Open Policy Agent, Part I — The Introduction

Recently I was looking for a way to implement access control for microservices. I needed a solution that would allow defining complex authorization rules that could be enforced across many services. After searching the web, I discovered a very promising Open Policy Agent project that seems to be the right tool for the job. In this series of three blog posts, I am going to introduce Open Policy Agent to you and highlight how it can help you.

Continue reading “Open Policy Agent, Part I — The Introduction”

[Video] Building my lab: Setting up FreeNAS

Building my lab: Figuring out what to build

Preparing my lab: Flashing the HP P420 Storage Card

Say “Hello” to Buildah, Podman, and Skopeo

Are you still doing all your Linux container management using an insecure, bloated daemon? Well, don’t feel bad. I was too until recently. Now I’m finding myself saying goodbye to my beloved Docker daemon, and saying hello to Buildah, Podman, and Skopeo. In this article, we’ll explore the exciting new world of rootless and daemon-less Linux container tools.

Continue reading “Say “Hello” to Buildah, Podman, and Skopeo”

Configuring Envoy to Auto-Discover Pods on Kubernetes

This blog was originally published on Ales Nosek – The Software Practitioner.

Pods on Kubernetes are ephemeral and can be created and destroyed at any time. In order for Envoy to load balance the traffic across pods, Envoy needs to be able to track the IP addresses of the pods over time. In this blog post, I am going to show you how to leverage Envoy’s Strict DNS discovery in combination with a headless service in Kubernetes to accomplish this.

Continue reading “Configuring Envoy to Auto-Discover Pods on Kubernetes”

Troubleshooting the Performance of Vert.x Applications, Part III — Troubleshooting Event Loop Delays

This article was originally published on Ales Nosek – The Software Practitioner.

In the previous entry to this series, we reviewed several techniques that help you to prevent event loop delays. However, even the best programmer makes mistakes. What should you do when your Vert.x application doesn’t perform as expected? How to find out what part of your code is blocking the event loop threads? In the final part of the series, we are going to focus on troubleshooting event loop delays.

The event loop thread model is vastly different from the thread-per-request model employed by standard JEE or Spring frameworks. From my experience I can report that it takes developers some time to wrap their heads around it and that at the beginning they tend to make the mistake of introducing blocking calls into the event loop’s code path. In the following sections, we will discuss several techniques of how to troubleshoot such situations.

Continue reading “Troubleshooting the Performance of Vert.x Applications, Part III — Troubleshooting Event Loop Delays”