0. Collect these info
- What's your PVC which has space issue ?
- What's the StorageClassName of that PVC ?
1. Make sure StorageClassName has the following prop :
allowVolumeExpansion: true
abdennour
/ expand-pvc.md
Last active Aug 26, 2020
Expand kubernetes PVC - Fix No space left on device
View expand-pvc.md
View vault-auth-k8s-method.sh
| # $1: vault namespace | |
| # $2: Vault Token Reviewer Service Account | |
| vault_namespace=${1:-"vault"} | |
| token_reviewer_sa=${2:-"vault"} | |
| if [ -z "${VAULT_TOKEN}" ] || [ -z "${VAULT_ADDR}" ]; then | |
| echo "ERROR: VAULT_TOKEN and VAULT_ADDR env vars are required" | |
| exit 404 | |
| fi | |
| cat <<EOF | kubectl apply -f - |
View README.md
Overview
This gist is about a collection of lectures about how to write a good README
01. introduction
02. What's documentation
View README.md
Overview
This gist is about a collection of lectures about how to write a good README
01. introduction
02. What's documentation
View vault-read-write-yaml.sh
| read_vault_data() | |
| { | |
| vault read -field=value $VAULT_SECRET_PATH/config > config.yaml | |
| } | |
| write_vault_data() | |
| { | |
| vault write $VAULT_SECRET_PATH/config value=@config.yaml | |
| } |
abdennour
/ 00-entity-vs-alias-vault.png
Last active Jul 16, 2020
Vault Human Authentication : Entity vs Alias
abdennour
/ 00-about.html
Last active Jul 15, 2020
Vault AppRole Auth Method - Grant Access To App (Jenkins) to get secrets from Vault
View 00-about.html
| <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAysAAAFUCAYAAAAkvKNhAAAAAXNSR0IArs4c6QAAQABJREFUeAHsnQeAFMXSgIuckyJJRESfAUQUlIwkQREUJUlQAUHMOef0zPmZE4qBjAqKJFEQJCmKYlYEURAVERAkM3997d/L3HJ3XNi9292r1mVnZ3o6fDM309UVulCgSSwZASNgBIyAETACRsAIGAEjYAQSjEDhBGuPNccIGAEjYASMgBEwAkbACBgBI+AImLBiN4IRMAJGwAgYASNgBIyAETACCUnAhJWEvCzWKCNgBIyAETACRsAIGAEjYARMWLF7wAgYASNgBIyAETACRsAIGIGEJGDCSkJeFmuUETACRsAIGAEjYASMgBEwAias2D1gBIyAETACRsAIGAEjYASMQEISMGElIS9LajXq119/le+++0527NiRWh3T3vz222/y9ddfy/bt2+Patz/++EO++uor2bZtW0zq2bRpk8yePVumTJki33zzjezcuTMm5VohRsAIGAEjYASMgBGIJYGisSwskcv6+eef3WDvhx9+kH79+knFihVj0lzK/fDDD+Wzzz6T33//Xfbaay857LDD5Oijj5b69etLoUKFYlJPMhfy4IMPyoQJExynffbZR7Zu3SpTp06VGjVqSMOGDZO5a/LUU0/Jc889JwsXLpRq1arFrS/Dhg2Tu+66S7744gvHLTcVrV69Wvr06ePu2UqVKsl+++0nr7/+upQvXz43xdq5RsAIGAEjYASMgBGIOYGUF1YYGA8YMEDmzJkjzPAzODv11FNzLawwE/3aa6/J1Vdf7QbfCCYVKlSQzz//XJ555hmpXbu2zJs3T0qXLh3zi5ZegcyUFy9eXIoUKZLe4Xzd988//8i6devErz/6999/S+/evaV79+7CIDyZE9zXrl0bd83E5s2bY1bP2LFj5d1335WZM2fKkUceKWvWrMmz+zSZr7W13QgYASNgBIyAEch7Aikv |
View keycload_oauth.md
I deployed the keycloak-operator as in whats described on operatorhub.io then created a client like:
apiVersion: keycloak.org/v1alpha1
kind: KeycloakClient
metadata:
name: foo
namespace: my-keycloak-operator
labels:
abdennour
/ auth_user_keys_kubeconfig.md
Last active Jul 15, 2020
Kubernetes kubectl Authenticate with Keys ClusterRoleBinding RBAC
View auth_user_keys_kubeconfig.md
Using x509 Certificate:
https://www.udemy.com/draft/1522024/learn/lecture/9624320#questions/7312846
Authentication
official docs: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#x509-client-certs tuto: https://www.linkedin.com/pulse/adding-users-quick-start-kubernetes-aws-jakub-scholz/
View USAGE.md
chmod +x ab;
./ab -n 10000 -c 900 -s 300 ${url}
-n : total number of requests -c : concurrent requests ( 900 simultaneously ) -s : timeout in second
NewerOlder