kubernetes

Building a Kubernetes Operator for the sake of building a Kubernetes Operator May 28, 2025

The Problem At my current $job, we recently migrated to ArgoCD from Terraform for application deployments 🙏. With that came an interesting challenge: how do we pass Terraform outputs into Kubernetes manifests? For example, our AWS Managed Prometheus endpoint lives in Terraform state, but our apps deployed via ArgoCD need that URL. Sure, we could use External Secrets Operator (and we do!), but it adds an extra layer of indirection when you just want to see what values are being injected into pods.

Replicating AWS IRSA Workflow for my Homelab with Talos and a Raspberry Pi June 9, 2024

IRSA leverages OpenID Connect to authenticate service accounts, providing a secure and convenient method to access AWS resources. This approach simplifies the management of credentials in your Kubernetes environment. To test AWS IRSA (IAM Roles for Service Accounts) in a selfhosted Kubernetes cluster, I used a spare Raspberry Pi 4 and Talos (Kubernetes Operating System). This could have easily been done with docker on my mac but I wanted to do a real test so I can migrate the config over to my homelab cluster.