azneita projects

Google Kubernetes Engine AutoScaling

So you have an application running on Google Kubernetes Engine (GKE) and your monitoring data suggests that huge traffic only comes for the first five days of each month. For every other days, traffic is comparatively lower and as such, you don’t require as much application instances (aka replicas). You decided that for the first five days of each month, the minimum number of replicas should at least be 10 while on other days, it can be 5. The maximum number of replicas is 50 for the entire month.

So what do you need to do?
1. Ensure GKE Cluster with Vertical AutoScaling enabled. Typically, this comes with a Balanced AutoScaling Profile and can easily be verified on the GKE console.
2. Ensure Node Pool is configured with AutoScaling enabled. This is also easily verified on the GKE console.
3. Create HorizontalPodAutoscaler, Role, RoleBinding and CronJob. Refer to https://github.com/azneita/gke-autoscaling.git for the code.

kubectl apply -f 01-horizontalpodautoscaler.yaml

apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: sample-application-hpa
spec:
  maxReplicas: 50
  minReplicas: 5
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: sample-application
  targetCPUUtilizationPercentage: 80

kubectl apply -f 02-serviceaccount.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: sample-service-account

kubectl apply -f 03-role.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: modify-hpas
rules:
  - apiGroups: ["autoscaling"]
    resources:
      - horizontalpodautoscalers
    verbs:
      - get
      - list
      - patch

kubectl apply -f 04-rolebinding.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: modify-hpas-to-sa
subjects:
  - kind: ServiceAccount
    name: sample-service-account
roleRef:
  kind: Role
  name: modify-hpas
  apiGroup: rbac.authorization.k8s.io

kubectl apply -f 05-scale-up-cronjob.yaml

apiVersion: batch/v1
kind: CronJob
metadata:
  name: scale-up-cronjob
spec:
  schedule: "0 0 1 * *"
  jobTemplate:
    spec:
      template:
        spec:
          serviceAccountName: sample-service-account
          containers:
          - name: scale-up-cronjob
            image: gcr.io/google.com/cloudsdktool/google-cloud-cli:latest
            args:
            - kubectl patch hpa sample-application-hpa --patch-file scale-up-patch.yaml
          restartPolicy: "OnFailure"

kubectl apply -f 06-scale-down-cronjob.yaml

apiVersion: batch/v1
kind: CronJob
metadata:
  name: scale-down-cronjob
spec:
  schedule: "0 0 6 * *"
  jobTemplate:
    spec:
      template:
        spec:
          serviceAccountName: sample-service-account
          containers:
          - name: scale-down-cronjob
            image: gcr.io/google.com/cloudsdktool/google-cloud-cli:latest
            args:
            - kubectl patch hpa sample-application-hpa --patch-file scale-down-patch.yaml
          restartPolicy: "OnFailure"

References
https://trstringer.com/kubectl-from-within-pod/
https://medium.com/symbl-ai-engineering-and-data-science/time-based-scaling-for-kubernetes-deployments-9ef7ada93eb7

I’ll never forget

There is a corner of the Philippine government’s official internet real estate (https://www.gov.ph/) that lists the names of known victims of the Martial Law 1972-1986 era – https://hrvvmemcom.gov.ph/list-of-victims-recognized-motu-proprio/.

The list supposedly has 11,103 known names organized by the number of points committed to a victim – 10 points being the worst. Unfortunately, the published names are only for 10 points to 6 points. The pages that should have contained the names for 5 points and below only show a default work in progress page. With how things stand back home, I worry that the list won’t be completely updated and/or the website will be scrapped altogether.

So I got it saved on the Internet Archive’s excellent Wayback Machine – https://web.archive.org/web/20220807024031/https://hrvvmemcom.gov.ph/list-of-victims-recognized-motu-proprio/

There’s a name on this list that makes this very personal. It’s important for me that people never forget that a lot of bad things happened during Martial Law, that a lot of families were affected (and are still affected) and that it’s not historical fiction.

This opinion piece by Ian Casocot – https://www.rappler.com/voices/thought-leaders/opinion-raping-sugarland/ – hit home so hard I remembered the stories my grandmother rarely spoke about when we were kids.

I’ll never forget those, nanay.

change existing ssh passphrase

$ ssh-keygen -p -f ~/.ssh/id_rsa

Enter old passphrase: Key has comment 'user@hostname' Enter new passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved with the new passphrase.

https://serverfault.com/questions/50775/how-do-i-change-my-private-key-passphrase

living dangerously

It’s been a while since I last wrote anything in this blog and with the spectre of COVID-19 hovering in the background, I finally found myself having some time to write. The problem however, is even though I have quiet a number of things on my mind, all of them are incoherent, disorganized and generally useless in their current form. The remedy I arrived at – I should start writing them down and force myself to organize them into a somewhat consumable form. It will not be pretty and I expect this to be a rough ride moving forward but I imagine that if I stick it with it for a long time, my writing skills should naturally improve and my thoughts will come across clearer.

Now back to my title subject and this is very much close to home. I really hope everyone gets through COVID-19 safely.
https://www.hsj.co.uk/news/hospitals-critical-care-unit-overwhelmed-by-coronavirus-patients/7027189.article

Batangas coronavirus cases up to 4

ddrescue

I use ddrescue primarily for writing disk images into a usb flash drive.

sudo ddrescue -D --force Fedora-Workstation-Live-x86_64-29-1.2.iso /dev/sdx