software

Rust, open source, cloud tech, kubernetes

roleplaying

dungeon mastering, universe, ideas, homebrew

gaming

solutions, theorycrafting, minmaxing, speedrunning

music

classical, piano, violin

life

tab accidentally left blank

misc

photography, harware, cooking, offtopic

Antimagic and Force Cubes

A lesson from weakly typed magic items

In 2018, we introduced the explosive Cube of Force into our home campaign. We really did not expect it to cause us/me that much grief at the time, but despite long canonicalisation meetings, our interpretation was not even internally consistent.

At the time we dealt with this by nerfing Cube down into the ground gradually rolling out alternatives, but it’s time we dug into the concept of D&D antimagic properly.

[Read More]

Foaming Campaign Brain

Exploring second brain alternatives for campaign tracking

After 2 years of running a D&D campaign almost every week, my note taking setup reached several breaking points. If you’re using OneNote or another online managed system for tracking notes/cities/npcs/pcs/events, but know how to use programmers tools like git and code; boy are there a world of advantages available to you.

This is a story of my original note talking setup, a comparison between newer technologies, and how I am back to writing markdown in a folder.

[Read More]

A generic kubernetes client

Shaving a yak for a client-rust

It’s been about a month since we released kube, a new rust client library for kubernetes. We covered the initial release, but it was full of naive optimism and uncertainty. Would the generic setup work with native objects? How far would it extend? Non-standard objects? Patch handling? Event handling? Surely, it’d be a fools errand to write an entire client library?

With the last 0.10.0 release, it’s now clear that the generic setup extends quite far. Unfortunately, this yak is hairy, even by yak standards.

[Read More]

Kubernetes operators in rust

Writing light weight cloud services without go

When interacting with kubernetes it’s generally been standard practice to use either client-go via go, or kubectl via shell.

While these are good, non-controversial choices, the advancement of client libraries, and smarter openapi bindings, combined with the generics and procedural macros of rust-lang, it’s now quite possible to write fully fledged kube operators, using slim rust kube clients.

[Read More]

Impersonating kube service accounts

Bypassing complicated kubernetes identity providers

Authenticating with large kubernetes clusters often risks you dealing with complicated provider logic and sometimes policies outside your control.

While controllers and operators authenticate with service accounts directly, this is only true inside the cluster. That is, unless you can impersonate the service account from outside.

[Read More]

Config management in rust

Building a secure yaml api for kubernetes

At babylon health we have a ton of microservices running on kubernetes that are, in turn, controlled by hundreds of thousands of lines of autogenerated yaml.

So for our own sanity, we built shipcat - a standardisation tool (powered by rust-lang and serde) to control the declarative format and lifecycle of every microservice.

[Read More]