with YAML examples and logs for reference.
https://www.ahdark.blog/why-prometheus-failed-to-scrape-monitors-metrics/
Prometheus failed to scrape metrics due to missing RBAC permissions. This guide explains the symptoms, diagnosis, and fix using Role and RoleBinding, with YAML examples and logs for reference.
https://www.ahdark.blog/why-prometheus-failed-to-scrape-monitors-metrics/
AHdark Blog
Why Prometheus Failed to Scrape Monitors' Metrics
Prometheus failed to scrape metrics due to missing RBAC permissions. This guide explains the symptoms, diagnosis, and fix using Role and RoleBinding, with YAML examples and logs for reference.
Deploying Next.js with Runtime Environment Variables
Learn how to replace compile-time env vars with runtime ones in a GitOps pipeline. Moving from Vite + React Router to Next.js, we use next-runtime-env to inject config at container start, enabling one immutable build for all environments.
https://www.ahdark.blog/deploying-next-js-with-runtime-environment-variables/
Learn how to replace compile-time env vars with runtime ones in a GitOps pipeline. Moving from Vite + React Router to Next.js, we use next-runtime-env to inject config at container start, enabling one immutable build for all environments.
https://www.ahdark.blog/deploying-next-js-with-runtime-environment-variables/
Building and Pushing Docker Images to Google Artifact Registry with GitHub Actions
This article walks through building and pushing Docker images to Google Artifact Registry using GitHub Actions and Workload Identity Federation — without storing service account keys. It explains each step, from GCP setup to secure, keyless CI/CD.
https://www.ahdark.blog/building-and-pushing-docker-images-to-google-artifact-registry-with-github-actions/
This article walks through building and pushing Docker images to Google Artifact Registry using GitHub Actions and Workload Identity Federation — without storing service account keys. It explains each step, from GCP setup to secure, keyless CI/CD.
https://www.ahdark.blog/building-and-pushing-docker-images-to-google-artifact-registry-with-github-actions/
AHdark Blog
Building and Pushing Docker Images to Google Artifact Registry with GitHub Actions
This article walks through building and pushing Docker images to Google Artifact Registry using GitHub Actions and Workload Identity Federation — without storing service account keys. It explains each step, from GCP setup to secure, keyless CI/CD.