December logbook

2022-12-29

• 1-2-1
  • toward more managed service?
• Non-OCC OpsGenie removed and NewRelic mutes (Ashish did the work)
• CEIP-2795
  • sub tasks: CEIP-2966, CEIP-2967 created
  • CEIP-2966 complete, need to get this merged: https://github.com/elsevier-centraltechnology/tio-helmcharts-core-platform/pull/182

2022-12-28

• investigate id-infra incident

  # Taint
  kubectl taint nodes ip-10-95-65-184.eu-west-1.compute.internal ip-10-95-65-184.eu-west-1.compute.internal=71230:NoSchedule
  # Show taints
  kubectl get nodes -o go-template='{{range $item := .items}}{{with $nodename := $item.metadata.name}}{{range $taint := $item.spec.taints}}{{if (eq $taint.effect "NoSchedule")}}{{printf "%s\n" $nodename}}{{end}}{{end}}{{end}}{{end}}'
  # Untaint
  kubectl taint nodes ip-10-95-65-184.eu-west-1.compute.internal ip-10-95-65-184.eu-west-1.compute.internal=71230:NoSchedule-
  

• mtgs: standup, retro, planning
• argo
  • get cluster-tests running in sandbox
  • then look at doing it in kong-nonprod
    • requires cross-account secrets

2022-12-26,27: public holidays

2022-12-22

• CEIP-2795
  • created CEIP-2960 (ArgoCD / NewRelic / Grafana)
  • merged
  • deployment to help diagnose IAM policy and roles

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: my-app
      namespace: kube-system
    spec:
      selector:
        matchLabels:
          app: my-app
      template:
        metadata:
          labels:
            app: my-app
        spec:
          serviceAccountName: nginx-deployment-k8s-secrets
          containers:
          - name: my-app
            image: public.ecr.aws/aws-cli/aws-cli:latest
            command:
            - "/bin/sleep"
            - "36000"
    

    shell into it and run aws configure and aws ... to check whatever access you’re trying to grant.

2022-12-21

• Jill video for ‘23
  • prioritising, data driven decisions
  • metrics associated with bau as well as investment
  • commercialisation
• CEIP-2795
  • ctd investigate creation of secrets
    • learned: secrets require volume, syncSecret.enabled and consumer
    • learned: pass parameters to required chart with –set .
  • discussion with Matteo, needed:
    • role to read secrets from ce account from partner
    • directory layout, per-app-per-tier commit for fine grained control with option to do all tier at once of desired
    • new ticket to catch argo sync (and other?) metrics in new relic and provide the necessary feedback for partners in grafana

2022-12-20

• argo
  • added sync enableds to sync secrets and new pod created
    • however need to verify this
  • also noted csi secrets in kube-system, not argocd
    • try install with helm on diff. cluster

2022-12-19

• dev duty
• argo
  • concluded with csi secrets mounted as volume

2022-12-18

• try to use csi driver for private repository
• once done that bring csi-secrets into spike repo
• start talking about troubleshooting and production layout

2022-12-15

• alerts check
  • just a couple of very shortlived p2s from kong, meybe extend duration?
• argo
  • learned to delete apps that were ‘stuck’ by removing argo ‘finalizer’
  • after manual reconcile got the role in place for sanbox cluster sync to work again
  • csi secret app now synching to sandbox
  • App of apps pattern for creating apps automatically from monitoring git removing need for kustomize (come back to this)
  • need it to sync to in-cluster as well … Required ‘standard’ install instead of namespace-install install options
  • also set up application-set for targets as cannot span local and target clusters (at least as configured) application-set docs

2022-12-15

• OpsGenie install and explore
  • will sms and call personal phone (at least for now)
• 1-2-1:
  • remains to be convinced about Argo, not inclined towards Flux either
  • on call phone coming
  • contract change coming
• sorted expenses
• argo
  • TODO need to chat with M&L about granularity
  • basic understanding of kustomize (can also kubectl apply -k)
  • created application manifest
  • created cluster manifest

2022-12-14

• Docs

  • implement the discussed changes to summary
  • pushed for review

• Argo

  • pairing w MC & LM
  • installing argocd managed by argocd: https://www.arthurkoziel.com/setting-up-argocd-with-helm/

2022-12-12

• T.I.M. docs
  • Capability summary to replace much of shared respo. model inc. diag.
• Self-service diagnostic tool
  • Was this the correct chart? https://github.com/elsevier-centraltechnology/tio-helmcharts-core-platform/tree/master/charts/cluster-tests
  • We also had some tests running within Platform Manager as well: https://github.com/elsevier-centraltechnology/core-elsevier-platform/blob/master/platform-manager/internal/clustertests/main.go#L22
  • https://elsevier.atlassian.net/browse/CEIP-1545?focusedCommentId=4362864

2022-12-12

• T.I.M. docs
• planning for next cycle:
  • CEIP-2806: partners can write to workflow action definitions
  • CEIP-2500: support & expert support (refer to existing where possible)

2022-12-09

• T.I.M docs -> Backstage
  • CEIP-2902: shared responsibility model
  • X as service
• CEIP-2795
  • Review but blocked
  • repo is: https://github.com/elsevier-centraltechnology/cortex-argocd-spike

2022-12-08

• Review with KA
• Pass NR exam

2022-12-07

• Slack questions
• design walk-thru for Kong with Khushnood
• NR training
• Kong workspace delete

2022-12-06 Expenses, catchup, Argo and E2E test meeting

2022-12-05 Leave

2022-12-01 & 02 AWS Reinvent

• Notes
• Consolidated ELS view
• API204
• CON306 p1
• CON306 p2
• CON306 p4