this post was submitted on 19 Jun 2023
154 points (96.4% liked)
Programmer Humor
19171 readers
1413 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Trying to do Postgresql TLS /w Internal PKI chain created by Cert-Manager made me want to throw my laptop out the window yesterday.
This stuff is hard.
Just tell the security team to handle it ๐
(My security team would NOT be amused by this joke suggestion)
I am the security team :'(
Not who you replied to, but mine would tell me no and then laugh at me
Use a postgresql operator for that.
How many postgresql databases without replication and backup if have seen .... and 90% of then contained critical data.
If you really need to run the db inside containers, never by hand.
And as a full time postgresql dba: NEVER run your production databases inside k8s
Why not?
Because dogma. There are tons of places running production postgres, and indeed many other stateful services, in Kubernetes.
Edit because presumably GP downvoted me for contradicting them, since I've personally overseen this in production at Fortune 100 companies and unicorn startups alike:
https://dok.community/
https://github.com/zalando/postgres-operator
And plenty of YouTube videos from various kubecons and CloudNativeCons. Kubernetes is a runtime and provides plenty of primitives for safely running stateful workloads even better than otherwise possible. Anyone who says otherwise hasn't bothered directly learning enough about the possibilities and is likely citing oft-quoted dogma that dates back to the earliest days of k8s and was questionable even then.