14 Dec 2024
Hi all, this time we wanted to make a post on a sample platform we have been building over in our project
github.com/seafoodfry/bluesky-platform.
Here we designed a thing for us to do some R&D, development, and to run some apps.
This platform is built from an EKS cluster that can only be accessed through an IP allow list,
and that maps RBAC permissions directly to IAM roles - getting rid of the aws-auth configmap.
Along with that, the EKS cluster has a single managed node group where Flux
bootstraps karpenter for node management.
This way we can have all workloads managed by Flux with GitOps - simplifying the delivery part of CICD -
and we can have karpenter to scale our cluster quickly and in the most economic manner.
The complete code is available in
github.com/seafoodfry/bluesky-platform/infra.
There is also a design document at
github.com/seafoodfry/bluesky-platform/docs/designs/001-eks
that explains our thinking process and technical decisions in depth.
We also documented how we are using the platform over at
github.com/seafoodfry/bluesky-platform/infra.
It outlines how we create and destroy everything needed for this platform.
It also includes example Cloudwatch Log Insight quereis, handy kubectl commands to debug Flux and Karpenter, and many other things.
21 Jun 2024
This post will builds upon
Setting Up an AWS Lab
in so much so that we assume you have a working IAM role that you can use to execute
AWS API calls.
We will use this foundation to outline a Terraform workspace to spin up GPU and non-GPU instances for graphics programming.
Our main motivation will be to build everything we need to work on
Introduction to 3D Game Programming with Direct3D 12.0
and on
https://learnopengl.com/.
27 May 2024
This post will cover how to set up a lab in AWS.
Why AWS? Because it is the platform with the most users, which means that it is more likely that
some of this will be applicable to other things you may do.
Why a lab? Because you may not want to buy multiple Windows, Mac, or Linux machines running amd64 or arm64 (and maintain them).
24 Apr 2022
Welcome back to another post.
This time, we’ll take a detour from OSX specific topics to talk about networking.
We want to make sure we understand the basics before we attempt to do anything fancy.
So here we’ll post some RFCs you should read, compile some resources that explain what the hell the output from
tools such as ifconfig and netstat actually mean, etc etc.
26 Feb 2022
Welcome back!
If you read through
Getting started with OSX
Then you already now that our first milestone is to gain some familiarity with
Apple’s EndpointSecurity framework.
To use the ES framework, you would either need to
- Disable System Integrity Protection (SIP)
- Only do this on a VM!
- Have an com.apple.developer.endpoint-security.client entitlement
The rest of this post will cover what entitlements are, what they are for, and how to get one.
Moreover, we will write a “hello-world” app using the EndpointSecurity framework.
After this, we will be set to begin writing apps that make use of the ES framework.
19 Feb 2022
Welcome! :waves:
If you are here, then like me, you want to dive into the world of OSX and learn all about how to defend Apple computers from malware.
We all use them, and many tech-related companies seem to use them even more.
Hence, knowing how to defend a Mac is a good investment of our time.
I got a couple assumptions here that I want to share with you
- In order to know how to defend a Mac, we have to know how to attack a Mac
- In order to become adept in attacking and defending Apple devices, we have to understand how these are designed and how non-malicious applications are built
Thus, our first step will be to answer: how do I learn how to build Apple-specific software?
Here, you ought to know that the main technologies we can learn are Swift and objective C.
And because objective-C is easier to work with (you can easily build objective C bindings in almost any language), we’ll begin by learning it!