Joaquin Menchaca darkn3rd
🏠
darkn3rd
/ provision_gke_with_least_priv.sh
Created
October 8, 2022 23:12
GKE: GKE with least priv with e2-standard-2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| source env.sh | |
| ####################### | |
| # GSA with least priv for GKE | |
| ########################################## | |
| ROLES=( | |
| roles/logging.logWriter | |
| roles/monitoring.metricWriter | |
| roles/monitoring.viewer | |
| roles/stackdriver.resourceMetadata.writer |
darkn3rd
/ cleanup_cloud_resources.sh
Created
September 19, 2022 10:12
GKE NSM2: Delete Google Cloud Resources
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| gcloud container clusters delete $GKE_CLUSTER_NAME \ | |
| --project $GKE_PROJECT_ID \ | |
| --region $GKE_REGION | |
| gcloud iam service-accounts delete $GKE_SA_EMAIL --project $GKE_PROJECT_ID | |
| gcloud iam service-accounts delete $DNS_SA_EMAIL --project $DNS_PROJECT_ID |
darkn3rd
/ cleanup_k8s_resources.sh
Created
September 19, 2022 10:09
GKE NSM2: Delete Kubernetes Resources
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ratel Resources | |
| kubectl delete deploy/dgraph-ratel --namespace "ratel" | |
| kubectl delete svc/dgraph-ratel --namespace "ratel" | |
| # VirtualServers | |
| helm delete dgraph-virtualservers --namespace "dgraph" | |
| helm delete ratel-virtualserver --namespace "ratel" | |
| # Kubernetes Addons | |
| helm delete "external-dns" --namespace "kube-addons" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| repositories: | |
| # https://artifacthub.io/packages/helm/itscontained/raw | |
| - name: itscontained | |
| url: https://charts.itscontained.io | |
| releases: | |
| - name: dgraph-virtualservers | |
| chart: itscontained/raw | |
| namespace: dgraph | |
| version: 0.2.5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| repositories: | |
| # https://artifacthub.io/packages/helm/itscontained/raw | |
| - name: itscontained | |
| url: https://charts.itscontained.io | |
| releases: | |
| - name: ratel-virtualserver | |
| chart: itscontained/raw | |
| namespace: ratel | |
| version: 0.2.5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| repositories: | |
| # https://artifacthub.io/packages/helm/itscontained/raw | |
| - name: itscontained | |
| url: https://charts.itscontained.io | |
| releases: | |
| - name: ratel | |
| chart: itscontained/raw | |
| namespace: ratel | |
| version: 0.2.5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| repositories: | |
| # https://artifacthub.io/packages/helm/bitnami/external-dns | |
| - name: bitnami | |
| url: https://charts.bitnami.com/bitnami | |
| releases: | |
| - name: external-dns | |
| namespace: kube-addons | |
| chart: bitnami/external-dns | |
| version: 6.8.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| repositories: | |
| # https://artifacthub.io/packages/helm/nginx/nginx-ingress | |
| - name: nginx-stable | |
| url: https://helm.nginx.com/stable | |
| releases: | |
| # NOTE: tutorial online uses 'nginx-ingress' for namespace | |
| - name: nginx-ingress | |
| namespace: kube-addons | |
| chart: nginx-stable/nginx-ingress |
darkn3rd
/ republish_nginx_image.sh
Created
September 18, 2022 07:22
GKE NSM2: republish_nginx_image.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| source env.sh | |
| NGINX_IC_NAP_IMAGE="$PRIV_REG/nginx-ic-nap/nginx-plus-ingress" | |
| docker pull $NGINX_IC_NAP_IMAGE:2.3.0 | |
| docker tag $NGINX_IC_NAP_IMAGE:2.3.0 \ | |
| gcr.io/$GCR_PROJECT_ID/nginx-plus-ingress:2.3.0 | |
| docker push gcr.io/$GCR_PROJECT_ID/nginx-plus-ingress:2.3.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| PRIV_REG="private-registry.nginx.com" | |
| if [[ "$(uname -s)" == "Linux" ]]; then | |
| DOCKER_CERTS_PATH="/etc/docker/certs.d/$PRIV_REG" | |
| sudo mkdir -p $DOCKER_CERTS_PATH | |
| elif [[ "$(uname -s)" == "Darwin" ]]; then | |
| DOCKER_CERTS_PATH="$HOME/.docker/certs.d/$PRIV_REG" | |
| mkdir -p $DOCKER_CERTS_PATH |