Metrics? Were talking about metrics?

by EarpMoonWater, posted in Helm, kubernetes

View Code here for details w/this dope link:

Commands below:

$ kubectl create namespace metrics
$ helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/
$ helm repo update
$ helm upgrade --install metrics-server metrics-server/metrics-server \
  --namespace metrics \
  --set args={--kubelet-insecure-tls}

Shhh, its an AWS Secret..

by EarpMoonWater, posted in aws, terraform

View Code here for details w/this dope link:

Below is a summary of steps:

  • KMS key for Secrets Manager
  • Secrets created container & version
  • Data read secret version & depends_on block to ensure version creation first
  • DynamoDB Table
  • IAM Role, Policy, & Attachment
  • Locals created map for DynamoDB name & app for JSON decoding from secret version

AWS Medical Transcribe & Comprehend w/nibble of HIPAAhh!!

by EarpMoonWater, posted in aws, terraform, Ai/ML

View Code here for details w/this dope link:

https://github.com/earpjennings37/say_when/tree/main/Blog/AWS_Medical_Transcribe_Comprehend

Below are details into to use Terraform in creating a tool to upload a medical professional notes into AWS & summarize your notes auto-magically, w/the help of HIPPA the Hippo!

Contents of Tables:

  • General flow of steps
  • Step 1 – upload audio file w/nifty commands
  • Step 2- check your AWS console that the infra is ALIVVVVVE
  • Step 3 – run lambda.py script
  • Step 4 – confirm AWS Transcribe Medical & S3 bucket has goodiezzzz
  • Step 5.1 – AWS Comprehend Medical Create Job
  • Step 5.2 – AWS Comprehend Medical Real-Time Analysis
  • Step 6 – the sausage aka code

General Steps followed in my brain:

##############################################

##############################################

User uploads audio → S3

        ↓

Transcribe Medical job

        ↓

Transcript saved to S3

        ↓

Lambda calls Comprehend Medical

        ↓

Extracted entities saved to S3

Step 1 – Upload audio file w/commands you might need:

  • Record audio on phone or laptop, place in downloads or desired folder
sudo apt update
sudo apt install ffmpeg
ffmpeg -version
ffmpeg -i "S3-AWS-Medical.m4a" -ar 16000 -ac 1 S3-AWS-Medical.wav
terraform init
terraform fmt
terraform validate
terraform plan
terraform apply
aws s3 cp S3-AWS-Medical.wav s3://your-input-bucket-name/

Step 2 – Check various AWS locations (s3, lambdas, roles, etc):

  • Check various AWS locations where you should see code – s3, lambda, iam policy/roles, transcribe, etc.
  • You should see 3 new buckets
    • audio-input
    • medical-output
      • job.json
    • results-bucket

Step 3 – Run Lambda.py script:

python3 transcribe.py
  • This recording will consist of Discussing multiple topics that have to do with some form of AWS transform, comprehend. Terraform S3. Lambda To better understand what is the most efficient way. To actually Make an individual health professional’s job easier so that they can listen to their patients. Do an audio recording. Depending the Situation, the details. The diagnosis. The meds The recommendations they should be on. At which point they can then use the AWS. Comprehend To take that transcribe. Audio recording. From speech to text and put it in. Comprehend that’ll summarize it. Hopefully, LOL. YOLO, we’ll see if this works.

Step 4 – Confirm in AWS Transcribe Medical & S3 Buckets of data:

  • To confirm hit download & view in vscode json – prolly in 1 line, use shift-alt-f to quick review

Step 5.1 AWS Comprehend Medical – Create Job:

  • Important Note:
    • input bucket
      • output bucket…i know confusing, dont do audio file – remember what comprehend does…
    • output bucket
      • your results bucket
    • iam role
      • should pop-up in dropdown if code is correct in policy

Step 5.2 AWS Comprehend Medical – Real-Time Analysis:

View Zaaa Code here:

git init
git add .
git status
git commit -m "First commit for AWS Transcribe + Comprehend Medical w/Terraform."
git remote add origin https://github.com/earpjennings37/aws-medical-tf.git
git branch -M Main
git push -u origin main
  • to ensure connect to repo, i did a thing
    • commands
    • open a pull request – create a pull request
    • merge pull request
    • merged & closed
git checkout -b update-readme
git branch
git status
git add .
git commit -m "updated-readme"
git push -u origin update-readme

kubectl, but gooder w/”agentic”-ai.

by EarpMoonWater, posted in Ai/ML, kubernetes

You like kubectl ya? Well how about slappin some “agentic-ai” on that cli & see what happens. Lets run it, see below for 4 examples.

Pre-Reqxzz aka 3 stepzz:

Commands to get goin:

curl -sSL https://raw.githubusercontent.com/GoogleCloudPlatform/kubectl-ai/main/install.sh | bash
export GEMINI_API_KEY=your_api_key_here
kubectl-ai --help
kubectl-ai models
kubectl-ai --model gemini-2.5-flash

Example 1:

  • informally talk w/to get namespaces & create namespace
  • then can check k9s to see if it worked
    • trust but verify type of thing ya know?

