Skip to content

Instantly share code, notes, and snippets.

View amshinde's full-sized avatar

Archana Shinde amshinde

19 followers · 7 following
View GitHub Profile
@amshinde
amshinde / proc-in-namespace.md
Last active April 9, 2019 22:41
Find processes in namespace

To check if there are any processes are running in a namepace :

$ # Run as root:
$
$ nspath=/tmp/katapod/var/run/netns/cni-4f6eb895-1dfd-cd01-b54e-05ffbef9b0c5
$ inode=$(ls -i $nspath | cut -f1 -d" ")
$ pids=$(find -L /proc/[1-9]*/task/*/ns/net -inum $inode | cut -f3 -d"/" | uniq)
$ ps -p $pids
@amshinde
amshinde / podman_on_ubuntu.md
Created April 5, 2019 21:43
Rootless podman on Ubuntu

Install podman and uidmap

sudo add-apt-repository ppa:projectatomic/ppa
sudo apt-get update
sudo apt-get install podman uidmap
echo "$(whoami):10000:65536" | sudo tee /etc/subuid
echo "$(whoami):10000:65536" | sudo tee /etc/subgid
echo -e "[registries.search]\nregistries = ['docker.io']" | sudo tee /etc/containers/registries.conf
@amshinde
amshinde / dump_all_iptables_stats
Created April 2, 2019 22:33 — forked from mcastelino/dump_all_iptables_stats
Dump all iptables stats
for table in $(echo filter nat mangle raw security); do echo $table; iptables -L -v -n --line-numbers -t $table; done
tcpdump -elnXXi
@amshinde
amshinde / install_upstream_kernel_ubuntu.md
Last active March 27, 2019 21:20

Installing uptream kernel on ubuntu:

Kernels can be found at https://kernel.ubuntu.com/~kernel-ppa/mainline/?C=N;O=D

For installing kernel 5.0.5 :

curl -LO https://kernel.ubuntu.com/~kernel-ppa/mainline/v5.0.5/linux-headers-5.0.5-050005_5.0.5-050005.201903271212_all.deb
curl -LO https://kernel.ubuntu.com/~kernel-ppa/mainline/v5.0.5/linux-image-unsigned-5.0.5-050005-generic_5.0.5-050005.201903271212_amd64.deb
@amshinde
amshinde / chameleon-socks.md
Created March 27, 2019 19:57

Chameleon

Chameleon is a containerized setup for (automagically) configuring redsocks to aid in creation of a transparent proxy inside intel. Based on this, we first assume you have docker installed on the system.

Pre-req - install Docker

You'll need to initially setup env variables for proxy such that you can install docker on the system. ex:

@amshinde
amshinde / Release.md
Created March 27, 2019 18:14 — forked from jcvenegas/Release.md
Kata Containers Release
@amshinde
amshinde / remap_and_post.md
Created March 27, 2019 18:14 — forked from mcastelino/remap_and_post.md
Interrupt Remapping and posted interrupt notes

https://software.intel.com/sites/default/files/managed/c5/15/vt-directed-io-spec.pdf

• Legacy pin interrupts

— For devices that use legacy methods for interrupt routing (such as either through direct wiring to the I/OxAPIC input pins, or through INTx messages), the I/OxAPIC hardware generates the interrupt-request transaction. To identify the source of interrupt requests generated by I/OxAPICs, the interrupt-remapping hardware requires each I/OxAPIC in the platform (enumerated through the ACPI Multiple APIC Descriptor Tables (MADT)) to include a unique 16-bit source-id in its requests. BIOS reports the source-id for these I/OxAPICs via ACPI

@amshinde
amshinde / slirp4netns.md
Created March 27, 2019 18:12 — forked from mcastelino/slirp4netns.md
slirp4netns: How does it work

Create a process with its own network and pid namespace

$ unshare --user --map-root-user --net --mount
[root@incensed-gawain ~]# echo $$
2646

Run the slirp process on the host

@amshinde
amshinde / docker-with-proxy.md
Last active April 4, 2019 01:09
Docker with proxy

Getting docker to work with corporate proxy

Docker's conf file /etc/docker/daemon.json :

{  
   "dns":[  
      "10.248.2.1",
      "10.22.224.196"
   ],
 "dns-search":[
@amshinde
amshinde / guest-time-sync.md
Last active April 4, 2019 01:10
Resources for syncing Guest time with host