DevOps

Problem: The client needed to modernize their Zabbix v7.4.8 setup by migrating a Low-Level Discovery rule away from a static, local JSON file. They required best practices and an architectural recommendation for dynamically triggering and feeding the discovery rule from an external Windows server, while ensuring reliable and efficient updates. Process: Step 1: Architecture Review […]

Problem: During migration to Zabbix 7.4, hundreds of HTTPS health checks failed because the HTTP Host header differed from the SNI hostname used for the TLS handshake. In this environment, monitoring items connect to a load-balancer VIP using a custom Host header to reach specific virtual sites. However, the target servers detected the discrepancy between […]

Problem: On a primary Sonatype Nexus instance running version 3.29.2-02, container images stored in Docker repositories were disappearing without any recorded user DELETE calls. The operator reported unexpected removals, noted release notes referencing a prior cleanup-policy UI bug (where day values were misinterpreted as seconds), and observed that repository artifacts had been cleaned automatically. The […]

Problem: Argo CD UI responsiveness and application sync/refresh operations experienced frequent slowness and timeouts on a bare‑metal OpenShift cluster. Symptoms included UI timeout and long sync times when running bulk refresh/sync operations against an app‑of‑apps topology: sync jobs that exceeded a 1,800s pipeline timeout would fail. The environment manages ~5,200 Argo CD applications on a […]

Problem: The client using Argo Workflows identified a compliance issue during a Twistlock (Prisma Cloud) scan. The image argoproj/argoexec:v3.7.1 failed the CIS Docker Benchmark 4.1 rule, which requires containers to run as a non-root user. Running containers as root posed a risk of privilege escalation and potential account takeover. The client wanted to resolve the […]

Problem: A client deploying Harbor, the open-source container registry, wanted to replace the default Hossted-assigned domain with their own custom domain. Despite following setup instructions, Harbor continued to resolve to the old hostname. This resulted in SSL certificate mismatch errors, failed authentication requests, and missing features in the UI such as Proxy Cache and Helm […]

Problem: The client, preparing to launch Argo Workflows v3.6.0 for production, faced a critical RBAC issue when enabling Single Sign-On (SSO) with Azure Active Directory (Entra ID) via Dex. When users attempted to log in through SSO, Argo Workflows returned the error: unknown name groups This prevented role-based authorization through group membership, effectively blocking all […]

Problem: A telecommunications customer operating a production Kubernetes cluster deployed via Kubespray encountered an infrastructure challenge. One of their original control-plane nodes (kz-bss-k8om01) had previously failed and was replaced with a new node named kz-bss-k8om04. Later, the client requested to rename this node back to its original FQDN (kz-bss-k8om01) and ideally retain the original IP […]

Problem: After upgrading the Jenkins Active Choices Plugin from version 2.6.1 to 2.8.1, the client’s Jenkins instance began exhibiting critical malfunctions in jobs that utilized multi-level reactive reference parameters. These parameters, implemented via Active Choices Reactive Reference Parameter fields, rely on Groovy scripts to dynamically populate choices based on the values of one or more […]