Skip to content

Instantly share code, notes, and snippets.

View amcginlay's full-sized avatar

Alan McGinlay amcginlay

View GitHub Profile
amcginlay /
Last active March 5, 2024 01:23

Building Kubernetes on arm64 MacOS with Parallels and Vagrant

With help from:

Vagrantfile for Building Kubernetes Control Plane VM

Vagrant.configure("2") do |config|
  config.vm.provision "shell", inline: <<-SHELL
amcginlay /
Last active December 14, 2023 13:24
TLSPK demo for SKO (container-gulch)
VCPRegion=US                 # EU does not fully support K8s cluster ... yet!
VCPAPIKey=???                # value from

export AWS_PROFILE=venafi-se # assuming aws credentials have been set up for this account

aws cloudformation create-stack \
  --stack-name ${STACK_BASE_NAME}-$(date +"%y%m%d%H%M%s") \
 --template-url \
amcginlay /
Last active December 5, 2023 11:18
Cilium Service Mesh

Cilium Service Mesh

amcginlay /
Last active December 5, 2023 11:19
Cilium CNI

Cilium CNI

amcginlay /
Last active November 17, 2023 10:54
KinD cluster on EC2 with Remote Access

KinD cluster on AWS EC2 with Remote Access

Solution tested with MacOS client.

Build Ubuntu VM on AWS EC2

Note: The EC2 instance created by this CloudFormation template is pre-configured to provide the following:

  • 64bit (x86) Ubuntu 22.04 in us-west-2 region
  • Docker Engine
  • EC2 Instance Connect support
  • AWS Systems Manager (SSM) support
amcginlay /
Last active December 6, 2023 11:19
Using VCert Playbooks

Using VCert Playbooks

An example based upon documentation here

This code has been tested on x86 Ubuntu


Firefly Quick Start

These instructions aim to simplify those already laid out here.

The following assumes your AWS CLI has been pre-authenticated with an AWS account.

Create an Ubuntu EC2 Instance with Docker installed

stack_id=$( \
  aws cloudformation create-stack \
    --stack-name ubuntu-docker-firefly \
amcginlay /
Last active August 9, 2023 13:46
Commands to prepare Digicert key material for ACM import

Preparing TLSPC PEM files for AWS ACM

Assuming we have cert-chain and private key files extracted from TLSPC via DigiCert (let's call them my-cert.chain and my-cert.key), how do we get them prepared for AWS ACM import.

In this case my-cert.chain is a full chain and my-cert.key is an encrypted private key.


As such we need to cope with two requirements:

amcginlay /
Last active August 8, 2023 08:58
Installing the TLSPK agent without jsctl

Installing the TLSPK agent without jsctl

Steps as follows

Lightweight cluster creation

Create a disposable KinD cluster as follows.

amcginlay /
Last active July 26, 2023 14:05
Script will list all running EC2 instances in the current AWS account
echo '"region","instance-id","instance-type","tags-name","tags-auto-owner"'
for region in $(aws ec2 describe-regions --query 'Regions[*].[RegionName]' --output text); do
aws ec2 describe-instances \
--region ${region} \
--filters "Name=instance-state-name,Values=running" \
--output json | \
jq --arg region $region -r \
'.Reservations[].Instances[] | [$region, .InstanceId, .InstanceType, (.Tags[] | select(.Key=="Name") | .Value), (.Tags[] | select(.Key=="auto:owner") | .Value)] | @csv'