Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
coding!

Karl Stoney Stono

💭
coding!
View GitHub Profile
View Istio Telemetry v2 Recording Rules
groups:
# These sum(irate()) functions are in separate groups, so they run in parallel
- name: istio.workload.istio_request_duration_milliseconds_bucket
interval: 10s
rules:
- record: workload:istio_request_duration_milliseconds_bucket:rate1m
expr: |
sum(irate(istio_request_duration_milliseconds_bucket{reporter="source", source_workload!=""}[1m]))
by (
@Stono
Stono / pilot-agent-agent
Created Jun 25, 2019
A wrapper entrypoint for istio-proxy, which makes it slightly more graceful shutting down and also adds support for calling envoys quitquitquit endpoint
View pilot-agent-agent
#!/bin/bash
echo "Starting custom autotrader pilot-agent wrapper..."
echo "Pilot-agent args: $@"
/usr/local/bin/pilot-agent "$@" &
AGENT_PID=$!
echo "Pilot agent started with pid: $AGENT_PID"
log() {
echo "[pilot-agent-agent] $*"
View istio-rollout-sidecars.rb
#!/usr/bin/ruby
require 'json'
require 'net/http'
require 'shellwords'
require 'time'
require 'uri'
require 'yaml'
@target_sidecar_image = YAML.load(YAML.load(`kubectl --namespace=istio-system get configmap istio-sidecar-injector -o yaml`)['data']['config'])['template'].match(/.*(eu.gcr.io\/at-artefacts\/platform-istio-proxy.*)".*/)[1]
View remove-istio.sh
#!/bin/bash
echo "Deleting istio components..."
array=( istio istio-crd istio-grafana istio-prometheus istio-jaeger kube-state-metrics prometheus-alertmanager )
for i in "${array[@]}"
do
echo " - Removing: $i"
helm del --purge $i
done
View debug-istio.sh
#!/bin/bash
set +e
rm -rf /tmp/istio-debug*
mkdir /tmp/istio-debug
cd /tmp/istio-debug
for pod in $(kubectl --namespace=istio-system get pods --no-headers -l istio=pilot | awk '{print $1}'); do
echo "Gathering info from $pod"
mkdir $pod
cd $pod
View install-istio.sh
#!/bin/bash
set -e
array=( istio istio-crd istio-grafana istio-prometheus istio-jaeger )
for i in "${array[@]}"
do
echo "Installing: $i"
helm upgrade --install $i --namespace istio-system $i/ --debug -f $ENV
done
View generate-istio.rb
#!/usr/bin/env ruby
require 'psych'
require 'fileutils'
require 'yaml'
# These mappings are used by looking at the Type of the resource, and then
# from that deciding the sub folder
@mappings = {
'CustomResourceDefinition' => 'custom-resources',
'ClusterRole' => 'rbac/role',
View helm-deploy.sh
#!/bin/bash
if [ -z "$RELEASE_NAME" ]; then
echo "ERROR: Please set \$RELEASE_NAME"
exit 1
fi
if [ -z "$GO_PIPELINE_COUNTER" ]; then
echo "ERROR: Please set \$GO_PIPELINE_COUNTER"
exit 1
fi
APP="aws/helm-$RELEASE_NAME"
View generate-and-test-mtls.sh
#!/bin/bash
set -e
function get_secret {
VAR=".data[\"$1\"]"
kubectl -n istio-system get secret istio-ca-secret -o json | jq -r $VAR | base64 --decode
}
function clean {
# Cleanup database
rm -f ca/index.txt*
View keybase.md

Keybase proof

I hereby claim:

  • I am stono on github.
  • I am kstoney (https://keybase.io/kstoney) on keybase.
  • I have a public key ASAfkF1lJjrHhDseYf6l1dF4VDvnN-HjhaXKFP_pfAv0Ngo

To claim this, I am signing this object:

You can’t perform that action at this time.