Kubernetes

Replacing Cloudflared Kubernetes Credentials for a New Tunnel

December 10, 2024 · 2 min · 357 words · Neil Borromeo

This draft captures the practical work of creating a new cloudflared tunnel, replacing the Kubernetes secrets that hold the certificate and tunnel credentials, and updating the config map and deployment to run the new tunnel.

Exposing a TCP Service Through Cloudflare Tunnel on Kubernetes

July 7, 2024 · 3 min · 430 words · Neil Borromeo

This draft turns a noisy environment-specific note into a cleaner pattern: create the Cloudflare Tunnel credentials, store them as Kubernetes secrets, define a cloudflared config map, run the deployment, and validate that the tunnel actually maps the hostname to the intended TCP service.

FusionAuth Outage After a Forced Kubernetes Upgrade

July 1, 2024 · 4 min · 701 words · Neil Borromeo

This draft turns a real internal outage note into a cleaner incident write-up covering the forced Kubernetes upgrade, the storage failure that followed, the backup gap we ran into, and the operational changes that came out of it.

Installing Longhorn on a Kubernetes Cluster and Passing the Environment Checks

February 15, 2024 · 2 min · 320 words · Neil Borromeo

This draft captures the part of a Longhorn installation that usually matters most in practice: make sure the node dependencies are in place, enable iscsid, run the environment check script, fix the obvious blockers, and only then install the chart.

Setting Up a Cloudflared Tunnel for a Cluster

February 15, 2024 · 2 min · 221 words · Neil Borromeo

This draft captures the practical shape of a cluster-side Cloudflare tunnel setup: install cloudflared, register the service, and use DNS-backed certificate workflows where needed.

Setting Up `cert-manager` with Let's Encrypt and Cloudflare DNS-01 in Kubernetes

January 18, 2024 · 4 min · 852 words · Neil Borromeo

This draft turns a real cluster note into a cleaner walkthrough for installing cert-manager, configuring a Cloudflare-backed ClusterIssuer, issuing certificates, and handling a few common ingress-related surprises.

Restoring FusionAuth with Postgres Dumps and Elasticsearch Cleanup

December 6, 2023 · 4 min · 848 words · Neil Borromeo

This draft turns a real outage recovery note into a readable operations walkthrough covering service scale-down, Elasticsearch cleanup, database restore, and controlled service startup.

Using `imagePullSecrets` for a Private Registry in Kubernetes with Containerd

October 23, 2023 · 3 min · 535 words · Neil Borromeo

This draft is based on a real cluster note where I validated private image pulls in Kubernetes by creating a Docker registry secret, attaching it to a deployment, and testing the workload in a dedicated namespace.

Fixing `br_netfilter` Sysctl Errors During Kubernetes Node Prep

September 28, 2023 · 2 min · 235 words · Neil Borromeo

This draft captures a Kubernetes preparation issue where sysctl reloads failed because /proc/sys/net/bridge/bridge-nf-call-iptables did not exist until br_netfilter was loaded.

Rebuilding Worker Nodes in a Rancher-Managed Cluster

July 11, 2023 · 3 min · 603 words · Neil Borromeo

This draft captures a real cluster recovery workflow where problem nodes were cleaned up, re-registered into Rancher, and then brought back into a larger rebuild that included storage, MetalLB, and GPU-related follow-up work.