Anoop anoopl
anoopl
/ k8s-service-account-kubeconfig.sh
Created
June 21, 2020 15:32
— forked from ericchiang/k8s-service-account-kubeconfig.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -e | |
| # Usage ./k8s-service-account-kubeconfig.sh ( namespace ) ( service account name ) | |
| TEMPDIR=$( mktemp -d ) | |
| trap "{ rm -rf $TEMPDIR ; exit 255; }" EXIT | |
| SA_SECRET=$( kubectl get sa -n $1 $2 -o jsonpath='{.secrets[0].name}' ) |
anoopl
/ ingress-gw-ssl.yaml
Created
March 10, 2020 08:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: Gateway | |
| metadata: | |
| name: ingressgateway | |
| spec: | |
| selector: | |
| istio: ingressgateway | |
| servers: | |
| - hosts: | |
| - dns1 |
anoopl
/ ingress-gw.yamml
Created
March 10, 2020 06:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: Gateway | |
| metadata: | |
| annotations: | |
| name: ingressgateway | |
| spec: | |
| selector: | |
| istio: ingressgateway | |
| servers: | |
| - hosts: |
anoopl
/ elastic-disk.yaml
Created
February 26, 2020 06:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: elasticsearch.k8s.elastic.co/v1 | |
| kind: Elasticsearch | |
| metadata: | |
| name: es-test | |
| spec: | |
| version: 7.5.1 | |
| nodeSets: | |
| - name: es-test | |
| count: 3 | |
| config: |
anoopl
/ elastic.yaml
Created
February 25, 2020 08:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: elasticsearch.k8s.elastic.co/v1 | |
| kind: Elasticsearch | |
| metadata: | |
| name: es-prod | |
| spec: | |
| version: 7.6.0 | |
| nodeSets: | |
| - name: es-prod | |
| count: 3 | |
| config: |
anoopl
/ startup-daemonset.yaml
Created
February 24, 2020 14:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kind: DaemonSet | |
| apiVersion: extensions/v1beta1 | |
| metadata: | |
| name: startup-script | |
| labels: | |
| app: startup-script | |
| spec: | |
| template: | |
| metadata: | |
| labels: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| set -o pipefail | |
| # Add user to k8s using service account, no RBAC (must create RBAC after this script) | |
| if [[ -z "$1" ]] || [[ -z "$2" ]]; then | |
| echo "usage: $0 onboarding-dev-deploy onboarding" | |
| exit 1 | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Step 1 | |
| #Generate server keystore and client keystore | |
| keytool -keystore kafka.server.keystore.jks -alias localhost -validity 365 -genkey | |
| keytool -keystore kafka.client.keystore.jks -alias localhost -validity 365 -genkey | |
| #Step 2 | |
| #Create CA | |
| openssl req -new -x509 -keyout ca-key -out ca-cert -days 365 | |
| #Add generated CA to the trust store | |
| keytool -keystore kafka.server.truststore.jks -alias CARoot -import -file ca-cert |
anoopl
/ istio-helm
Created
March 8, 2019 11:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| helm template install/kubernetes/helm/istio --name istio --namespace istio-system --set global.proxy.includeIPRanges="10.0.0/16"> ~/workspace/istio/istio.yaml | |
| You can add more options on --set key=value with comma seperated | |
| Eg: | |
| helm template install/kubernetes/helm/istio --name istio --namespace istio-system --set global.proxy.includeIPRanges="10.0.0.0/16",global.mtls.enabled=false,grafana.enabled=true,kiali.enabled=true,tracing.enabled=true > ~/workspace/istio/istio.yaml | |
anoopl
/ nginx-cluster-autoscale-test.yaml
Created
February 6, 2019 11:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| creationTimestamp: null | |
| labels: | |
| run: nginx | |
| name: nginx | |
| spec: | |
| replicas: 21 | |
| selector: |
NewerOlder