Tim Birkett

I've thought about deploying OPA Gatekeeper and scribing up some rego, but I'd like to extend k-rail where it makes sense to do so and contribute back to the community...

I think it's a classic async distributed system design problem... possibly, the imagepullsecret-patcher could deploy an admission controller to patch newly created service accounts? 🤔

You could try setting `CONFIG_LOOP_DURATION` to a lower value, the default is 10 seconds which is clearly going to miss a / pod creation which is probably milliseconds. Maybe the...

The ENI data file was generated with: ```python import requests import json from bs4 import BeautifulSoup table_id = 'w297aac21c13c15b5' response = requests.get("https://docs.aws.amazon.com/AWSEC2/latest" "/UserGuide/using-eni.html#AvailableIpPerENI") parsed_html = BeautifulSoup(response.text, features="html.parser") table = parsed_html.find('table',...

@galindro @mogren - Thanks I'll take a look at sorting this out soon :) @mogren - is the generator code in: https://github.com/aws/amazon-vpc-cni-k8s/pull/1035/files used by anything else or just to produce...

I was seeing this error. In my case, a developer had manually created VPC endpoints for a few services, including STS, resulting in traffic to the services being blackholed. So...

@thorro - are you using any other flags or features? Currently, I'm using `ASG_NAMES` and seeing this issue. I'm also using: `EXCLUDE_NODE_LABEL_KEYS` and label couple of nodes before running `eks-rolling-update`....

Noticed the problem with this is caused by: `if len(nodes) != desired_node_count:` - it should probably be:`if len(nodes) < desired_node_count:`

I have some library functions in `helm.groovy` and `aws.groovy` under `vars/`(nothing under `src/`) in my pipeline library, and using the gradle Jacoco plugin, this seemed to work for me (in...

Will look at adding tests to 📈 the tests soon.