YAML — Build vs. Parse

In a previous post, I briefly covered how to use the AWS Cloud Development Kit (CDK) with Java, to build Amazon EKS clusters and associated AWS resources (VPC, Subnets, etc.), and deploy applications to the created cluster. In this post I will look at how CDK can handle Kubernetes YAML manifests.


Anyone that has worked with Kubernetes (a.k.a. k8s) has probably also worked with the YAML manifest files. The following example is a YAML manifest for creating a k8s namespace.

apiVersion: v1
kind: Namespace
name: read-only
owner: jimmy
env: dev
app: read-only


Hello, Java, my old friend, I’ve come to code with you again…

I started writing Java in 1997, with version 1.13. I was building Lotus Notes apps back then, and Java was easier to customize Notes than was the C API that we had been using. Over the next two decades I continued to work with Java and other technologies (enterprise web apps, Spring, containers, clouds, DevOps, etc.). However, the need and opportunity to continue Java development changed as my roles changed, and I was writing less and less Java as I got more and more into cloud-computing and Kubernetes.

AWS Cloud Development Kit

In 2020, I found Java again when I started using the AWS…

It’s been said that “Beauty is only skin-deep”. However, I think ugly comes from deeper inside us. And, for decades we have been quite ugly towards each other, based on the superficialities of our beliefs, our chosen affiliations, and even our skin-color. For goodness sakes, our skin-color? Something over which we have absolutely no control drives how we feel about others? This sort of ugliness takes effort. It’s a choice.

Our ugliness towards each other is our shared weakness. We own that, and it is not due to any single person or association, including a political party. It is also…

Over a decade ago I worked for a former Marine officer. He was a quiet, intelligent, and very capable leader, with a firm grasp of human nature. He didn’t subscribe to hyperbole; feelings were not facts. He was biased for action. His quiet and direct demeanor was off-putting, if not unnerving to some. I realized later that his style was refreshing and constructive.

I learned/relearned several things from my former boss. Some of those lessons are:

  • Don’t shy away from important decisions, especially when you know you are best positioned to make them.
  • Protect your team. Take responsibility for their…

As we migrate applications running in AWS to containers and Kubernetes we also need to accommodate each application’s AWS permissions, as supplied by roles. If the applications assume AWS IAM roles that allow them to perform AWS operations, these roles should still work inside Kubernetes running inside AWS. At issue is how we allow pods to assume needed roles for which they are authorized, while not permitting pods to assume roles for which they are not authorized.

When running Kubernetes in AWS we’re fortunate to be able to choose between two mature AWS role-assumption solutions: kiam and kube2iam. Both of…

All the prior week I was getting things ready on my 2011 FLHTP (Harley Davidson Electra Glide Police Model). I went over my bike, front to back, checking oil levels, tires, brakes, and fasteners and hardware; I did not want anything to interrupt my planned ride to “The Wall”. I also made sure that I had my cameras ready.

As I cruised up I-95 North, I started to see their silhouettes on the overpasses, around the Woodbridge exits. On the overpasses with pedestrian walkways and fences, they were holding American flags, and waving to every rider heading north. They were…

Are your applications container ready? (tl;dr)

Over the past several months, I have helped several teams move to containers, and I have gained some insight into what Container Application Readiness means. Container Application Readiness is made easier when applications are built with microservices architecture and Twelve-Factor App methodology, even if that means refactoring.

Container Native — Start with the end in mind

For applications, Container Native has been defined by Salil Deshpande as:

1. Software that treats the container as the first-class unit of infrastructure (as opposed to, for example, treating the physical machine or the virtual machine as the first-class unit).

2. Software that does not just “happen to work” in, on or around…

Addressing Common Concerns with Cloud Computing and DevOps

A move to the public cloud is done, in large part, to address the common concerns of “infrastructure provisioning” that are shared by all application teams. The cloud helps organizations greatly reduce the need for the “undifferentiated heavy lifting” — standing-up servers, networking, and security — needed just to deliver applications and features. Moving to containers and Kubernetes can be seen as the next evolution in allowing development teams to focus on their work, not on infrastructure.

Tackling these common needs is also a large part of a continued DevOps journey. In fact, DevOps is all about reducing variability and…

What Are ConfigMaps?

According to the docs, in Kubernetes, ConfigMap resources “allow you to decouple configuration artifacts from image content to keep containerized applications portable.” Used with Kubernetes pods, configmaps can be used to dynamically add or change files used by containers.

Use Case

As part of a Kubernetes installer our team wanted to deploy a lightweight file server to the Kubernetes cluster to handle default (root-path) ingress requests. And, we thought it would be nice if we could edit the index.html and CSS files without having to redeploy the application.

To solve this use case, we decided to build a Golang application that would…

Using Linux Tools to Parse and Manipulate JSON Transformed with gron

As a polyglot programmer I strive to always employ the simplest approach and the best tools for the job. I have parsed JSON in Java, Python, and Go, but I think too many times we ignore the UNIX/Linux tools such as sed, awk, cut, etc. Too many programmers write hulking data parsers that are just overkill. With gron transformations, I find it easier to utilize these strong UNIX/Linux text editing, manipulation, and filtering tools.

While jq is powerful at parsing known JSON structures, its major shortcoming is that it requires one to know the JSON structure being parsed. gron is…

Jimmy Ray

Cloud and Containerization SME

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store