Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View ams0's full-sized avatar
🏠
Working from home

Alessandro Vozza ams0

🏠
Working from home
240 followers · 59 following
View GitHub Profile
@ams0
ams0 / kind_cilium.sh
Created March 6, 2024 01:48
Create Script to deploy a multinode kind cluster with Cilium, MetalLB and local folder sharing
#!/bin/bash
# Usage: ./kind_cilium.sh <k8s_version> <cluster_name> <start_ip> <end_ip>
# Example: ./kind_cilium.sh v1.21.1 kind 200 250
DEFAULTK8SVERSION="v1.29.2"
K8SVERSION="${1:-$DEFAULTK8SVERSION}"
DEFAULTNAME="kind"
NAME="${2:-$DEFAULTNAME}"
@ams0
ams0 / bbl-template.tf
Created February 22, 2024 19:49
variable "env_id" {}
variable "region" {}
variable "simple_env_id" {}
variable "subscription_id" {}
variable "tenant_id" {}
@ams0
ams0 / istio-check.yml
Last active December 22, 2023 22:16
#Istio check
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx
name: nginx
spec:
replicas: 1
@ams0
ams0 / kind_cilium_cluster_mesh.sh
Last active December 15, 2023 19:20
#Cilium cluster mesh with kind
cat <<EOF | kind create cluster --image kindest/node:v1.28.0 --config -
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
name: cluster-01
nodes:
- role: control-plane
- role: worker
networking:
@ams0
ams0 / ubuntu-prep-lfs458.sh
Last active January 8, 2024 23:48
#!/bin/bash
# LFS458 VM prep script
#update and upgrade
export DEBIAN_FRONTEND=noninteractive
apt-get update -y
apt-get upgrade -y
#add basic tools
apt-get install -y vim curl apt-transport-https vim git wget software-properties-common lsb-release ca-certificates -y
@ams0
ams0 / bosh-azshell.sh
Last active October 30, 2023 11:14
Install bosh with Azure Shell
# Install bosh from Azure Shell
# in azure shell run pip install certbot
# change quota of Azure shell file share
az ad sp create-for-rbac -n bosh -o json > sp.json
az role assignment create --assignee $(jq -r .appId sp.json) --role "Contributor" --scope /subscriptions/$(az account list --query "[?isDefault].id" -o tsv)
SP_FILE="$HOME/pre/sp.json"
export NAME=${PWD##*/}
@ams0
ams0 / install-ambient-helm.sh
Last active October 18, 2023 22:03
Install Istio Ambient Mesh with Helm
# Install Ambient Mesh with Helm Charts
REPO="https://istio-release.storage.googleapis.com/charts"
VERSION=1.19.0
helm_opts="upgrade -i --namespace istio-system --create-namespace --repo ${REPO} --version ${VERSION}"
# base
helm $(echo $helm_opts) istio-base base
# istiod
@ams0
ams0 / multipass-cloudinit.sh
Last active March 27, 2023 05:53
multipass cloud init script to install kubectl helm and more
#!/bin/bash
ARCH=$(dpkg --print-architecture)
wget -q "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl"
install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
rm kubectl
# Enable bash completion for kubectl
echo "source /usr/share/bash-completion/bash_completion" >> /root/.bashrc
@ams0
ams0 / osm-nginx-keycloak-mtls-acme.md
Last active June 26, 2022 09:19
Setup Keycloak with OSM, mTLS between pods and SSL Let'sEncrypt certificate termination at ingress

Let me go thru the setup :

  1. Install a 1.24.0 cluster
  2. Install OSM and add the namespaces:
osm install --set OpenServiceMesh.enablePermissiveTrafficPolicy=false
kubectl patch meshconfig osm-mesh-config -n osm-system -p '{"spec":{"traffic":{"enableEgress":true}}}'  --type=merge

kubectl create ns keycloak
@ams0
ams0 / cert-manager-ca-for-osm.sh
Created May 18, 2022 05:27
Deploys cert-manager with a custom CA and OSM pointing to that.
#create CA cert and key
brew install step
step certificate create root.osm.cluster.local ca.crt ca.key \
--not-after=87600h --profile root-ca --no-password --insecure
kubectl create ns cert-manager
kubectl create secret generic osm-ca-bundle -n cert-manager --from-file=tls.key=ca.key --from-file=tls.crt=ca.crt
helm upgrade -i cert-manager \
--namespace cert-manager --create-namespace \