Skip to content

Instantly share code, notes, and snippets.

View amcginlay's full-sized avatar

Alan McGinlay amcginlay

33 followers · 0 following
View GitHub Profile
@amcginlay
amcginlay / arm64-macos-parallels-vagrant-kubernetes.md
Last active March 5, 2024 01:23
arm64-macos-parallels-vagrant-kubernetes.md

Building Kubernetes on arm64 MacOS with Parallels and Vagrant

With help from: https://devopscube.com/setup-kubernetes-cluster-kubeadm/

Vagrantfile for Building Kubernetes Control Plane VM

Vagrant.configure("2") do |config|
  config.vm.provision "shell", inline: <<-SHELL
    VERSION="1.29"
    KUBERNETES_VERSION="$VERSION.2-1.1"
@amcginlay
amcginlay / tlspk-sko-demo.md
Last active December 14, 2023 13:24
TLSPK demo for SKO (container-gulch) 
STACK_BASE_NAME=sko-demo
VCPRegion=US                 # EU does not fully support K8s cluster ... yet!
VCPAPIKey=???                # value from https://container-gulch.venafi.cloud/platform-settings/user-preferences?key=api-keys

export AWS_PROFILE=venafi-se # assuming aws credentials have been set up for this account

aws cloudformation create-stack \
  --stack-name ${STACK_BASE_NAME}-$(date +"%y%m%d%H%M%s") \
 --template-url https://venafi-ecosystem.s3.amazonaws.com/tlspk/v2/cfn-tlspk-cluster-bootstrapper.yaml \
@amcginlay
amcginlay / cilium-service-mesh.md
Last active December 5, 2023 11:18
Cilium Service Mesh

Cilium Service Mesh

@amcginlay
amcginlay / cilium-cni.md
Last active December 5, 2023 11:19
Cilium CNI

Cilium CNI

@amcginlay
amcginlay / kind-ec2-remote-access.md
Last active November 17, 2023 10:54
KinD cluster on EC2 with Remote Access

KinD cluster on AWS EC2 with Remote Access

Solution tested with MacOS client.

Build Ubuntu VM on AWS EC2

Note: The EC2 instance created by this CloudFormation template is pre-configured to provide the following:

  • 64bit (x86) Ubuntu 22.04 in us-west-2 region
  • Docker Engine
  • EC2 Instance Connect support
  • AWS Systems Manager (SSM) support
@amcginlay
amcginlay / vcert-playbooks.md
Last active December 6, 2023 11:19
Using VCert Playbooks

Using VCert Playbooks

An example based upon documentation here

This code has been tested on x86 Ubuntu

Prerequisites

@amcginlay
amcginlay / firefly-quick-start.md
Last active October 24, 2023 10:02

Firefly Quick Start

These instructions aim to simplify those already laid out here.

The following assumes your AWS CLI has been pre-authenticated with an AWS account.

Create an Ubuntu EC2 Instance with Docker installed

stack_id=$( \
  aws cloudformation create-stack \
    --stack-name ubuntu-docker-firefly \
@amcginlay
amcginlay / prepare-pemfiles-for-acm.md
Last active August 9, 2023 13:46
Commands to prepare Digicert key material for ACM import

Preparing TLSPC PEM files for AWS ACM

Assuming we have cert-chain and private key files extracted from TLSPC via DigiCert (let's call them my-cert.chain and my-cert.key), how do we get them prepared for AWS ACM import.

In this case my-cert.chain is a full chain and my-cert.key is an encrypted private key.

Requirements

As such we need to cope with two requirements:

@amcginlay
amcginlay / tlspk-helper-agent-install.md
Last active August 8, 2023 08:58
Installing the TLSPK agent without jsctl

Installing the TLSPK agent without jsctl

Steps as follows

Lightweight cluster creation

Create a disposable KinD cluster as follows.

nickname=<YOUR_NICKNAME>
@amcginlay
amcginlay / list-all-running-ec2s.sh
Last active July 26, 2023 14:05
Script will list all running EC2 instances in the current AWS account
echo '"region","instance-id","instance-type","tags-name","tags-auto-owner"'
for region in $(aws ec2 describe-regions --query 'Regions[*].[RegionName]' --output text); do
aws ec2 describe-instances \
--region ${region} \
--filters "Name=instance-state-name,Values=running" \
--output json | \
jq --arg region $region -r \
'.Reservations[].Instances[] | [$region, .InstanceId, .InstanceType, (.Tags[] | select(.Key=="Name") | .Value), (.Tags[] | select(.Key=="auto:owner") | .Value)] | @csv'
done