- Create your kind cluster (suit yourself https://kind.sigs.k8s.io/docs/user/configuration/)
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: nginx-proxy-to-alertmanager | |
namespace: kube-system | |
labels: | |
app: nginx-proxy-to-alertmanager | |
group: monitoring | |
component: loki |
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
#!/bin/sh | |
# | |
# Print Pods which are Pending or not Ready for some reaosn | |
# | |
kubectl get pods --all-namespaces -o go-template='{{ range $item := .items }}{{ range .status.conditions }}{{ if (or (and (eq .type "PodScheduled") (eq .status "False")) (and (eq .type "Ready") (eq .status "False"))) }}{{ $item.metadata.name}} {{ end }}{{ end }}{{ end }}' |
package main | |
import ( | |
"fmt" | |
"encoding/base64" | |
) | |
func main() { | |
str := "Hello, playground :)" | |
#!/usr/bin/env bash | |
# | |
# Script for guide: | |
# https://gorka.eguileor.com/vbox-vmware-in-secureboot-linux-2016-update/ | |
# | |
# Verification: | |
# dmesg | grep "EFI:.*cert.*${cert_name}" | |
# | |
set -eu | |
set -o pipefail |
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: echoserver | |
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: echoserver | |
namespace: echoserver |
Just plug in your own values for registry and repo/image name.
registry='localhost:5000'
name='my-image'
curl -v -sSL -X DELETE "http://${registry}/v2/${name}/manifests/$(
curl -sSL -I \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
#!/bin/bash | |
set -e | |
set -o pipefail | |
# Add user to k8s using service account, no RBAC (must create RBAC after this script) | |
if [[ -z "$1" ]] || [[ -z "$2" ]]; then | |
echo "usage: $0 <service_account_name> <namespace>" | |
exit 1 | |
fi |
tl;dr Generate a GPG key pair (exercising appropriate paranoia). Send it to key servers. Create a Keybase account with the public part of that key. Use your keypair to sign git tags and SBT artifacts.
GPG is probably one of the least understood day-to-day pieces of software in the modern developer's toolshed. It's certainly the least understood of the important pieces of software (literally no one cares that you can't remember grep's regex variant), and this is a testament to the mightily terrible user interface it exposes to its otherwise extremely simple functionality. It's almost like cryptographers think that part of the security comes from the fact that bad guys can't figure it out any more than the good guys can.
Anyway, GPG is important for open source in particular because of one specific feature of public/private key cryptography: signing. Any published software should be signed by the developer (or company) who published it. Ideally, consu
# Example authorization policy for kubernetes. | |
# | |
# Configure kube-apiserver with the following command line arguments: | |
# | |
# --authorization-mode=Webhook | |
# --authorization-webhook-config-file=<path-to-kubeconfig-file> | |
# | |
# The kubeconfig file must locate OPA. For example: | |
# | |
# clusters: |