cloudfiles-me’s gists

## readme.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                cloudfiles-me
                / readme.md
            
            
              Last active
              September 28, 2018 23:14
            
              
                Install Helm on Amazon EKS
              
          
Install/upgrade Helm: brew install kubernetes-helm or brew upgrade kubernetes-helm


Install Tiller:


kubectl -n kube-system create sa tiller


Create new file rbac.yaml with this content


apiVersion: v1
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1


## eksctl_create_cluster.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                cloudfiles-me
                / eksctl_create_cluster.md
            
            
              Last active
              December 18, 2018 22:58
            
              
                eksctl cluster creation
              
          
    eksctl create cluster --version=1.11 --name=my-eks-cluster --ssh-public-key=region-keyname --region=supported-region --nodes=3  --node-type=t3.large --node-ami=ami-id-region --kubeconfig=./config-my-eks-cluster.yaml
The last AMI Ids are publiched here:
https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html

  
## readme.adoc

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                cloudfiles-me
                / readme.adoc
            
            
              Created
              September 18, 2018 16:11
                — forked from arun-gupta/readme.adoc
            
              
                Kubernetes Cluster on AWS
              
          
kops: https://github.com/kubernetes/kops


Getting Started Guide: https://github.com/kubernetes/kops/blob/master/docs/aws.md


Installing Kubernetes on AWS with kops: https://kubernetes.io/docs/getting-started-guides/kops/


Mulit-master Kubernetes Cluster on AWS with kops: http://blog.arungupta.me/multimaster-kubernetes-cluster-amazon-kops/


Booting Kubernetes on Amazon Elastic Compute with kops: https://deis.com/docs/workflow/quickstart/provider/aws/boot/


Setting up an HA Kubernetes Cluster in AWS with private topology with kops 1.5.1: https://www.nivenly.com/kops-1-5-1/


Kubernetes on AWS: https://daemonza.github.io/2017/01/15/kubernetes-on-aws/


Your 2nd day with Kubernetes on AWS: https://www.nivenly.com/2nd-hour/


Tectonic (Terraform): http://github.com/coreos/tectonic-installer


Graphical installer: https://coreos.com/tectonic/docs/latest/install/aws/


## kubectl_utils.txt
# Show name of pods with label app=nginx
kubectl get pod -l app=nginx -o json | jq '.items[] | .metadata.name'

kubectl get pod -l app=nginx -o json | jq '.items[] | .spec.containers[].resources'

# Show request/limit of memory and cpu for pods with label app=nginx
kubectl get pod -l app=nginx -o json | jq '.items[] | .spec.containers[].resources.requests.memory'
kubectl get pod -l app=nginx -o json | jq '.items[] | .spec.containers[].resources.limits.memory'
kubectl get pod -l app=nginx -o json | jq '.items[] | .spec.containers[].resources.requests.cpu'
kubectl get pod -l app=nginx -o json | jq '.items[] | .spec.containers[].resources.resources.limits.cpu'

## s3-bucket_policy_allow_ses_write.txt
{
  "Version": "2012-10-17",
  "Id": "GiveSESPermissionToWriteEmail",
  "Statement": [
    {
      "Sid": "GiveSESPermissionToWriteEmail",
      "Effect": "Allow",
      "Principal": {
        "Service": "ses.amazonaws.com"
      },

## aws_lambda_python_environment_variables.py
import os

...

# if the key doesn't exist than raise a 'KeyError'
my_url = os.environ['my_variable_name']

# using get will return 'None' if a key is not present rather than raise a 'KeyError'
my_url = os.environ.get('KEY_THAT_MIGHT_EXIST')

## enable_s3_mfa_delete.txt
aws s3api list-buckets
	--query 'Buckets[*].Name'

aws s3api put-bucket-versioning
	--bucket webapp-status-reports
	--versioning-configuration '{"MFADelete":"Enabled","Status":"Enabled"}'
	--mfa 'arn:aws:iam::aws_account_id:mfa/root-account-mfa-device passcode'

aws s3api get-bucket-versioning
	--bucket webapp-status-reports

## to_open_cloudformation_resources_doc_in context.txt
1. Create a .vscode folder in the cloudformation repository
2. Put this lines into .tasks.json into the .vscode folder

