I recently had to configure Hashicorps Vault to be integrated with our SSO provider Keycloak using Openid-Connect.


  • Vault is running at the URL: https://vault.example.com
  • You need an admin login or be able to administer a Keycloak realm
  • Keycloak is running at…

In this post I’d like to explain my view of the inventory/classes and inventory/targets and give a few examples.

If you need a little introduction you can read my previous post “Kapitan — rise and shine” and you can also follow along with the whole Kapitan blog.

With this post…

I searched for a new tool. Which we can use to ease our Kubernetes configuration management. Here is why I will use Kapitan over Helm, Kustomize or Pulumi.

Why Kapitan?

I searched for a new tool. Which we can use to ease our Kubernetes configuration management. Therefore I personally tested Helm, Kustomize…

I try to help you here with kustomize issues I had and how got along with them. You can follow for more updates in near future

by https://ordina-jworks.github.io/

Basic Preparations

$ brew install kustomize
$ mkdir -p myrepo/base myrepo/sonarqube/
$ cd myrepo
$ kustomize init

Case 1: Preparation

Replace your ingress hostname with kustomize configMapGenerator +…

I recently tried to create an aditional user in my Kubernetes Cluster. Therefore I searched for hours to find nothing.

With this post I’d like to help you find the solution quicker .

First of, there are no “User” like in LDAP or Active Directory in Kubernetes (K8s). This is…

In this post I try to help you to get along with certain harbor issues.

Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity…

In the following article I try to describe all configurations which I came a long when creating and destroying ROOK.IO with CEPH.

Image from sakuragawa.moe

As my company moves on from simple docker-compose especially for internal services like DNS, LDAP, RADIUS etc. …

I tried to setup k3s on alpinelinux, this is what I came up with..

Photo by Kevin Horvat on Unsplash

Explanation section

Experienced Users can skip ahead to Prepare alpine Linux

What is Alpine Linux?

I’m working on a new dev solution where I came accross required persistent volumes with nfs. This is how I solved it.


  • Kubernetes-SingleNode or Cluster


pic by sysadmins.co.za

Installing NFS (if not yet installed):

apt install nfs-kernel-server nfs-common

Edit the defaults/nfs-common to enable the kubernetes provisioner to remote-lock files:

vim /etc/default/nfs-common

NOTE: this is WIP

Terraform provider VMware

Get Informations

Get your hosts resourcepool ID by selecting the host(s)

variable "hosts" {
default = [
data "vsphere_resource_pool" "resource_pool" {
count = length(var.hosts)
name = "${data.vsphere_host.hosts.*.name[count.index]}/Resources"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
output "resourcepool_by_hosts" {
value = data.vsphere_resource_pool.resource_pool

Get your hosts resourcepool ID…

D. Heinrich

Working as a IT-Operations engineer at NeXenio, a spin-off by Hasso-Plattner-Institute for products around a digitial workspace.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store