aramalipoor

apiVersion: v1
kind: Template
metadata:
  name: shared-resource-viewer
parameters:
- displayName: Project / Namespace
  description: Name of the project (might be current project) from which you want to publish/share Templates and ImageStreams
  name: NAMESPACE
  required: true
  value: my-project-name

aramalipoor

Keybase proof

I hereby claim:

• I am aramalipoor on github.
• I am alipoor (https://keybase.io/alipoor) on keybase.
• I have a public key ASBjjvuvZdOlwS8JHQWRBzYVx9d4L05-8oGdJcVpA-7SQQo

To claim this, I am signing this object:

aramalipoor

Kafka SSL + OpenShift Routes

To expose Kafka port externally enable SSL/TLS configuration in Kafka.

1. Build the image based on this Dockerfile
2. Generate all keys and certificates based on gen.sh. Note Replace <YOUR_KAFKA_DOMAIN_HERE> and passphrase (i.e. test1234).
3. Create a secret based to store all certificates:

   oc create secret generic kafka-ssl --from-file=/absolute/path/to/generated/certs/dir

4. Update Kafka's Statefulset to enable SSL (statefulset.yml holds already patched version of our template):

aramalipoor

# For ES 6.x Java XML Bind module must be explicitly added
ES_JAVA_OPTS=-Xms1000m -Xmx1000m -Des.logger.level=DEBUG --add-modules java.xml.bind

aramalipoor

# You can edit a BuildConfig's YAML either via UI
# or by running `oc edit bc/MY_APP`
spec:
  # ...
  source:
    # ...
    secrets:
      # This path must be relative when BuildConfig's "strategy" is Docker
      - destinationDir: secrets/github-myorg
        secret:

aramalipoor

FROM debian

RUN apt-get update -y && \

    # SSH and git binaries are required
    apt-get install -y curl ssh git && \
    
    # Prepare required configurations and directories
    mkdir -p /root/.ssh && \
    git config --global user.name "example" && \

aramalipoor

Nginx Config for real IP when using CloudFlare

If CloudFlare cache is disabled (the cloud icon in DNS settings is turned off, i.e. gray), the nginx config in our examples would work and gives you the real IP in REMOTE_ADDR variable.

If you need to keep CF cache enabled (the cloud icon is active and orange) adding code below to nginx config will give you user's real IP in REMOTE_ADDR variable:

server {
    // ...
    
    real_ip_recursive on;
    real_ip_header X-Forwarded-For;

aramalipoor

Example

wrk -t 5 -c 10 -d 10s -s wrk-hostname-counter.lua https://example.com/

 ------------------------------------------------
 server-b-pxchg: 50.3333% (151 total)
 server-a-n82cc: 3.33333% (10 total)
 server-a-lr665: 3.33333% (10 total)
 server-a-7cnws: 3.33333% (10 total)

aramalipoor

# Prepare required directories for Newrelic installation
RUN mkdir -p /var/log/newrelic /var/run/newrelic && \
    touch /var/log/newrelic/php_agent.log /var/log/newrelic/newrelic-daemon.log && \
    chmod -R g+ws /tmp /var/log/newrelic/ /var/run/newrelic/ && \
    chown -R 1001:0 /tmp /var/log/newrelic/ /var/run/newrelic/ && \

    # Download and install Newrelic binary
    export NEWRELIC_VERSION=$(curl -sS https://download.newrelic.com/php_agent/release/ | sed -n 's/.*>\(.*linux-musl\).tar.gz<.*/\1/p') && \
    cd /tmp && curl -sS "https://download.newrelic.com/php_agent/release/${NEWRELIC_VERSION}.tar.gz" | gzip -dc | tar xf - && \
    cd "${NEWRELIC_VERSION}" && \

aramalipoor

Install

sudo curl -L -o /usr/local/bin/recommit https://gist.githubusercontent.com/aramalipoor/fa0a501d985b095b4d8ec453e1ba8e56/raw/032275f887799c139a6b06e148b1146c914313b9/recommit.sh
sudo chmod +x /usr/local/bin/recommit

Disclaimer

Although this snippet checks last commit's ID on your remote branch before tying to force commit, use it at your own risk.