Hashicorp Nomad is

• One binary (tm) for client and server
• Uses own RAFT implementation for clustering
• Supports HCL for resource definition and templating, same as terraform! Way better at DRY configuration.
• Supports not only docker, but raw JAR deployments, etc.
• Doesn’t have any ingress management. Though, integrates very nicely with Traefik using native facilities.

This is currently my orchestration tool of choice for running anything in own cluster.

docker rmi xxxxxxxxxxx.dkr.ecr.eu-central-1.amazonaws.com/it-service-app:2.6.{234..295}

this will remove all the images ranged from 2.6.234 till 2.6.295

Actually you don’t need any logrotate for docker, as it has built-in.

Just set to this /etc/docekr/daemon.json

{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3" 
  }
}

max-size No -1 The maximum size of the log before it is rolled. A positive integer plus a modifier representing the unit of measure (k, m, or g). Defaults to -1 (unlimited). This is used by json-log required to keep the docker log command working.
max-file No 1 The maximum number of log files that can be present. If rolling the logs creates excess files, the oldest file is removed. Only effective when max-size is also set. A positive integer. Defaults to 1.

Sometimes you need to implement ordered loading for the pods. Say, launch rabbit mq container first, than your app container. This could be done using initContainer concept.

Put this into values.yaml of your helm chart definition

rabbit:
  host: rabbit

and this to the app deployment.yaml definition

initContainers:
        - name: check-rabbit-ready
          image: public.ecr.aws/runecast/busybox:1.33.1
          command: ['sh', '-c', 'until nc -vz {{ .Values.rabbit.host }} 5672; do echo "Waiting for rabbit service"; sleep 2; done;']

For Amazon EKS:

kubectl describe nodes -l topology.kubernetes.io/zone=eu-central-1a

find . -name *.log | xargs truncate -s0

Use the following code snippet:

telegram:
  enabled: False

Env:
  - TELEGRAM_NOTIFICATION={{ telegram.enabled | ternary('true', None)}}

In this way False value evaluates to None and as outcome you’ll get empty TELEGRAM_NOTIFICATION variable

docker ps -f status=exited -q | xargs docker rm

cluster_name and profile are terraform variables

resource "null_resource" "oidc_provider" {
  triggers = {
    cluster_name = var.cluster_name
  }

  provisioner "local-exec" {
    command = <<EOF
AWS_PROFILE=${var.profile} eksctl utils associate-iam-oidc-provider --cluster ${var.cluster_name} --approve
EOF
  }
}

Check result with command

aws iam list-open-id-connect-providers | jq ".OpenIDConnectProviderList[].Arn"

simple ec2 instances list using jq

aws ec2 describe-instances | jq -r '.Reservations | .[].Instances | .[].Tags | .[] | select(.Key == "Name") | .Value'