Author Archives: erik

Kubernetes Network Policy Tester

As mentioned in my previous post I would follow up with a tool for testing network policies. This tool is finally here and is available on github. It is written in python an available through install on PyPi.

Posted in Devops/Linux | Leave a comment

Securing network communication on kubernetes using network policies

An often overlooked topic in kubernetes is network security. This is probably caused by the fact that perople just assume it is secure by default because it is new, and because of the Service concept. The standard way to expose … Continue reading

Posted in Devops/Linux | Leave a comment

Basic kubernetes infrastructure: RPM and container repo

As part of migrating all the stuff I have from virtual machines to a kubernetes infrastructure, some important pieces of infrastructure are needed. These are: RPM repository: I use custom RPM repositories for setting up virtual machines. These same RPMs … Continue reading

Posted in Devops/Linux | Leave a comment

Automatic certificate renewal with Let’s Encrypt and DnsMadeEasy on Kubernetes

These days, it is ill-advised to run a website (such as this one), over HTTP, even if there is no security risk at all. When hosting your website on HTTP, users will see a warning triangle in the address bar … Continue reading

Posted in Devops/Linux | Leave a comment

Hosting services on Google Kubernetes Engine

This post explains how to host services on Google Compute Engine, parts of this are applicable to regular (non-GKE) Kubernetes clusters as well. This post will cover: allowing multiple services to be deployed in different namespaces allowing multiple (sub)domains to … Continue reading

Posted in Devops/Linux | Leave a comment

Optimal payment scheme for a Dutch Bank Savings Mortgage, using a Mixed Integer Linear Program

There is a special type of mortgage in the Netherlands (Bank Savings Mortgage or bankspaarhypotheek in Dutch), which I presume, does not exist anywhere else in the world. The construct is that you have a mortgage on your house for … Continue reading

Posted in Data Science | Leave a comment

Setting up up a deep learning box

After doing a number of courses on machine learning I now have some overview of what is available and how it all works. So now it is getting time to start doing some work from start to finish myself. To … Continue reading

Posted in Data Science, Devops/Linux, Fun, Software | Leave a comment

Why finalizers are really bad

It is more or less common knowledge that using finalize functions in java is bad. For one, you are depending on garbage collection for cleanup and there is no guarantee when the finalizer will be called. Further there is also … Continue reading

Posted in Java | Leave a comment

Encrypting an existing Centos install (2)

In a previous post, I described how to encrypt an existing Centos install that approach was based on find out how LUKS worked and then creating a storage logical volume that was encrypted with then logical volumes on top of … Continue reading

Posted in Devops/Linux | Leave a comment

Encrypting an existing Centos install

Edit: Meanwhile I have found a better way to migrate an existing centos unencrypted install to a fully encrypted install with /boot as the only unencrypted disk space. This solution is much preferred over the one described in this post. … Continue reading

Posted in Devops/Linux, Java, Software | 1 Comment