{
  "version": "2.0.0",
  "tasks": [
    {
      "label": "CF Type Search",
      "type": "shell",
      "command": "open -a \"Google Chrome\" \"https://docs.aws.amazon.com/search/doc-search.html?searchPath=documentation-guide&searchQuery=%22${selectedText}%22&x=0&y=0&this_doc_product=AWS+CloudFormation&this_doc_guide=User+Guide&doc_locale=en_us#facet_doc_product=AWS%20CloudFormation&facet_doc_guide=User%20Guide\"",

## .editorconfig
# .editorconfig

# top-most EditorConfig file
root = true

# Unix-style newlines with a newline ending every file
[*]
end_of_line = lf
insert_final_newline = true

## dec.py
import boto3
import base64

if __name__ == '__main__':
    session = boto3.session.Session()

    kms = session.client('kms')

    encrypted_password = 'AQECAHjgTiiE7TYRGp5Irf8jQ3HzlaQaHGYgsUJDaavnHcFm0gAAAGswaQYJKoZIhvcNAQcGoFwwWgIBADBVBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDDwxVQuG0oVwpkU7nQIBEIAoVGk1/wpserb+GVUOzE7PiL/Nr9fTDFKZfpKpF0ip2ct4B2q0Wn6ZZw=='
    binary_data = base64.b64decode(encrypted_password)
	# Show name of pods with label app=nginx
	kubectl get pod -l app=nginx -o json \| jq '.items[] \| .metadata.name'

	kubectl get pod -l app=nginx -o json \| jq '.items[] \| .spec.containers[].resources'

	# Show request/limit of memory and cpu for pods with label app=nginx
	kubectl get pod -l app=nginx -o json \| jq '.items[] \| .spec.containers[].resources.requests.memory'
	kubectl get pod -l app=nginx -o json \| jq '.items[] \| .spec.containers[].resources.limits.memory'
	kubectl get pod -l app=nginx -o json \| jq '.items[] \| .spec.containers[].resources.requests.cpu'
	kubectl get pod -l app=nginx -o json \| jq '.items[] \| .spec.containers[].resources.resources.limits.cpu'
	{
	"Version": "2012-10-17",
	"Id": "GiveSESPermissionToWriteEmail",
	"Statement": [
	{
	"Sid": "GiveSESPermissionToWriteEmail",
	"Effect": "Allow",
	"Principal": {
	"Service": "ses.amazonaws.com"
	},
	import os

	...

	# if the key doesn't exist than raise a 'KeyError'
	my_url = os.environ['my_variable_name']

	# using get will return 'None' if a key is not present rather than raise a 'KeyError'
	my_url = os.environ.get('KEY_THAT_MIGHT_EXIST')
	aws s3api list-buckets
	--query 'Buckets[*].Name'

	aws s3api put-bucket-versioning
	--bucket webapp-status-reports
	--versioning-configuration '{"MFADelete":"Enabled","Status":"Enabled"}'
	--mfa 'arn:aws:iam::aws_account_id:mfa/root-account-mfa-device passcode'

	aws s3api get-bucket-versioning
	--bucket webapp-status-reports
	# .editorconfig

	# top-most EditorConfig file
	root = true

	# Unix-style newlines with a newline ending every file
	[*]
	end_of_line = lf
	insert_final_newline = true
	import boto3
	import base64

	if __name__ == '__main__':
	session = boto3.session.Session()

	kms = session.client('kms')

	encrypted_password = 'AQECAHjgTiiE7TYRGp5Irf8jQ3HzlaQaHGYgsUJDaavnHcFm0gAAAGswaQYJKoZIhvcNAQcGoFwwWgIBADBVBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDDwxVQuG0oVwpkU7nQIBEIAoVGk1/wpserb+GVUOzE7PiL/Nr9fTDFKZfpKpF0ip2ct4B2q0Wn6ZZw=='
	binary_data = base64.b64decode(encrypted_password)