Chad M. Crowell chadmcrowell
🏠
chadmcrowell
/ bpf-features.txt
Created
May 31, 2024 15:41
All BPF programs and maps that are currently loaded in the system
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Scanning eBPF helper functions... | |
| eBPF helpers supported for program type socket_filter: | |
| - bpf_map_lookup_elem | |
| - bpf_map_update_elem | |
| - bpf_map_delete_elem | |
| - bpf_ktime_get_ns | |
| - bpf_get_prandom_u32 | |
| - bpf_get_smp_processor_id | |
| - bpf_tail_call | |
| - bpf_perf_event_output |
chadmcrowell
/ cilium-network-policy-enforce-L7.yaml
Created
May 31, 2024 15:04
Define cilium network policy to enforce L7 policies
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: cilium.io/v2 | |
| kind: CiliumNetworkPolicy | |
| metadata: | |
| name: my-app-policy | |
| namespace: default | |
| spec: | |
| endpointSelector: | |
| matchLabels: | |
| app: my-app | |
| ingress: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: envoy-config | |
| namespace: default | |
| data: | |
| envoy.yaml: | | |
| static_resources: | |
| listeners: | |
| - name: listener_0 |
chadmcrowell
/ install-cilium-service-mesh-with-helm.sh
Created
May 31, 2024 15:01
Install Cilium with Service Mesh, Envoy, L7 Proxy, and ingress/egress gateways
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| helm install cilium cilium/cilium --version 1.15.5 --namespace kube-system \ | |
| --set global.enabled=true \ | |
| --set global.kubernetesServiceHost=<your-k8s-api-server> \ | |
| --set global.kubernetesServicePort=<your-k8s-api-port> \ | |
| --set global.hubble.enabled=true \ | |
| --set global.hubble.metrics.enabled="{dns,drop,tcp,flow,port-distribution,icmp,http}" \ | |
| --set global.hubble.ui.enabled=true \ | |
| --set global.hubble.relay.enabled=true \ | |
| --set global.egressGateway.enabled=true \ | |
| --set global.ingressController.enabled=true \ |
chadmcrowell
/ cks-book-system-hardening.sh
Last active
January 26, 2024 18:00
CKS Exam Book - System Hardening - Chapter 4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ###################################### | |
| ######### DISABLING SERVICES ######### | |
| ###################################### | |
| # view running services | |
| systemctl | grep running | |
| # view state of snapd service | |
| systemctl status snapd | |
| # stop the snapd service |
chadmcrowell
/ dallas-k8s-workshop-configmaps.sh
Created
October 19, 2023 21:32
Dallas Kubernetes Workshop - ConfigMaps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # use the following lab environment: | |
| # https://studyk8s.club/cka-configmaps | |
| # create the configmap | |
| cat << EOF > redis-configMap.yaml | |
| apiVersion: v1 | |
| data: | |
| redis-config: | | |
| maxmemory: 2mb | |
| maxmemory-policy: allkeys-lru |
chadmcrowell
/ dallas-k8s-workshop-logging.sh
Created
October 19, 2023 21:07
Dallas Kubernetes Workshop - Logging
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # perform the commands from this lab environment: | |
| # https://studyk8s.club/cka-logging | |
| # create a pod that will output logs to stdout | |
| cat << EOF > pod-logging.yaml | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: pod-logging | |
| spec: |
chadmcrowell
/ dallas-k8s-workshop-upgrade-k8s.sh
Created
October 19, 2023 21:01
Dallas Kubernetes Workshop - Upgrade K8s
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # perform the command from this lab environment: | |
| # https://studyk8s.club/cka-upgrade-k8s | |
| # plan the upgrade | |
| kubeadm upgrade plan | |
| # upgrade the version of kubeadm | |
| sudo apt-get update | |
| sudo apt-get install -y apt-transport-https ca-certificates curl gpg | |
| mkdir -p /etc/apt/keyrings/ |
chadmcrowell
/ dallas-k8s-workshop-create-user.sh
Created
October 19, 2023 16:02
Dallas Kubernetes Workshop - Create New User
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # perform the commands from the following lab environment: | |
| # https://studyk8s.club/cka-new-user | |
| # view the config | |
| k config-view | |
| cat ~/.kube/config | |
| echo $KUBECONFIG | |
| cat /etc/kubernetes/admin.conf | |
| # list the cluster users |
chadmcrowell
/ dallas-k8s-workshop-etcd-backup.sh
Created
October 18, 2023 19:20
Dallas Kubernetes Workshop - Etcd Backup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # perform the commands from the following lab environment: | |
| # https://studyk8s.club/cka-ectd-backup | |
| # set etcdctl environment variable api to version 3 | |
| export ECTDCTL_API=3 | |
| # etcd help menu | |
| etcdctl snapshot -h | |
| # backup etcd |
NewerOlder