This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
==> create_wildcard_automated_challenge <== | |
#!/usr/bin/env bash | |
# Note: | |
# --server https://acme-v02.api.letsencrypt.org/directory | |
# needed for v2 API for wildcard support | |
## employs automated DNS challenge w/ google cloud dns - | |
## you must configure a service account w/ google cloud and provide the DNS Administrator role | |
## to support automatically setting TXT records |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.3' | |
services: | |
wordpress: | |
image: wordpress | |
restart: always | |
ports: | |
- 8080:79 | |
environment: | |
WORDPRESS_DB_PASSWORD: dockertesting |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
## employs automated DNS challenge w/ google cloud dns - | |
## you must configure a service account w/ google cloud and provide the DNS Administrator role | |
## to support automatically setting TXT records | |
### renew all certs found in /etc/letsencrypt | |
docker run -it --rm \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apps/v1 | |
kind: DaemonSet | |
metadata: | |
name: netshoot | |
namespace: guestbook | |
labels: | |
k8s-app: netshoot | |
spec: | |
selector: | |
matchLabels: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind: Namespace | |
apiVersion: v1 | |
metadata: | |
name: guestbook | |
labels: | |
name: guestbook | |
--- | |
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2 | |
kind: Deployment | |
metadata: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
↵ 1 annarchy ~ nc -z | |
usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl] | |
[-m minttl] [-O length] [-P proxy_username] [-p source_port] | |
[-q seconds] [-s sourceaddr] [-T keyword] [-V rtable] [-W recvlimit] | |
[-w timeout] [-X proxy_protocol] [-x proxy_address[:port]] | |
[destination] [port] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[root@annarchy netns]# docker inspect lodestone | grep -i sandbox | |
"SandboxID": "f26ee63e6db253f5de4ded7a60108a7282e9c3f432c7c0d701fceeb7f2350eef", | |
"SandboxKey": "/var/run/docker/netns/f26ee63e6db2", | |
[root@annarchy netns]# nsenter --net=/var/run/docker/netns/f26ee63e6db2 ip a | |
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 | |
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 | |
inet 127.0.0.1/8 scope host lo | |
valid_lft forever preferred_lft forever |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✔ annarchy ~/docker/src/support-tools/labs/buildargs master ● ? cat Dockerfile | |
FROM ubuntu | |
ENV FOO=baz | |
ARG BAR=fuzz | |
RUN env | |
CMD /usr/bin/env | |
✔ annarchy ~/docker/src/support-tools/labs/buildargs master ● ? docker image history args | |
IMAGE CREATED CREATED BY SIZE COMMENT | |
4b655f8a09bf 28 seconds ago CMD ["/bin/sh" "-c" "/usr/bin/env"] 0B buildkit.dockerfile.v0 | |
<missing> 28 seconds ago RUN |1 BAR=fuzz /bin/sh -c env # buildkit 0B buildkit.dockerfile.v0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MAYAN_DATABASES: \"{\'default\':{\'ENGINE\':\'django.db.backends.postgresql\',\'NAME\':\'${MAYAN_DATABASE_DB:-mayan}\',\'PASSWORD\':\'${MAYAN_DATABASE_PASSWORD:-mayandbpass}\',\'USER\':\'${MAYAN_DATABASE_USER:-mayan}\',\'HOST\':\'postgresql\'}}\" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
09:44 <@programmerq> AlexC_ as with any setup where you are sharing files from a host into a guest VM (virtualbox vmware docker-for-mac and others do this) you will take a performance hit for the files you do share. docker-for-mac is generally as performant or more performant than the virtualbox file sharing in my experience, but it is the worst about high counts of small files. | |
09:44 <@ada> AlexC_: was about to say ^ | |
09:45 <@programmerq> the vagrant community dealt with similar problems with similar frameworks long before docker-for-mac existed, and a lot of the things you can do apply. | |
09:45 <@programmerq> basically, it boils down to only sharing the bare minimum of what needs to be shared. don't share the library dependencies-- put those in the docker image itself or in a named volume instead of on a bind mount that is shared from the host. | |
09:45 <@programmerq> any caches, named/anonymous volume instead of bind mount | |
09:45 <@programmerq> etc etc | |
09:45 <@ada> there are some options https://docs.docker.com/d |