Logs should be centralized, easily accessible, and independent from the monitored objects. Therefore, it’s advisable not to rely solely on the built-in monitoring system of OpenShift; instead, consider using an additional external monitoring solution. In this article, we’ll explore how to monitor an OpenShift cluster using Elastic Stack. Installing the Integration Since OpenShift is entirely…
Read MoreAnsible is a powerful automation tool that simplifies the configuration, deployment, and management of systems. At its heart lies the concept of idempotency — the guarantee that applying the same operation any number of times will yield the same result. Writing your own Ansible collection can unlock a new level of customization and control for…
Read MoreRecently, I’ve been deeply involved in OpenShift monitoring tasks, including configuring Grafana dashboards and creating Prometheus alerts. During this time, I’ve focused on effectively monitoring container resources such as CPU and memory. Container orchestration platforms like Kubernetes and OpenShift require efficient resource utilization and precise resource management in order to optimize performance and ensure application…
Read MoreStarting a new project is often an opportunity to reevaluate established practices. In our case, deploying a containerized application to production with OpenShift led us to revisit our GitOps strategy. Using ArgoCD as our GitOps tool raised a fundamental question: What is the best way to move changes into production—push or pull? Understanding Push and…
Read MoreRecently we had to provision a couple of NetEye machines on Azure for production purposes. Our procedure essentially creates a RedHat 8.10 VM starting with an official RedHat image, and adds the NetEye repositories to install the required software. This procedure is what we usually follow to create training environments, but these machines are usually…
Read MoreSecuring your codebase is a fundamental step in guaranteeing the integrity of your software: if the access to your git commits is compromised, so is your whole supply chain. That’s the reason why almost every git hosting service has implemented a strong authentication system to protect their users from unauthorized access. The question naturally arises…
Read MoreIn this blog post I’m abandoning advice and tips on our software suite for once and moving on to show you an important best practice that we recommend to all our customers for their servers. But what do you do for laptops, which are our primary work tool? I didn’t think much about it…. While…
Read MoreHello everyone, I’m back to discuss Ansible and Ansible Execution Environments. In my previous blog, we talked about why and how execution environments are critical for a successful Ansible implementation. I hope my guide was easy to follow, but as you may have noticed, the process requires a significant amount of manual effort to keep…
Read MoreWith the rise of continuous integration and delivery (CI/CD) in modern software development, automating tasks like publishing npm packages has become crucial for efficiency. GitHub packages Registry (npm.pkg.github.com) allows developers to host and manage npm packages directly within GitHub, offering a seamless experience for both private and public repositories. By leveraging GitHub Actions, developers can…
Read MoreRight now, at Würth Phoenix, we are investing in automating most of our operations using Ansible. You’re probably already familiar with what Ansible does, but to summarize, Ansible is an open-source, command-line IT automation application written in Python. I’ve talked about it here: One challenge we faced while developing our automation scripts was that we…
Read MoreIn this blog post we’ll try a tool that’s new to me, called Terraform, and see how easy it is to integrate it with Ansible starting with no knowledge of Terraform. Terraform is a tool that allows you to automate resource provisioning; it uses HCL2 as the configuration language, and support has recently been added,…
Read MoreAfter updating one of our machines, we found that some of our Ansible playbooks were failing with the following error: The include module was removed in ansible 2.16, while the include warning deprecation was already present in ansible 2.12. At this point, we can choose between two possible modules to replace include: import_tasks or include_tasks….
Read MoreWhen you prepare a machine for production, you usually want to use a redundant network interface in order to be resilient to possible network outages. When we created our OpenShift cluster this wasn’t possible during the installation procedure, at least not using the UPI procedure. We recently added a new node and discovered this new…
Read MoreIn the first blog post of this series I showed you how to set up an OpenShift test environment and set up Gitea via helm chart and add an ssh key to Gitea. In the second blog post we created a deployment with ArgoCD that clones via ssh from our Gitea instance. In this final…
Read MoreIn my previous post, we set up our test environment and a Gitea operator. In this blog post we’ll install the OpenShift GitOps operator and run a simple deployment. This setup allows us to test OpenShift-specific security constraints (such as OpenShift-specific SCCs, non privileged containers by default, etc.) in a test environment before going into…
Read More