Skip to content

Instantly share code, notes, and snippets.

View armenr's full-sized avatar

Armen Rostamian armenr

View GitHub Profile
@armenr
armenr / falsehoods-programming-time-list.md
Created March 12, 2024 12:15 — forked from timvisee/falsehoods-programming-time-list.md
Falsehoods programmers believe about time, in a single list

Falsehoods programmers believe about time

This is a compiled list of falsehoods programmers tend to believe about working with time.

Don't re-invent a date time library yourself. If you think you understand everything about time, you're probably doing it wrong.

Falsehoods

  • There are always 24 hours in a day.
  • February is always 28 days long.
  • Any 24-hour period will always begin and end in the same day (or week, or month).
@armenr
armenr / eslint.config.js
Last active January 19, 2024 10:28
antfu-eslintconfig + oxlint?
import antfu from '@antfu/eslint-config'
import { FlatCompat } from '@eslint/eslintrc'
// see here: https://github.com/oxc-project/eslint-plugin-oxlint
import oxlint from "eslint-plugin-oxlint"
const compat = new FlatCompat()
export default antfu({
typescript: {
@armenr
armenr / sse.ts
Created January 12, 2024 16:41 — forked from Atinux/sse.ts
SSE endpoint example with Nuxt 3
// ~/server/api/sse.ts
export default defineEventHandler(async (event) => {
if (!process.dev) return { disabled: true }
// Enable SSE endpoint
setHeader(event, 'cache-control', 'no-cache')
setHeader(event, 'connection', 'keep-alive')
setHeader(event, 'content-type', 'text/event-stream')
setResponseStatus(event, 200)
@armenr
armenr / README.md
Last active May 31, 2024 12:48
Cilium vxlan overlay for EKS clusters

Cilium vxlan overlay w/ Terraform

Why?

The AWS EKS team works extremely hard. We appreciate all of their effort.

But the aws-vpc-cni requires fine-tuning of complex settings, and:

  1. Limits the number of pods you can run on an EC2, based on the number of ENIs that instance size (or type) can support. Pod density is valuable.
  2. Requires you to play with settings like WARM_ENI_TARGET, WARM_IP_TARGET, WARM_PREFIX_TARGET, etc...
  3. Runs into conditions where Pods get stuck in "Creating," since IP management gets tricky based on cluster pod churn, and aws-vpc-cni...and ENABLE_PREFIX_DELEGATION + branching can lead to a lot of wasted IPs
@armenr
armenr / README.md
Last active February 20, 2024 23:48
Wait for EC2 to Become Reachable

EC2 Wait Until Ready

This script is part of a broader library of utilities that are used in conjunction with Terraform...to make life better/easier for Ops & SRE.

Use-Case

Not everything begins and ends with Kubernetes. Sometimes, you've got things to do directly on an EC2. It (almost) always goes the same way:

  1. Create an instance
@armenr
armenr / README.md
Last active May 22, 2023 12:38
terraform null_resource for automatically setting up Cilium + EKS via Cilium CLI

Install Cilium on EKS

Example

ENI Mode

The example auto-installs cilium into EKS with the default ENI "datapath" (aka - "mode").

Be sure to roll/restart all running pods upon successful installation. Cilium will restart "unamanaged" pods, but that doesn't mean all pods will get restarted.

@armenr
armenr / install_ncdu_amazon_linux.sh
Created April 21, 2023 14:46 — forked from MrHassanMurtaza/install_ncdu_amazon_linux.sh
Install ncdu on amazon linux 2
#!/bin/bash
# install packages/dependencies for compilation
sudo yum -y install gcc make ncurses-devel
cd /tmp
# the latest version of ncdu is published here: http://dev.yorhel.nl/ncdu
# update the link below if necessary:
wget -nv http://dev.yorhel.nl/download/ncdu-1.10.tar.gz
@armenr
armenr / README.md
Last active April 16, 2023 03:35
Terraform external data source to generate SOPS-encrypted secret files

Terraform gen-sops

This example demonstrates how to use terraform's external data provider to automatically encrypt and save sops secrets files.

This implementation makes every effort to avoid exposing secrets in stdout, or by writing unencrypted data to temporary files on disk.

The example includes:

  1. gen-sops.sh script (generates and returns sops-encrypted file contents to terraform)
  2. test_gen-sops.sh script which provides an easy way to continuously test your script
  3. terraform example implementation (vars.tf, sops_secrets.tf)
@armenr
armenr / Dockerfile
Last active November 30, 2022 09:36
ArgoCD 2.5.2 + Extras w/ Helmfile (helmfile, helm-diff, helm-secrets)
# syntax=docker/dockerfile:1.4
# follow link regarding ^^: https://hub.docker.com/r/docker/dockerfile
################################################################################
# Straightforward ArgoCD + HelmFile Custom Image
################################################################################
# This Dockerfile allows us to customize the ArgoCD Docker image with additional tooling
# This could be achieved by using a CMP-sidecar, but we'd prefer not to lose hours/days
# fiddling with Argo's as-yet clumsy-feeling plugin sidecar + cmp support.
@armenr
armenr / ssh_key.tf
Created November 21, 2022 12:01 — forked from irvingpop/ssh_key.tf
Terraform external data source example - dynamic SSH key generation
# ssh key generator data source expects the below 3 inputs, and produces 3 outputs for use:
# "${data.external.ssh_key_generator.result.public_key}" (contents)
# "${data.external.ssh_key_generator.result.private_key}" (contents)
# "${data.external.ssh_key_generator.result.private_key_file}" (path)
data "external" "ssh_key_generator" {
program = ["bash", "${path.root}/../ssh_key_generator.sh"]
query = {
customer_name = "${var.customer_name}"
customer_group = "${var.customer_group}"