Niklas Gergs - things involving cloud and go
Home
Using Golang channel pattern in Rust
Secure file/network access via landlock
Go pattern for intermediate users
Kubernetes Ingress Controller
Kubernetes Admission Controller
Websrv - minimal golang webserver
Kustomize for helm output patching
Kustomize and helm input merging
Chrome gzip compatibility issue
Budget Kubernetes @ GCP
Angular CSP setup
Nginx - 100% ssllabs score

I am Niklas Gergs, a developer with a passion for the cloud and infrastructure as code. Furthermore, remote working culture as well agile development are more social aspects of developing software that do interest me. This little website will be build step by step -- whenever I have some spare time and stumble upon something interesting and worthwhile sharing.

Technology

Areas in which I am currently interested are:

  • Kubernetes, especially developing controllers.
  • Go, a very nice statically typed language for cli and cloud service development.
  • Infrastructure as code via Terraform.
  • Google cloud platform and its various features.
Profile picture Niklas Gergs
Using Golang channel pattern in Rust
A comparison of async mechanism in Rust and Goland
Secure file and network access via landlock
Introduction into the linux kernel landlock feature and how to use it in golang.
Go pattern for intermediate users
Some go pattern and best practices intermediate users might find helpful.
Kubernetes Ingress Controller
Recap of building a simple ingress controller. Here I want to summarize the relevant tasks of an ingress controller and why it is needed in Kubernetes.
Kubernetes Admission Controller
Updated due to the go v1.18 release with generics support. You can find in my GitHub a Kubernetes Admission Controller Toolkit which I recently put together when experimenting with them. The technical documentation can be found in the GitHub Readme, so I will not double it here, but instead just briefly describe what this is about.
Websrv - minimal golang webserver
A small webserver with the purpose of serving static websites. This is just a toy experiment which resulted from playing around with golang.
Kustomize for helm output patching
An exemplary use case for this is that a Helm chart used produces some Secrets from input values, but it is preferred to have these secrets in a Secret Manager and just reference them using External Secrets.
Kustomize and helm input merging
When combining helm and kustomize it is a likely scenario that one has the need to reproduce Helms merge logic regarding multiple input files. This is useful to o e.g. separate basic settings from stage-dependent settings.
Chrome gzip compatibility issue
Just a little issue I recently stumbled upon. Gzip can be stapled together. However, Chrome does not care and just unzips the first member.
Budget Kubernetes @ GCP
A brief summary how to setup a Kubernetes cluster at Google without having to use the quite pricey Google Cloud Load Balancer. This follows a blog post from David Griffiths how to setup a Kubernetes cluster at google while minimizing the cost. The relevant Terraform and Helm files can be found at GitHub.
Angular CSP setup
The Content Security Policy is a special HTTP security header that instructs the browser to limit the execution of e.g. JavaScript or CSS to well-known sources like the own host. This is a quick summary how to set this up with Angular.
Nginx - 100% ssllabs score
In this article I want to describe how to harden the nginx SSL security and what it needs to get a 100% score at ssllabs. The scoring criteria are outlined by ssllabs official documentation.
Impressum / ImprintDatenschutzerklärung / Data protection