mitzen

I guess this can happen to any version of keda metric api metric server getting the error after upgrade/deployment.  grpc: addrConn.createTransport failed to connect to {Addr: "10.0.224.114:9666", ServerName: "keda-operator.keda.svc.cluster.local:9666", }. Err: connection error: desc = "transport: authentication handshake failed: read tcp 10.244.43.200:60114->10.0.224.114:9666: read: connection reset by peer" The solution, delete a secret call kedaorg-cert in the keda namespace and let keda re-generate by doing a deployment rollout for all keda pods.  Check if the certificate exist  kubectl get secrets -n keda Proceed to delete the certificate  kubectl delete secret kedaorg-certs -n keda Redeploy the instances kubectl rollout restart deployment keda-operator -n keda kubectl rollout restart deployment keda-operator-metrics-apiserver -n keda Right at the end you will see connection is established. 

In this setup, you create a role and then give it some permission. Then whenever a user would like to use it, they assume this role. Typically this can be done simply  aws sts assume-role --role-arn arn:aws:iam::my-aws-id:role/s3-power-user --role-session-name jeremy-session And you can test it out simply by running the following commands:- aws s3 ls s3://appjerwo-demo-test aws s3 cp test.txt s3://appjerwo-demo-test/  aws s3 cp s3://appjerwo-demo-test/test.txt .  A typical policy would look like this. The key here is Action: "sts:AssumeRole". {     " Version " : " 2012-10-17 " ,     " Statement " : [         {             " Effect " : " Allow " ,             " Principal " : {                 " AWS " : " arn:aws:iam::(my-aws-id):root "             },             " Action ...

When configuring AWS policy, it can gets tricky, as i am using this policy on my bucket  {     " Version " : " 2012-10-17 " ,     " Statement " : [         {             " Principal " : {                 " AWS " : " arn:aws:iam::(masked-not-actual):user/jeremydev "             },             " Effect " : " Allow " ,             " Action " : [                 " s3:GetObject " ,                 " s3:PutObject " ,                 " s3:* "             ],             " Resource " : " arn:aws:s3:::appjerwo-demo-test "             ]         }     ] }...

To get started with coredns, we can edit config map in kube-system.  kubectl edit cm/coredns -n kube-system And then we are going to add the following  apiVersion : v1 data :   Corefile : | 2     hello.test:53 {       errors       log       hosts {         10.0.0.42 hello.test       }       reload     }     .:53 {         errors         health {            lameduck 5s         }         ready         kubernetes cluster.local in-addr.arpa ip6.arpa {            pods insecure            fallthrough in-addr.arpa ip6.arpa            ttl 30         }         prometheus :9153       ...

i find myself keep on running into this task here. So figure i keep it handly and just copy and paste.  kubectl run -i --tty --rm dns-test --image=gcr.io/kubernetes-e2e-test-images/dnsutils:1.3 --restart=Never -- sh

  A command that comes handy when trying to figure out resources tied to a specific subnet. az network vnet subnet show \   --resource-group MC_mytestvnet-rg_my-aks-pub-cluster_australiaeast \   --vnet-name aks-vnet-84320669 \   --name aks-apiserver-subnet \   --query "{Devices:ipConfigurations, Links:serviceAssociationLinks}"

  This is an easier and cheaper way to create your cluster for a free tier. ✌ az aks create --name my-aks-pub-cluster --resource-group mytestvnet-rg --location AustraliaEast --network-plugin azure --enable-apiserver-vnet-integration --generate-ssh-keys --tier free --node-count 1 --node-vm-size Standard_A2v2

 We can define rules of what can be deploy to a kubernetes cluster. This is an example of what we can do  apiVersion : argoproj.io/v1alpha1 kind : AppProject metadata :   name : engineering-team-alpha   namespace : argocd spec :   description : " Restricted project for Team Alpha development work "     # 1. Restrict which repositories apps in this project can pull from   sourceRepos :     - " https://github.com/my-org/alpha-apps.git "   # 2. Restrict where these apps can be deployed (Cluster & Namespace)   destinations :     - server : https://kubernetes.default.svc       namespace : alpha-dev     - server : https://kubernetes.default.svc       namespace : alpha-staging   # 3. Whitelist: Only allow specific Namespaced resources   # This blocks ClusterRoles, CustomResourceDefinitions, etc.   clusterResourceWhitelist : [] # Empty means NO cluster-scoped resource...

Argocd implementation is so much simpler compare to flux. All you need is to create an Application object and then configure the helm charts and where to get your value files.  Please also note under the Application -> Spec -> sources -> helm -> valueFiles - i included the path there too. No additional row. Done.  The only thing i need to do is create the keda namespace. apiVersion : argoproj.io/v1alpha1 kind : Application metadata :   name : keda-deployment   namespace : argocd spec :   project : default   destination :     server : https://kubernetes.default.svc     namespace : keda   sources :     # Source 1: The Helm Chart (e.g., KEDA)     - repoURL : https://kedacore.github.io/charts       chart : keda       targetRevision : 2.15.0   # Use the specific chart version       helm :         valueFiles :        ...

 To list history  argocd app history guestbook To rollback application  argocd app set guestbook --sync-policy manual argocd app rollback guestbook argocd app rollback guestbook <specific version>  Sync  argocd app sync guestbook Force sync  argocd app sync guestbook --force 

To fix this just run the following command  argocd login localhost:8080   

By default code initialization using Open API client, would uses OPEN API platform  https://platform.openai.com/account/api-keys.  To use Gemini, we have to initialize it using the following code to avoid issues. (otherwise it goes back to OPEN API endpoints instead of google AI endpoints (https://ai.google.dev) from autogen_agentchat . agents import AssistantAgent from autogen_agentchat . ui import Console from autogen_ext . models . openai import OpenAIChatCompletionClient import asyncio from autogen_core . models import ModelInfo from autogen_core . models import UserMessage # Run the agent and stream the messages to the console. async def main () -> None :     # model_client = OpenAIChatCompletionClient(     # model="gemini-1.5-flash-8b",     # api_key="AIzaSyAZPjwmY7e5Ti9NKHzjPjbYQpx1dmPwLI8",     # )     model_client = OpenAIChatCompletionClient (     model = " gemini-2.0-flash-lite " , ...