Skip to content

Instantly share code, notes, and snippets.

@dcarley
dcarley / README.md
Last active October 6, 2021 13:05
PROXY protocol spoof test
View README.md

Verifying whether the following can be spoofed (source).

Network Load Balancers use proxy protocol version 2 to send additional connection information such as the source and destination. Proxy protocol version 2 provides a binary encoding of the proxy protocol header. The load balancer prepends a proxy protocol header to the TCP data. It does not discard or overwrite any existing data, including any proxy protocol headers sent by the client or any other proxies, load balancers, or servers in the network path. Therefore, it is possible to receive more than one proxy protocol header. Also, if there is another network path to your targets outside of your Network Load Balancer, the first proxy protocol header might not be the one from your Network Load Balancer.

@dcarley
dcarley / readme.md
Created July 28, 2020 10:24
samproxy CacheCapacity tuning notes
View readme.md

I was originally hoping to calculate the appropriate CacheCapacity from metrics at 10% traffic and then scale up from there, however it proved harder than I thought.

We have the following variables that we can tweak:

  • cache per pod: needs to be large enough that we can take spikes in trace volume or duration but not too large that we're wasting memory

  • memory per pod: should be less than 8G so that we can effectively fit

@dcarley
dcarley / keybase.md
Created June 19, 2019 09:32
keybase
View keybase.md

Keybase proof

I hereby claim:

  • I am dcarley on github.
  • I am dcarley (https://keybase.io/dcarley) on keybase.
  • I have a public key whose fingerprint is 7F55 81C1 1A96 119A 6903 7518 4AAC F5A2 32BB 356A

To claim this, I am signing this object:

View gist:6cee02b19c862ea8cb06fbdc9b0f1346
dcarley@cci-mbp  ~  xxd -c1
CIRCLE-15313
00000000: 43 C
00000001: 49 I
00000002: 52 R
00000003: 43 C
00000004: 4c L
00000005: 45 E
00000006: e2 .
00000007: 80 .
@dcarley
dcarley / apps.go
Last active May 4, 2018 10:01
CF apps inspection script
View apps.go
package main
import (
"flag"
"fmt"
"log"
"net/url"
cfclient "github.com/cloudfoundry-community/go-cfclient"
)
@dcarley
dcarley / tf_trace.log
Created January 9, 2018 12:32
Terraform TF_PLUGIN_CACHE_DIR issue
View tf_trace.log
➜ terraform git:(a42fdb08a) ✗ TF_LOG=trace terraform init
2018/01/09 12:31:46 [INFO] Terraform version: 0.11.1
2018/01/09 12:31:46 [INFO] Go runtime version: go1.9.2
2018/01/09 12:31:46 [INFO] CLI args: []string{"/usr/local/Cellar/terraform/0.11.1/bin/terraform", "init"}
2018/01/09 12:31:46 [DEBUG] Attempting to open CLI config file: /Users/dcarley/.terraformrc
2018/01/09 12:31:46 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2018/01/09 12:31:46 [INFO] CLI command args: []string{"init"}
2018/01/09 12:31:46 [DEBUG] command: loading backend config file: /Users/dcarley/projects/gocode/src/github.com/hashicorp/terraform
2018/01/09 12:31:46 [INFO] command: empty terraform config, returning nil
2018/01/09 12:31:46 [DEBUG] command: no data state file found for backend config
@dcarley
dcarley / vpnc-script-aws
Created November 8, 2017 11:44 — forked from alext/vpnc-script-aws
vpnc script to route all AWS IP ranges over VPN.
View vpnc-script-aws
#!/bin/bash
# vpnc-script wrapper for use with openconnect that routes all AWS IP ranges over the VPN.
# Pass any additional IP ranges to be routed as args to the script.
#
# Requirements: bash, curl and jq.
#
# Example usage:
# openconnect https://vpn.example.com/profile --script '/path/to/vpnc-script-aws' --no-dtls
#
@dcarley
dcarley / order.csv
Created May 23, 2017 20:06
Farnell order for Boldport "just less than perfect" bundle
View order.csv
We can make this file beautiful and searchable if this error is corrected: Unclosed quoted field in line 5.
Order Code,Line Note,Description,Manufacturer,Manufacturer Part Number,Quantity,Unit Price,Line Total
2396052,cuttle,"SWITCH, TACTILE, 50MA, 24VDC, THT; Illumination:Non Illuminated; Contact Voltage DC Nom:24V; Contact Current Max:50mA; Operating Force:160gf; Switch Terminals:Through Hole; Product Range:FSMJRT Series; SVHC:No SVHC (12-J ",TE CONNECTIVITY / ALCOSWITCH,FSM4JRT,1,GBP 0.11,GBP 0.11
1972087,cuttle,"MCU, 8BIT, ATMEGA, 20MHZ, DIP-28; Controller Family/Series:ATmega; CPU Speed:20MHz; Program Memory Size:32KB; RAM Memory Size:2KB; No. of Pins:28Pins; MCU Case Style:DIP; No. of I/O's:23I/O's; Embedded Interface Type:I2C ",MICROCHIP,ATMEGA328-PU,1,GBP 2.36,GBP 2.36
2112751,cuttle,"CAP, MLCC, Y5V, 100NF, 50V, RAD; Capacitance:0.1µF; Voltage Rating:50V; Product Range:MC Series; Capacitance Tolerance:± 20%; Capacitor Terminals:Radial Leaded; Dielectric Characteristic:Y5V; Packaging:Cut Tape; Lead Spa ",MULTICOMP,MC0805Y104M500A2.54MM,4,GBP 0.0875,GBP 0.35
9339060,cuttle + pease,"RESISTOR, CARBON FILM, 10K,
View github_avatar_magnet.sh
#!/usr/bin/env bash
set -eu
user=$1
size=128
url=$(curl https://api.github.com/users/${user} | jq -r '.avatar_url')
wget -O "${user}.jpg" "${url}&s=${size}"
View aggregate_ensure.yml
---
jobs:
- name: test
plan:
- task: hello
config:
platform: linux
image_resource:
type: docker-image
source: {repository: alpine}