Articles concernant Open Source / OpenShift:

Implémenter le motif de conception 'Strangler Fig' dans OpenShift

Le motif de conception Strangler Fig a été documenté par Martin Fowler en 2004. Il fait référence à un arbre nommé le “figuier étrangleur” qui s’appuie sur son hôte pour ses premières années de vie, jusqu’à ce que ses racines touchent le sol. Il peut ainsi se nourrir et grandir de manière autonome. Son hôte sert alors de support et finit par mourir “étranglé”. C’est une analogie avec la ré-ingénierie d’un système en production: les composants d’un monolithe sont réécrits un à un, sous forme de micro-services, à coté du système existant. Les composants du monolithe sont alors remplacés au fil de l’eau par leur équivalent micro-service. Une fois tous les composants du monolithe remplacés, il peut alors être décommissionné. La question qui m’a été posée est: est-il possible d’implémenter ce motif à l’aide des outils et fonctions d’OpenShift ? Continuer la lecture

Install Kubernetes operators in OpenShift using only the CLIBritish flag

OpenShift 4 went all-in on Kubernetes operators: they are used for installation of the platform itself but also to install databases, middlewares, etc. There are more and more operators available on the Operator Hub. Most software now provide an operator and describe how to use it. Nevertheless, almost every software documentation I read so far, includes the steps to install the operator using the nice GUI of OpenShift 4. But since my OpenShift environments are provisioned by a playbook, I want to be able to install operators using the CLI only! Continuer la lecture

Secure your OpenShift 4 cluster with OpenID Connect authenticationBritish flag

OpenShift, starting with the version 4, is installed with a temporary administrator account, kubeadmin. When searching for a definitive solution, it might be tempting to go for the very classical “login and password” prompt, backed by an htpasswd file. But this is yet another password to remember! OpenShift can handle the OpenID Connect protocol and thus offers Single Sign On to its users. No additional password to remember: you can login to the OpenShift console with your Google Account for instance. Continuer la lecture

Airgap OpenShift Installation: move the registry created using oc adm release mirror between environmentsBritish flag

Some customers, especially large banks, have very tight security requirements. Most of them enforce a complete disconnection of their internal networks from the Internet. When installing OpenShift in such environments (this is named “disconnected” or “airgap” installation), all the OpenShift images have to be fetched (thanks to oc adm release mirror) in a dedicated registry from a bastion host that is both on the internal network and on the Internet. Continuer la lecture

Deploying Miniflux on OpenShiftBritish flag

Miniflux is a minimalist, open source and opinionated RSS feed reader. There is a hosted instance available at a fair price point but wouldn’t it be cooler to host your own instance on your OpenShift cluster? Let’s do it! Continuer la lecture

Deploying Invidious on OpenShiftBritish flag

Invidious is an alternative frontend to YouTube that is slimmer, faster and at the same time offer more features than YouTube itself. And even more important: it’s Open Source! There is a hosted instance at if you want to give it a try. But, wouldn’t it be cooler to host your own instance on your OpenShift cluster? Let’s do it! Continuer la lecture

Solving the Ansible error 'This module requires the OpenShift Python client'British flag

If you are using MacOS to develop Operators based on Ansible or simply running Ansible playbooks straight from your Mac, you might encounter this error: This module requires the OpenShift Python client. When coping with this error message, two items need to be checked: The openshift python module needs to be installed using the pip command bundled with your Ansible. If you are not using the implicit localhost, your inventory needs to be updated. Continuer la lecture

Use QLKube to query the Kubernetes APIBritish flag

QLKube is a project that exposes the Kubernetes API as GraphQL. GraphQL is a data query and manipulation language for APIs developed initially by Facebook and released as open-source. It strives to reduce the chattiness clients can experience when querying REST APIs. It is very useful for mobile application and web development: by reducing the number of roundtrips needed to fetch the relevant data and by fetching only the needed field, the network usage is greatly reduced. Continuer la lecture

One-liner to decode a Kubernetes secret (base64 encoded)British flag

Creating a Kubernetes secret from a value is easy: $ oc create secret generic my-secret --from-literal=secretValue=super-secret secret/my-secret created But getting back this value (from a Shell script, for instance) is not so easy since it is now base64 encoded: $ oc get secret my-secret -o yaml apiVersion: v1 kind: Secret metadata: name: my-secret namespace: qlkube type: Opaque data: secretValue: c3VwZXItc2VjcmV0 Hopefully, since the latest versions of Kubernetes, there is now a one-liner to extract the field and base64 decode it: Continuer la lecture

Writing workshop instructions with Hugo and deploying in OpenShiftBritish flag

This is the third part of my series covering how to Write workshop instructions with Hugo. In this article, we will deploy our Hugo mini-training as a container in OpenShift. Continuer la lecture