But really any kind of reconciler, e.g. flux or argo with helm works very well. Helm is only used as a templating tool, i.e. helm template is the only thing allowed. It works very well and I've ran production systems for years without major issues.
I dont really understand how people have so much trouble with Helm, granted yaml whitespace + go templating is sometimes awful, it is the least bad tool out there that I have tried and once you learn the arcane ways of {{- its mostly a non-issue.
I would recommend writing your own charts for the most part and using external charts when they are simple, or well proven. Most applications you want to run arent that complicated, they are mostly a collection of environment variables, config files, and arguments.
If I could wish for a replacement of helm, it would be helm template with the chart implemented in a typed language, e.g. TypeScript, instead of go template but backwards compatible with go template.
Ok, I think I found the perfect solution, In the readme I added near open-source "(almost)" with a link to the libraries and models section when I explained clearer what components are open-source, closed-source, and cc-by-nc.
it's the closest, but it's a very broad and not so well known term, maybe defining my app open source is not technically a perfect term, but it's the clearest in describing it (considering that in the libraries and models section I specified which are open-source and which are not, Ml-Kit, used to recognize the language, for example is closed source), if a developer doesn't see the open source writing anywhere he will only get confused in understanding what the license of my app is. However, based on your feedback I added the specification (in the "libraries and models" section) that NLLB has a non-commercial license.
Instead of "almost", maybe "Open Source Code (and free for non-commercial use due to model licencing)" since your contributions are free as in freedom,and that is amazing!
Thank you for building this, I have been using a web interface connected to a local server for inference but the latency was about 1 second, too much for my taste!
I think it is too long for the preface, but I will better specify that my code is open source in the libraries and models section, thank you for the suggestion and the appreciation!
Sure it does, I ran kube-vip[1](but there are many others, e.g. metallb) as my cloud controller, all it needs are valid static IPs/range/dhcp and it will assign these to LoadBalancer services(which you usually only need one of for your ingress) and it will either ARP or use BGP to route external traffic.
As for DNS records, external-dns[2] works perfectly as long as your DNS as some way to doing automatic updates.
The problem with kube-vip is that it has poor documentation. I have read it many times and still don't know how I could use it.
Last time I was running something assigning IP addresses to the dedicated server interface I got it null routed and provider threatened to terminate the service because it was interfering with other clients network.
So if I see things like ARP, BGP, DHCP it is not clear what exactly it does on the network and how that would work in the real world.
I am missing an example where I have a server with a static IP from which I want to access the exposed services that are on a private network.
All I really want is an automatically configured reverse proxy that will direct traffic to appropriate services and take care of certificates and DNS.
Before the Kubernetes I used Rancher 1.6 and that was super simple. For instance I would start a wordpress container and then all I needed to do was to add a reverse proxy entry with its hostname as a backend and point where the certificates are (that was before lets encrypt).
Closest I could get was exposing a NodePort and having nginx to reverse proxy to the nodes at given port, but that seems more complex / fragile, as I need o keep track which service uses which port and it is still manual, so I might as well just use containers without Kubernetes.
Ah thanks! "Lazy pulling" is what I was looking for. I was trying to find estargz (didn't remember the name) and I couldn't find a proper keyword to do it :P :D
I am a fan of using renovate, and with docker images in particular since I can define my remote as
FROM mcr.microsoft.com/dotnet/sdk:6.0@sha256:15c22c170650b8db2f6250547a2dc5341978b0647c6b21ef67768e628de614f3 AS build
and have renovate automatically merge digest updates, the sha256 hash, while having manually(or automatic) PRs for the tag target.
So a when upstream updates their tag I get a PR(which is automerged) that looks like so, this allows me to know when upstream has changed while still being able to target a broader version range, 6.0 in this case
- FROM mcr.microsoft.com/dotnet/sdk:6.0@sha256:15c22c170650b8db2f6250547a2dc5341978b0647c6b21ef67768e628de614f3 AS build
+ FROM mcr.microsoft.com/dotnet/sdk:6.0@sha256:70b890cd12f73f8ad80061d242081b61da666bda7ec2d729113855a8b9410e1e AS build
The easier solution rather than managing your own OCI registry is likely to just pin the digest and have dependency update automation e.g. renovate update the digest while targeting a tag.
For example
FROM mcr.microsoft.com/dotnet/sdk:6.0@sha256:70b890cd12f73f8ad80061d242081b61da666bda7ec2d729113855a8b9410e1e AS build
Where the tag is used by humans for targeting a tag while the digest locks it to a certain image version
This repository enables the use of a container runtime, containerd, to manage Firecracker microVMs. Like traditional containers, Firecracker microVMs offer fast start-up and shut-down and minimal overhead. Unlike traditional containers, however, they can provide an additional layer of isolation via the KVM hypervisor.
But really any kind of reconciler, e.g. flux or argo with helm works very well. Helm is only used as a templating tool, i.e. helm template is the only thing allowed. It works very well and I've ran production systems for years without major issues.
I dont really understand how people have so much trouble with Helm, granted yaml whitespace + go templating is sometimes awful, it is the least bad tool out there that I have tried and once you learn the arcane ways of {{- its mostly a non-issue.
I would recommend writing your own charts for the most part and using external charts when they are simple, or well proven. Most applications you want to run arent that complicated, they are mostly a collection of environment variables, config files, and arguments.
If I could wish for a replacement of helm, it would be helm template with the chart implemented in a typed language, e.g. TypeScript, instead of go template but backwards compatible with go template.