Example 2:

  • shows you what command its running based off your informal dialogue

Example 3:

Example 4:

alrite peace

AWS – VCS – HCP.. its all connected

by EarpMoonWater, posted in aws, terraform

Summary of Steps Below:

  • Create Github repo
    • git add
  • Git Commands
    • git add .
    • git commit -m
    • git push
  • HCP Migrate VCS Workflow
    • dev
  • In Github Add development branch
  • Use VCS to deploy DEVELOPMENT
    • git branch -f
    • git checkout development
    • git branch
    • git status
    • terraform init -backend-config=dev.hcl -reconfigure
    • terraform validate
    • terraform plan
  • CAN NOT do..
    • terraform apply
  • Git Commands
    • git status
    • git add .
    • git commit -m “remove extra server & refactor outputs”
    • git push
  • HCP
    • Approve
  • Github
    • Review development branch to main
  • Use VCS to deploy PRODUCTION
    • Github
      • Merge pull request
    • HCP
      • Automaticlaly KO pipeline & approve
    • Github & HCP
      • See the MR merged/approved
  • AWS Console
    • Review new resources added or destroyed

Create New GitHub Repo:

git init
git remote add origin https://github.com/<YOUR_GIT_HUB_ACCOUNT>/my-app.git

Commit changes to github:

git add .
git commit -m "terraform code update for my app"
git push --set-upstream origin master

Migrate VCS Workflow:

add development github branch:

Use VCS to deploy development:

git branch -f development origin/development
git checkout development
git branch
terraform init -backend-config=dev.hcl -reconfigure
terraform validate
terraform plan
  • Remember, cant do this…..
git status
git add .
git commit -m "remove extra server & refactor outputs"
git push
  • Approve in HCP & can review Github development branch to main

Use VCS to deploy main/production:

  • Github:
    • IF development goes well & passes, then can merge pull request
  • HCP:
    • Automatically KO the pipeline for production & can approve
  • Github:
    • Can see the MR has merged from development to production
  • AWS Console:
    • Check to see your resources

Terraforming the Cloud Alphabet Soup aka HCP/AWS.

by EarpMoonWater, posted in aws, terraform
  • In providers.tf add backend to remote so you can operate in enhanced/remote/HCP as well as your state be in enhanced/remote/HCP & even stream to your CLI in VsCode..compared to standard state that just stores state (like an S3 backend)

TF Remote provider magic:

  • Seeing the TF at work locally in the CLI & live in HCP, woah – magic..
  • Then jump to the ole’ AWS Console to check your IaC
  • Alright alright alright, lets destroy in the CLI
  • Annnnnnnnnnd, once again you can see live “streamin” in HCP
  • OMG its gone!!

S3 —–> HCP Enhanced/Remote:

  • Then if you have your backend provider already established, you can see live the new state before any Terraform is planned or applied
  • WOW, legitness.

Karpor Evolves K8s like Magicarp to Gyarados

by EarpMoonWater, posted in Ai/ML, kubernetes

Install KusionStack Karpor CLI:

# brew tap KusionStack/tap
# brew install KusionStack/tap/kusion

Helm Repo Add Karpor

# helm repo add kusionstack https://kusionstack.github.io/charts
# helm repo update
# helm install karpor kusionstack/karpor

Port-Forward to 7443 & Review Dashboard:

  • Now you can register a cluster to review w/magic “agentic” ai

ArgoCD, not the Ben Affleck movie, or insurance duck commercial..

by EarpMoonWater, posted in argocd, Helm

Install ArgoCD:

brew install argocd
kubectl port-forward svc/argocd-server -n argocd 8080:443
argocd login 127.0.0.1:8080

Code:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

Port-forward:

  • Option 1 from CLI
  • Option 2 from K9s

“Secret” Password:

  • Option 1 from CLI
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
  • Option 2 from K9s
    • go to secrets
    • hit x on the preferred option you desire
    • initial admin secret – login to argocd
    • secret – to get RSA private keys

Helm Chart install:

  • See pods in k9s
  • Port-forward to 8888

Scale-Up Replicas to 10:

  • Update your github file & commit
  • Watch MAGIC..or “agentic-ai” – whatever you wanna call it
  • Notice in k9s the pods age

Rollback in ArgoCD

  • For a quick fix cuz not sure what broke, can quickly go back instead of push more supposed changes/fixes from github
  • Annnnnd see the termination of pods from the rollback in ArgoCD

AWS IAM +1 to partayyyy

by EarpMoonWater, posted in aws, terraform
  • logged into AWS
    • aws configure
  • Created 4 tf files
    • main
    • variables
    • output
    • tfvars
main.tf
provider "aws" {
  region = var.aws_region
}

# Create IAM user
resource "aws_iam_user" "example_user" {
  name = var.user_name
}

# Attach policy to the user
resource "aws_iam_user_policy_attachment" "example_user_policy" {
  user       = aws_iam_user.example_user.name
  policy_arn = var.policy_arn
}

# Create access keys for the user
resource "aws_iam_access_key" "example_user_key" {
  user = aws_iam_user.example_user.name
}
output.tf
output "iam_user_name" {
  value = aws_iam_user.example_user.name
}

output "access_key_id" {
  value = aws_iam_access_key.example_user_key.id
}

output "secret_access_key" {
  value     = aws_iam_access_key.example_user_key.secret
  sensitive = true
}
variables.tf
variable "aws_region" {
  description = "AWS region"
  type        = string
  default     = "us-east-1"
}

variable "user_name" {
  description = "IAM username"
  type        = string
  default     = "example-user"
}

variable "policy_arn" {
  description = "IAM policy ARN to attach"
  type        = string
  default     = "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
}
terrform.tfvars
aws_region = "us-east-1"
user_name  = "terraform-user"
policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess"
  • terraform fmt
  • terraform init
  • terraform plan
  • terraform apply