Erlang cluster on Kubernetes: Conclusion
This started as a quick experiment to spin up an Erlang cluster on Kubernetes, using TLS distribution, and to validate using cert-manager to issue the pod certificates.
It turned into several evenings of writing Erlang code, learning more about Kubernetes and getting annoyed with OpenSSL.
That was followed by the idea to make a YouTube video demonstrating the use of interactive rebase to tidy up commit history, which is a skill that I feel more developers should know about. That eventually turned into about 8 hours over several days. I might even get around to releasing the video at some point, though I’m not looking forward to editing it down from the full 8 hours to something more watchable.
But the whole thing works, so it needed a blog post.
Over the next week or so, that turned into a series of blog posts. There are 21 posts in the series, including the introduction and this conclusion. It also resulted in the publishing of two other blog posts that are only tangentially related (so they’re not included in the series), plus ideas for at least 4 other posts as yet unwritten.
The series covers the basics of Erlang clustering, and then adds TLS. It demonstrates a bunch of Kubernetes concepts, such as init containers, cron jobs, headless services, etc.. I spent some time reinforcing my hatred for OpenSSL, though you only see the end result. There’s a bunch of (I hope) good stuff about using cert-manager. Along the way, I spent some time looking at Erlang’s SSH daemon, and dealt with a couple of asides, such as running as a non-root user and using tini as pid 0.
It’s been a lot of work, but I’ve learnt a load, and I hope it’s useful to others.