cAdvisor has long been a favorite monitoring tool of mine. I’m using Docker Compose for local testing and have begun including a cAdvisor in my docker-compose.yaml files. cadvisor: restart: always image: google/cadvisor:${CADVISOR_VERSION} container_name: cadvisor # command: # - --prometheus_endpoint="/metrics" # Default volumes: - "/:/rootfs:ro" - "/var/run:/var/run:rw" - "/sys:/sys:ro" - "/var/snap/docker/current:/var/lib/docker:ro" #- "/var/lib/docker/:/var/lib/docker:ro" expose: - "8080" ports: - 8080:8080 I’d not realized until recently, that cAdvisor also surfaces a Prometheus metrics endpoint and so, if you do follow this path and you’re also using Prometheus, don’t forget to add cAdvisor to your Prometheus targets.

Google Cloud Platform Free Tier appears (please verify this for yourself) to provide the ability to run a(n admittedly miniscule) Kubernetes cluster for free. So, why do this? It provides a definitive Kubernetes (Engine) experience on Google Cloud Platform that you may use for learning and testing. Kubernetes Engine the master node(s) and the control plane are free. Kubernetes (i.e. Compute Engine) nodes potentially incur charges including for the VM runtime and any attached storage, snapshots etc.

Tweaked yesterday’s solution so that it will randomly select one from several hosts with which it’s configured. package proxy import ( "log" "math/rand" "net/http" "net/url" "os" "strings" "time" ) func robin() { hostsList := os.Getenv("PROXY_HOST") if hostsList == "" { log.Fatal("'PROXY_HOST' environment variable should contain comma-separated list of hosts") } // Comma-separated lists of hosts hosts := strings.Split(hostsList, ",") urls := make([]*url.URL, len(hosts)) for i, host := range hosts { var origin = Endpoint{ Host: host, Port: os.

I’m investigating the use of LetsEncrypt for gRPC services. I found this straightforward post by Scott Devoid and am going to try this approach. Before I can do that, I need to be able to publish services (make them Internet-accessible) and would like to try to continue to use GCP for free. Some time ago, I wrote about using the excellent Microk8s on GCP. Using an f1-micro, I’m hoping (!) to stay within the Compute Engine free tier.

The Go team is developing a Language Server Protocol [LSP] implementation) called gopls. Visual Studio Code (and others) support LSP. Other languages (e.g. Python have LSP implementations too). I’ve been using gopls for some time. It works (mostly) very well and replaces multiple, indepedent tools with two (gopls and delve). My Visual Studio Code settings that include gopls is: "go.autocompleteUnimportedPackages": true, "go.useLanguageServer": true, "[go]": { "editor.snippetSuggestions": "none", "editor.formatOnSave": true, "editor.codeActionsOnSave": { "source.

The goal of pypi-transparency is very similar to the underlying motivation for the Golang team’s Checksum Database (also built with Trillian). Even though, PyPi provides hashes of the content of packages it hosts, the developer must trust that PyPi’s data is consistent. One ambition with pypi-transparency is to provide a companion, tamperproof log of PyPi package files in order to provide a double-check of these hashes. It is important to understand what this does (and does not) provide.

Now that I’ve (p)retired from Google, I’m starting this blog and will no longer post stories to Medium. As I concluded my time at Google, I wrapped up work on a Trillian prototype. As it remains Google’s IP, I’m not permitted to discuss it here. I’ve begun work on another Trillian prototype for Python package transparency, informally pypi-transparency.