Devops on Zachary Loeber's Blog

Secret Zero - An Obvious Solution

Fri, 27 Feb 2026 11:16:15 -0600

What is Secret Zero?

In the realm of IT and security, “secret zero” refers to the initial bootstrap credential (or credentials) required to bring up a new deployment from scratch. Secrets classified as ‘secret zero’ are essentially the master keys that unlock further access or enable required functionality for an application.

This foundational set of secrets bootstraps secure communication and access to sensitive data, but it creates a chicken-and-egg dilemma: how do you securely manage the very first secret without exposing it? While secrets management tools like HashiCorp Vault or AWS Secrets Manager have revolutionized how we handle credentials, APIs, and tokens, secret zero remains a stubborn vulnerability lurking at the core of many projects.

Vendoring Terraform Modules With Git Subtree

Mon, 04 Aug 2025 22:46:31 -0500

In this article I’ll go over a less obvious way to vendor in outside modules into your terraform code base.

Semi Auto Importing Terraform State

Mon, 14 Jul 2025 09:25:51 -0500

On more than one occasion I’ve longed for the mean’s to automatically import terraform state. But this is a feature I know will likely never be added for a number of very good reasons. In some cases it is possible to use only a plan file to automate the generation of terraform import blocks though. Here is how it can be done.

Pre-Cache Terraform Provider Plugins

Wed, 19 Mar 2025 11:29:36 -0500

Pre-caching terraform providers in your CICD pipeline images is awesome but hardly anyone does it. I’ve created a project that makes this task easier than ever.

Stand Out in Your Tech Interview

Mon, 17 Mar 2025 14:00:43 -0500

In the last several years I’ve had the great privilege of being the final technical interviewer for a large number of candidates. This article is an inside scoop on how I perform these interviews with tips on how you can shine as a candidate.

2021 - IT Industry Predictions

Tue, 15 Dec 2020 10:27:05 -0500

Wild speculations on hot trends to follow in information technology for 2021 and beyond.

The Declarative Mindset

Sat, 11 Jul 2020 11:05:58 -0500

I’m going to wax poetic on the virtues of declarative thinking within the IT industry. Along the way we will go over some definitions and introduce the pseudo-declarative manifest and how it can add value to a project.

Aws Testing With Localstack on Kubernetes

Thu, 21 May 2020 09:22:20 -0500

Testing out your AWS DevOps tricks in a local Kubernetes instance with localstack is pretty easy to do.

The Istio Rabbithole

Wed, 06 May 2020 09:59:02 -0500

Istio can be overwhelmingly complex but using the istio operator, helmfile, and local kubernetes in docker clusters, we can simplify the learning journey.

Artifact Types

Wed, 29 Apr 2020 13:55:09 -0500

A build pipeline’s job is to create immutable artifacts. The type of artifact you build is highly dependant upon what purpose it serves. This article will go over types of artifacts found in various DevOps pipelines.

Libvirt Terraform Kubernetes Lab

Mon, 20 Apr 2020 10:22:48 -0500

I found out that it is relatively easy to setup a local Kubernetes cluster in Linux using terraform and the libvirt provider.

Kubernetes API Specs

Thu, 16 Apr 2020 10:47:59 -0500

Can you quickly list out all the available pod security policy attributes on Kubernetes? How about listing the autoscaling apiVersions along with their spec attributes?

DevOps Patterns

Mon, 13 Apr 2020 11:33:38 -0600

Many standard DevOps patterns are well known at this point. Advances in technology, cloud computing, and workload orchestration in IT have heralded a new generation of DevOps engineer and tooling to meet modern business challenges. In this article we are going to attempt to surface and give name to a few patterns as it relates to the emerging realm of pipelines as code, declarative deployments, multi-cloud, and more.

Kubernetes App Deployments with Terraform

Thu, 02 Apr 2020 12:31:40 -0500

Deploying applications via the kubernetes terraform provider is a viable solution for some workloads.

Azure Devops Automated Variable Groups

Mon, 23 Mar 2020 11:33:38 -0600

In this article I’ll cover how one can automate creating and updating ADO libraries (aka. variable groups) using pipeline as code.

Ado Keyvault Linked Var Groups

Sat, 04 Jan 2020 11:00:13 -0600

Azure DevOps keyvault linked variable groups are not easy to automate but it can be done.

Helm 3 Namespace Creation

Wed, 01 Jan 2020 16:46:26 -0600

Helm 3 was released and works great except that it no longer creates namespaces for your deployments. Here is one solution along with alternatives worth looking into.

Some Cool Kubernetes Tools

Sun, 22 Dec 2019 20:59:43 -0600

Are you working with kubernetes regularly? There are so many tools out there it can be difficult to know which ones to use. Here are a few of them I’ve found to be useful but may have flown under your radar.

Hugo - A DevOps Approach

Sun, 08 Dec 2019 12:26:30 -0600

I’ve updated my site to use hugo some time ago. Recently I’ve found some time to add a deployment pipeline for this site as well. This short article will cover how the pipeline code works and dive into multi-stage pipelines.

Devops: Tool of the day – Syncthing

Mon, 10 Dec 2018 22:51:46 +0000

Check out my new article on using syncthing as a devops productivity tool. Cheers!

DevOps – Automating Kubernetes Deployments

Fri, 28 Sep 2018 16:49:46 +0000

If you are deploying your own Kubernetes clusters you already know that:

Kubernetes is hard

But there is hope!

There are a few great projects to keep an eye on in this space. I’ve covered some of them in an article you can read on the Lumen.

Cheers!