Bryan Richardson activeshadow

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                activeshadow
                / keybase.md
            
            
              Created
              December 2, 2019 05:39
            
          
    Keybase proof

I hereby claim:

I am activeshadow on github.
I am activeshadow (https://keybase.io/activeshadow) on keybase.
I have a public key whose fingerprint is 4E91 582F 373A F54D 2CDC  7456 A222 F794 8E4E 5020

To claim this, I am signing this object:

  
## remove-waf-ip-sets.sh
#!/bin/bash

SETS=$(aws waf list-ip-sets | jq -r ".IPSets[] | .IPSetId")

for ipset in $SETS; do
  TOKEN=$(aws waf get-change-token | jq -r .ChangeToken)

  aws waf delete-ip-set --ip-set-id $ipset --change-token $TOKEN

  sleep 1

## remove-waf-rules.sh
#!/bin/bash

RULES=$(aws waf list-rules | jq -r ".Rules[] | .RuleId")

for rule in $RULES; do
  TOKEN=$(aws waf get-change-token | jq -r .ChangeToken)
  PRED=$(aws waf get-rule --rule-id $rule | jq ".Rule.Predicates[0]")

  aws waf update-rule --cli-input-json '{"RuleId": "'$rule'", "ChangeToken": "'$TOKEN'", "Updates": [{"Action": "DELETE", "Predicate": '"$PRED"'}]}'

## remove-waf-acls.sh
#!/bin/bash

ACLS=$(aws waf list-web-acls | jq -r ".WebACLs[] | .WebACLId")

for acl in $ACLS; do
  TOKEN=$(aws waf get-change-token | jq -r .ChangeToken)
  RULE=$(aws waf get-web-acl --web-acl-id $acl | jq ".WebACL.Rules[0]")

  aws waf update-web-acl --cli-input-json '{"WebACLId": "'$acl'", "ChangeToken": "'$TOKEN'", "Updates": [{"Action": "DELETE", "ActivatedRule": '"$RULE"'}]}'

## kops-create-cluster.log
I1023 14:55:44.078531   25308 gsfs.go:138] Reading file "gs://foobar-kops/simple.k8s.local/config"
I1023 14:55:45.200012   25308 channel.go:92] resolving "stable" against default channel location "https://raw.githubusercontent.com/kubernetes/kops/master/channels/"
I1023 14:55:45.200204   25308 channel.go:97] Loading channel from "https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable"
I1023 14:55:45.200274   25308 context.go:132] Performing HTTP request: GET https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable
I1023 14:55:45.444546   25308 channel.go:106] Channel contents: spec:
  images:
    # We put the "legacy" version first, for kops versions that don't support versions ( < 1.5.0 )
    - name: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2017-07-28
      providerID: aws
      kubernetesVersion: ">=1.4.0 <1.5.0"

## kops.log
➜  ~ kops create cluster k8s.darkcubed.io --zones $ZONES --master-zones $ZONES --node-count 10 --project ${PROJECT} --authorization RBAC --cloud gce --ssh-public-key ~/.ssh/id_ed25519.pub -v 10 --yes
I1020 15:58:33.349589   22722 gsfs.go:179] Reading file "gs://darkcubed-kops/k8s.darkcubed.io/config"
I1020 15:58:34.513984   22722 channel.go:92] resolving "stable" against default channel location "https://raw.githubusercontent.com/kubernetes/kops/master/channels/"
I1020 15:58:34.514059   22722 channel.go:97] Loading channel from "https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable"
I1020 15:58:34.514086   22722 context.go:132] Performing HTTP request: GET https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable
I1020 15:58:34.898258   22722 channel.go:106] Channel contents: spec:
  images:
    # We put the "legacy" version first, for kops versions that don't support versions ( < 1.5.0 )
    - name: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2017-07-28
      providerID: aws

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                activeshadow
                / keybase.md
            
            
              Created
              October 5, 2017 05:30
            
              
                keybase.md
              
          
    Keybase proof

I hereby claim:

I am activeshadow on github.
I am activeshadow (https://keybase.io/activeshadow) on keybase.
I have a public key ASC4M-MbQ1LamSq6o76mT6h_gQj9ZSDsy9b2U0ZmnlGDywo

To claim this, I am signing this object:

  
## kubelet.log
-- Logs begin at Mon 2017-02-06 21:28:04 UTC, end at Mon 2017-03-27 12:54:33 UTC. --
Mar 19 00:23:24 minion systemd[1]: Starting Kubernetes Kubelet...
Mar 19 00:23:24 minion systemd[1]: Started Kubernetes Kubelet.
Mar 19 00:23:25 minion kubelet[1604]: Flag --api-servers has been deprecated, Use --kubeconfig instead. Will be removed in a future version.
Mar 19 00:23:26 minion kubelet[1604]: I0319 00:23:26.100099    1604 docker.go:375] Connecting to docker on unix:///var/run/docker.sock
Mar 19 00:23:26 minion kubelet[1604]: I0319 00:23:26.100213    1604 docker.go:395] Start docker client with request timeout=2m0s
Mar 19 00:23:26 minion kubelet[1604]: E0319 00:23:26.100747    1604 cni.go:163] error updating cni config: No networks found in /etc/cni/net.d
Mar 19 00:23:26 minion kubelet[1604]: I0319 00:23:26.115026    1604 manager.go:143] cAdvisor running in container: "/system.slice/kubelet.service"
Mar 19 00:23:26 minion kubelet[1604]: W0319 00:23:26.141903    1604 manager.go:151] unable to connect to Rkt api se

