Evgenii Zhuravlev - DevOps Engineer | Personal blog about DevOps, Kubernetes, Linux, Clouds infrastructures, CI/CD, Terraform, Ansible, and other.

How to import all existing AWS resources into Terraform 🏆 LEGENDARY

Feb 25, 2025 About 20 mins

Setup your aws config file ~/.aws/config Install terraformer In current directory. You can find out about all the installation methods from GitHub repo Terraformer brew install terraformer Create version.tf file terraform { required_providers { aws = { source = "hashicorp/aws" version = "~> 5.0" } } } provi... Read More

#Terraform #AWS #Cloud #S3

Recovery DB in Zalando postgres operator in Kubernetes from S3 🏆 LEGENDARY

Mar 05, 2023 About 10 mins

While working with the Zalando Postgres Operator in Kubernetes, I encountered a significant challenge: there is no well-documented, out-of-the-box method for restoring a database from an S3 backup. The operator itself is a great tool that simplifies PostgreSQL deployment and management in Kubernetes, but when it comes to recovery, the process ... Read More

#Kubernetes #PostgreSQL #Helm #S3

Tagging all ec2 instances for all EKSs in account. 🏆 LEGENDARY

Mar 13, 2025 About 20 mins

I recently came across an interesting task. For cost management, it was necessary to tagging all ec2 instances on the AWS account. The tag should contain Name = EKS-$CLUSTER-NAME. As you know, ec2 clusters created for EKS do not have the Name tag by default, they are created within the Node Group from a custom Launch Template (if you explicitl... Read More

#AWS #EKS #ec2

Injecting secrets directly into Pods and Gitlab from Hashicorp Vault in EKS/K8s. 🏆 LEGENDARY

Oct 15, 2024 About 17 mins

In this post, I’ll show you how to deploy Vault in EKS/K8s (there are some minor differences, but the workflow is very similar) and use DynamoDB as a backend, as well as how to inject secrets directly into a pod without using K8s Secrets (more details: Vault Agent Injector). And then I’ll tell you how to use it to inject secrets into the Gitla... Read More

#Kubernetes #Vault

Flexible CI/CD pipelines in GitLab. Version control and deployment in different environments using tags. 🏆 LEGENDARY

Mar 10, 2018 About 14 mins

The perfect pipeline is unattainable, that’s true. The fact is that you can use many steps for your pipeline, adding them as needed, it can include: Code security scanning Code Review / Approved Linters Code Coverage Unit tests Builds Scan packages Deploy Integration testing Performance testing (load/stress testing) Two... Read More

#Gitlab #CI #CD

Certbot on two servers with Round-Robin DNS 🏆 LEGENDARY

Jan 01, 2018 About 4 mins

You may need to run ACME HTTP-01 to verify the Certbot certificate. The nuance is that you cannot perform DNS-01, because, for example, the zone does not belong to you, you only serve the site, but at the same time this site is located on several servers. At the same time, his address is resolved by Roud-Robin DNS, for example, like this: nsl... Read More

#Linux #Certbot #SSL