Extending my Security System with a Raspberry Pi Network Bridge

It doesn’t happen a lot, but every so often I come across a device that isn’t wi-fi supported. This latest case was my security system. On one hand, I like that my cameras aren’t taking up bandwidth on my home network and that the system is largely a closed loop. On the other, not having access to my security system without having it tethered into the router is a bit of a pain. For one, my home networking setup isn’t that elegant (yet). Second, the last thing I want to do is have more stuff out in the open, co-located with my router. So I decided to get a little creative. Sure, I could’ve bought a wi-fi adapter, but where’s the fun in that. On top of that, I had some other reasons:

  1. I didn’t want to spend money on an adapter for this system. Even though they aren’t that expensive, I would likely need to wait for one to come in which would probably happen after I left for my trip.
  2. Eventually, I want to do some real-time video processing and having a device closer to the box is promising. This would let me process data straight from the box rather than needing to transmit all that information over wi-fi to another machine.
  3. Finally, I already have more than a dozen pis around. For the first version of this, I wound up using a 3b+. I would likely upgrade this later on when I add the real-time processing.

Today, I show how I set up and configured a Raspberry Pi to act as a WAN client for a connected device.

Exploring Redis High Availability

Recently, I’ve found myself using Redis for more of the projects that I work on. Redis can be used in a variety of ways. It provides functionality for queueing, set operations, bitmaps, streams, and so much more. Yet, most of my experience with Redis has been as a best-effort cache. Since it’s become a staple in my development, I figured it would be good to brush up on its operations.

In this post, I dive into the variety of ways Redis can be deployed. I’ll cover the benefits, tradeoffs, and even some uses for each deployment. Finally, I’ll describe the deployment that I recently put together.

Renovate your GitOps

Every engineering organization struggles to stay up to date with the latest versions of applications they run. When an organization deploys an open source project, their versions start to drift from day one. The longer a project runs without an update, the more likely it is to contain a vulnerability. To help applications stay on top of library versions, the project Renovate was developed. Renovate works by parsing manifest files (like package.json and go.mod) and checking for newer versions of libraries. When Renovate discovers an update, it submits a pull request with the newer version to the project.

Recently, I noticed Renovate submit pull requests for dependencies in my Helm v3 charts. This gave me an idea. What if Renovate could automatically manage something like a GitOps repository? This means organizations would no longer need to tediously query for newer versions of applications. Instead, they’d automatically receive a pull request when an update becomes available. In this blog post, I demonstrate how to set this up for an ArgoCD GitOps repository.

Pronoun Practice

Historically, my blog has largely been focused on technology. This was because of where I was in my career. And yet, my career doesn’t solely reside in tech. As a transgender individual, I frequently need to correct peoples use of my and other peoples pronouns. Whenever a transgender person needs to correct someone, we pay an emotional tax. While it might seem small at first, you need to consider that individuals full experience. In this post, I share techniques I found effective at getting better with pronouns.

Running a Service Mesh on Raspberry Pis

Many people have asked how to support deploying service mesh to Raspberry Pis. It wasn’t until September that this started to be possible. Linkerd recently released support for arm64, but has had support for it in edge versions since August. Many envoy based service mesh have been blocked by support for an arm-compatible envoy image.

Consul is a powerful service discovery and configuration management tool from Hashicorp. It has a long history of supporting a variety of execution platforms, operating systems, and architectures. In 1.2, Hashicorp introduced Consul Connect, an envoy based service mesh integration. This allows Consul to control and direct clients in the service mesh data plane.

In this post, I’ll demonstrate how to deploy Consul to support a service mesh on Raspberry Pis.

Adventures in Path Based Routing

Path based routing can be an extremely useful feature. It enables you to serve a single page app and an API on the same domain. This can often be helpful when starting a project, but don’t want to handle things like cross-origin resource sharing. In a recent project, I wanted to split traffic between a static site hosted on GitHub (or S3) and an API running in the cluster. In this post, I’ll demonstrate some less common approaches to path based routing using Kubernetes resources.

Docker Registry Setup

DockerHub’s impending download rate limit presents an interesting challenge for some. From hobbyists to open core ecosystems, projects are trying to find ways insulate their users. For my projects, I chose to deploy a simple registry mirror. One nice thing about this project is that the system is largely stateless (and cheap to run). The docker-registry and docker-auth projects are horizontally scalable. The only stateful system you really need to manage is a cache (which isn’t mission critical). While Harbor was appealing, it had a lot more overhead than what I needed. In this post, I’ll walk you through my deployment.

Local Ingress Domains for your Kind Cluster

Tools like minikube and kind make it easy to get a kubernetes cluster up and running locally. Unfortunately these tools are limited in their capabilities, namely a lack of load balancer support. As a result, the community developed solutions like kubefwd and minikube tunnel to expose services. While this approach works, keeping a dedicated terminal open during development can be tedeous. In this post, I show how to set up an ingress controller in a kind cluster and pair it with a private, locally addressable domain.

Show us Your Setup!

Indeed had an internal blog series called “Show us Your Setup.” It was a great way to get an idea of others workspaces, the equipment they use, and software they run. Recently, I had noticed a few folks doing a walk through of their equipment. In this post, I will show and walk through my setup. I’ll discuss the things I like, and the things I don’t.

Learning Jsonnet

Jsonnet is a powerful data templating language. It extends JSON with variables, conditionals, functions, imports and more. As an engineer who never touched the technology before, I often struggled to understand it. In this post, I share my experience learning Jsonnet and my thoughts behind developing a starter.