## gist:b466dc08ca25c3239b07
Created kernel and initrd images using the following:

$ cd /opt/minimega && ./bin/vmbetter -branch unstable -level debug misc/vmbetter_configs/miniccc.conf
$ mv /opt/minimega/miniccc.* /root/

Configured a VM as follows:

minimega$ vm config
minibuntu: Current VM configuration:
Memory:        2048

## embed.rb
require 'base64'
require 'fileutils'

img = /img src="(.*)" /

File.open("#{ARGV[0]}.html") do |i|
  File.open("#{ARGV[0]}-embedded.html", 'w') do |o|
    i.each_line do |l|
      if match = img.match(l)
        location = match[1]
	I1023 14:55:44.078531 25308 gsfs.go:138] Reading file "gs://foobar-kops/simple.k8s.local/config"
	I1023 14:55:45.200012 25308 channel.go:92] resolving "stable" against default channel location "https://raw.githubusercontent.com/kubernetes/kops/master/channels/"
	I1023 14:55:45.200204 25308 channel.go:97] Loading channel from "https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable"
	I1023 14:55:45.200274 25308 context.go:132] Performing HTTP request: GET https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable
	I1023 14:55:45.444546 25308 channel.go:106] Channel contents: spec:
	images:
	# We put the "legacy" version first, for kops versions that don't support versions ( < 1.5.0 )
	- name: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2017-07-28
	providerID: aws
	kubernetesVersion: ">=1.4.0 <1.5.0"
	➜ ~ kops create cluster k8s.darkcubed.io --zones $ZONES --master-zones $ZONES --node-count 10 --project ${PROJECT} --authorization RBAC --cloud gce --ssh-public-key ~/.ssh/id_ed25519.pub -v 10 --yes
	I1020 15:58:33.349589 22722 gsfs.go:179] Reading file "gs://darkcubed-kops/k8s.darkcubed.io/config"
	I1020 15:58:34.513984 22722 channel.go:92] resolving "stable" against default channel location "https://raw.githubusercontent.com/kubernetes/kops/master/channels/"
	I1020 15:58:34.514059 22722 channel.go:97] Loading channel from "https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable"
	I1020 15:58:34.514086 22722 context.go:132] Performing HTTP request: GET https://raw.githubusercontent.com/kubernetes/kops/master/channels/stable
	I1020 15:58:34.898258 22722 channel.go:106] Channel contents: spec:
	images:
	# We put the "legacy" version first, for kops versions that don't support versions ( < 1.5.0 )
	- name: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2017-07-28
	providerID: aws
	-- Logs begin at Mon 2017-02-06 21:28:04 UTC, end at Mon 2017-03-27 12:54:33 UTC. --
	Mar 19 00:23:24 minion systemd[1]: Starting Kubernetes Kubelet...
	Mar 19 00:23:24 minion systemd[1]: Started Kubernetes Kubelet.
	Mar 19 00:23:25 minion kubelet[1604]: Flag --api-servers has been deprecated, Use --kubeconfig instead. Will be removed in a future version.
	Mar 19 00:23:26 minion kubelet[1604]: I0319 00:23:26.100099 1604 docker.go:375] Connecting to docker on unix:///var/run/docker.sock
	Mar 19 00:23:26 minion kubelet[1604]: I0319 00:23:26.100213 1604 docker.go:395] Start docker client with request timeout=2m0s
	Mar 19 00:23:26 minion kubelet[1604]: E0319 00:23:26.100747 1604 cni.go:163] error updating cni config: No networks found in /etc/cni/net.d
	Mar 19 00:23:26 minion kubelet[1604]: I0319 00:23:26.115026 1604 manager.go:143] cAdvisor running in container: "/system.slice/kubelet.service"
	Mar 19 00:23:26 minion kubelet[1604]: W0319 00:23:26.141903 1604 manager.go:151] unable to connect to Rkt api se
	Created kernel and initrd images using the following:

	$ cd /opt/minimega && ./bin/vmbetter -branch unstable -level debug misc/vmbetter_configs/miniccc.conf
	$ mv /opt/minimega/miniccc.* /root/

	Configured a VM as follows:

	minimega$ vm config
	minibuntu: Current VM configuration:
	Memory: 2048
	require 'base64'
	require 'fileutils'

	img = /img src="(.*)" /

	File.open("#{ARGV[0]}.html") do \|i\|
	File.open("#{ARGV[0]}-embedded.html", 'w') do \|o\|
	i.each_line do \|l\|
	if match = img.match(l)
	location = match[1]