Install cfssl
# This requires an existing Go environment with GOPATH set
go get -u github.com/cloudflare/cfssl/cmd/...
Thorsten Schifferdecker curx
curx
/ README.md
Created
October 26, 2019 11:42
— forked from detiber/README.md
Using CFSSL as an external CA for kubeadm
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| docker rm -f $(docker ps -qa) | |
| docker volume rm $(docker volume ls -q) | |
| mount -t tmpfs | awk '/pods/ { print $3}' | while read mounts; do sudo umount $mounts; done | |
| sudo rm -rf /etc/ceph \ | |
| /etc/cni \ | |
| /etc/kubernetes \ | |
| /opt/cni \ | |
| /opt/rke \ | |
| /run/secrets/kubernetes.io \ | |
| /run/calico \ |
kubeadm-config.yaml:
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
# Allowing for CPU pinning and isolation in case of guaranteed QoS class
-featureGates:
- PodOverhead: true
cpuManagerPolicy: static
systemReserved:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: extensions/v1beta1 | |
| kind: NetworkPolicy | |
| metadata: | |
| name: hn-nodes | |
| namespace: default | |
| ownerReferences: | |
| - apiVersion: v1 | |
| kind: Namespace | |
| name: default | |
| spec: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: extensions/v1beta1 | |
| kind: NetworkPolicy | |
| metadata: | |
| labels: | |
| cattle.io/creator: norman | |
| field.cattle.io/projectId: p-<xyz-1> | |
| name: np-default | |
| namespace: default | |
| spec: | |
| ingress: |
curx
/ 00-cloud-config.yml
Created
January 11, 2020 06:02
— forked from janeczku/00-cloud-config.yml
Annotated RancherOS Cloud-init configuration snippets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cloud-config | |
| # Set the hostname for this machine (takes precedence over hostname assigned by DHCP lease). | |
| hostname: myhost | |
| # Authorize SSH keys for the `rancher` sudoer user | |
| ssh_authorized_keys: | |
| - ssh-rsa AAA...ZZZ example1@rancher | |
curx
/ youtube-dl.md
Created
March 15, 2020 10:25
— forked from harishkannarao/youtube-dl.md
youtube-dl
youtube-dl is an opensource command line tool to download video or audio from online video streaming services.
Videos downloaded in mkv or webm extensions can be played by VLC Media player in all major devices and operating systems including iPhone, Android devices.
Tool website: https://youtube-dl.org/
This gist shows the example commands to use the tool and doesn't support or encourage piracy or violation of copyrights of the online streaming service or the author of the content
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Source: calico/templates/calico-config.yaml | |
| # This ConfigMap is used to configure a self-hosted Calico installation. | |
| kind: ConfigMap | |
| apiVersion: v1 | |
| metadata: | |
| name: calico-config | |
| namespace: kube-system | |
| data: | |
| # Typha is disabled. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Source: cilium/templates/cilium-agent-serviceaccount.yaml | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: cilium | |
| namespace: kube-system | |
| --- | |
| # Source: cilium/templates/cilium-operator-serviceaccount.yaml | |
| apiVersion: v1 |
curx
/ cilium-v1.9-without-kube-proxy.yaml
Created
May 12, 2021 18:33
customized cilium manifests used for talos - without kube-proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Source: cilium/templates/cilium-agent-serviceaccount.yaml | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: cilium | |
| namespace: kube-system | |
| --- | |
| # Source: cilium/templates/cilium-operator-serviceaccount.yaml | |
| apiVersion: v1 |