Cloud-native Developer


You might have various kinds of resources in the AWS account, such as EC2, S3, RDS, DocumentDB, etc and you always don’t want to expose public accesses for them, so how would you or developers access to them securely?

The Bastion server is a common solution which is like a recipient or front desk of your private resources in AWS. It makes sure the visitor is authorized or authenticated to access the office or the people inside the building.

A bastion host is a server whose purpose is to provide access to a private network from an external network, such as the Internet. …

Image for post
Image for post


Kubernetes Patterns, like Design Patterns, abstracts Kubernetes primitives into some repeatable solutions to solving problems. Here is the previous post for an introduction of Kubernetes Patterns in details.


Kubernetes Patterns: 0. Introduction

What is Predictable Demands Pattern?

Predictable Demands pattern is about how the application requirements should be declared.

The requirement for a container running in Kubernetes are mostly including runtime dependencies (like file storage) and resource profiles (CPU, Memory, etc).

Runtime Dependencies

File storage is one of the typical runtime dependencies of applications for saving states. …

Image for post
Image for post
Photo by AltumCode on Unsplash


I browsed lots of online resources and instructions to setup Kuberhealthy with Prometheus and Grafana together on a local Kubernetes environment like Minikube, but unfortunately, none of them works for me.

Most of the instructions and articles listed installation steps for each of them but seldom showed the steps for:

  • How to connect Kuberhealthy and Prometheus? That means how to configure Kuberhealthy service to send metrics to Prometheus service successfully.
  • How to configure Grafana dashboard to display the Kuberhealthy metrics collected by Prometheus.

There are some extra steps needed for most cases after you installed them and this post would show you how to make them work together. …

This article introduces a network issue I met when I was using Minikube as a developing environment for running and testing Kuberhealthy locally and how I did troubleshooting about it.

The phenomenon is the Pod running a KHCheck (a customized resource in Kuberhealthy, like a probe, running tests and reporting results back to Kuberhealthy service) was unable to send the result back to the Kuberhealthy service in the same namespace of a Kubernetes cluster on Minikube. The details are illustrated in the section of Issue below.

Before starting, I just clarify my environment first:

OS: macOS Catalina version 10.15.7
Minikube: v1.16.0 on Darwin 10.15.7
Kubernetes: v1.20. …

This article is talking about the book of Kubernetes Patterns, Reuseable Elements for Designing Cloud-Native Applications by Bilgin Ibryam & Roland Huß.

Kubernetes Patterns: Reusable Elements for Designing Cloud-Native Applications
Kubernetes Patterns: Reusable Elements for Designing Cloud-Native Applications

As a developer with cloud-native applications, I can’t wait for sharing my ideas about this book. Like the book of Design Patterns: Elements of Reusable Object-Oriented Software by the Gang of Four, this book introduces some common use cases, best practices and principles for Kubernetes. No matter what kind of Kubernetes you are working on, managed (by cloud platforms, eg: AWS, GCP, etc.) or on-premise, it could be definitely helpful.

I would try to summarize the points I learned or found interesting or important and also add my corresponding experiences. It really covers lots of scenarios in the work you might meet so I highly recommend this book if you are working or will work with Kubernetes. …

Image for post
Image for post


Dockerfile is the basic concept for building Docker images. It is better to understand it if you want to dig into Docker image building scenarios a bit more deeply.

Dockerfile is a text file that contains a list of commands (instructions), which describes how a Docker image is built based on them. The command docker build tells Docker to build the image by following the content (instructions) inside the Dockerfile.

Structure and Format

Dockerfile starts with a FROM command which indicates the base image. The subsequent commands in the Docker file are executed on the base image which must be a valid image.

Here is the…

Image for post
Image for post


When I tried something with Docker volume, I wanted to check the volume contents from the host file system. Here is the command I used to create the container with a data volume specified:

docker container run -it --name mycntnr -v /mydata ubuntu:latest /bin/bash

Then, I also created 3 empty file in the volume /mydata:

touch a b c

However, I followed the instruction to check the volume from the Docker host system (my Mac OS) with the following command:

sudo screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty

It returned me a message of “Operation not permitted” and then quitted from the screen. …

I installed an Ubuntu OS on VirtualBox in my MacOS which is a minimal server version. So I decide to connect to it via SSH with my terminal instead of the VM console.

Here is what I did:

1. Setup SSH server on the Ubuntu VM

1.1 Install SSH server

sudo apt-get install openssh-server

1.2 Enable the SSH service

sudo systemctl enable ssh

1.3 Start the SSH service

sudo systemctl start ssh

1.4 Verify the SSH connection locally

ssh user_name@localhost

It should be able to connect itself via SSH connection if everything is correct.

2. Setup VirtualBox

2.1 Power off the Ubuntu VM.

Image for post
Image for post

2.2 Setup port forwarding in the VM Network settings.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store