Binding GCP Accounts to GKE Service Accounts with Terraform

Binding GCP Accounts to GKE Service Accounts with Terraform

Kubernetes uses Service Accounts to control who can access what within the cluster, but once a request leaves the cluster, it will use a default account. Normally this is the default Google Compute Engine account in GKE, and this has extremely high level access and could result in a lot of damage if your cluster is compromised.

In this article, I will be setting up a GKE cluster using a minimal access service account and enabling Workflow Identity.

Continue reading

Training in Quarantine – Day 179

Late out today — my phone wanted to upgrade so I attempted it (it was an upgrade from Android 9 to Android 10), and it didn’t work, and I ended up having to factory reset and install from scratch. I did have some Titanium Backup backups, but they didn’t seem to work a lot of the time :/

So for the most part, I just reinstalled all the apps I remember using and logged in. For most, that was fine. But I lost the MFA codes on Google Authenticator, meaning I had to remove and setup:

  • AWS
  • LastPass
  • WordPress
  • GitLab

all over again

AWS was quick and painless after a security check to confirm I was who I said I was and they called me on the number on the account.

WordPress was painless too — I was already logged in, so just removed MFA and set it up again, then logged in again. Similarly with LastPass

GitLab however, is proving to be more of a pain. They no longer accept MFA removal requests for people on the Free plan. So I wonder if they will accept me going to a subscription model so I _can_ then request the MFA removal. I think it is better anyway, since I’m hitting the 400 minute CI limit pretty regularly. The 2000 minute CI limit would be better. At least until I can get my own GitLab install working.

As for the run, yes, it was a run — well, more of a jog, anyway. Still did the 3km lap, doing it in 20 mins rather than the 30 mins it normally takes me when I walk it.

Google to buy FitBit

Well, this is a bit of a surprise, but not too much a surprise.

Regular readers will know I’m a FitBit user and have been for a few years.

You’ll also know that I’m an Android user, and Linux user.

So I just read this article, about Google acquiring FitBit. I’m curious to see how they incorporate FitBit and whether improve it or destroy it….

https://www.engadget.com/2019/11/01/google-buys-fitbit/

And a Press Release has just been found in my inbox:

https://investor.fitbit.com/press/press-releases/press-release-details/2019/Fitbit-to-Be-Acquired-by-Google/default.aspx

Google’s Catch-22

Not often I post on problems at Google, but this is actually an interesting situation.

https://arstechnica.com/?p=1518703

Google had an outage the other week, and it knocked out several websites GitLab, Shopify and impacted others. Gsuite, Gmail, YouTube were affected, but not down.

There are some interesting lines in this article:

for an entire afternoon and into the night, the Internet was stuck in a crippling ouroboros: Google couldn’t fix its cloud, because Google’s cloud was broken.

Google says its engineers were aware of the problem within two minutes. And yet! “Debugging the problem was significantly hampered by failure of tools competing over use of the now-congested network,”

In short, Google Cloud broke due to congestion, Google couldn’t fix the problem because their tools required using the network that was now congested

LPIC-1 Expiry and Google+

Well, it was due to happen eventually, but I got an email saying my LPIC-1 certification is going to expire in 9 months, and I never got to finish LPIC-2.

Well, maybe I’ll redo it after I got my Kubernetes certifications

Finally while writing this post, I notice that WordPress is now removing Google+ support because Google are shutting it down. A pity really, since I did like Google+ and while it didn’t take off, a lot of the features were in G+ because general use, like Hangouts.

Google/HTC deal is official, Google to acquire part of HTC’s smartphone team | Ars Technica

So Google has officially hooked up with HTC. How do I feel about this? Rather ambivalent, actually. On one side Google is already using their phones (Pixel), but HTC did roll over to Apple a long time ago without standing up to their bullying tactics – something that made me ditch HTC in favour of Samsung (and, tbh, I’m glad I did). However, this link up means Google gets a dedicated team to work on their phones. Whether this means they’ll become a decent competitor to the other devices, remains to be seen.

Source: Google/HTC deal is official, Google to acquire part of HTC’s smartphone team | Ars Technica

Google Chrome : Hatsune Miku (初音ミク) – YouTube

This is an old advert by Google Chrome featuring Hatsune Miku, the Vocaloid virtual singer, following in the same line as Honda’s series of adverts featuring her too. Selling the idea that Miku is a virtual singer, but you can be anything else — Musician, Producer, Composer, etc.
 
(Only found out by some Tweets)
Hatsune Miku, Virtual Singer
Everyone, Creator
 

Remains of the Day: Google Chrome Drops Support for Windows XP

With the roll out of a new version of Chrome, Google is saying goodbye to a few old favorites. Maybe “favorites” isn’t the right word. The browser will no longer be updated to support Windows XP, Vista, and OS X 10.8. Goodnight, sweet Vista, and your glossy menus.

RIP XP. Finally. Although I say finally, but I’m pretty sure some places are still using XP because they can’t/won’t recode applications to support Windows 2000

Source: Remains of the Day: Google Chrome Drops Support for Windows XP

<span>%d</span> bloggers like this: