Đinh Anh Huy dinhanhhuy

## blog-nDgwz7gSN3Td.bash
$ terraform plan
  ...
  # aws_instance.web will be updated in-place
  ~ resource "aws_instance" "web" {
        id                                   = "i-07caf923df8e31740"
      ~ tags                                 = {
          ~ "Name" = "what-is-this" -> "The first ec2"
        }
    }
Plan: 0 to add, 1 to change, 0 to destroy.

## blog-3l6HyRKqztr8.go
deny_network_acl_rule_0_0_0_0_0 {
  denied_actions = ["aws_network_acl_rule.create"]

  # This rule is triggered if any AWS network ACL rule allows IP range 0.0.0.0/0
  rule = any tfplan.resource_changes as _, rc {
    rc.type is "aws_network_acl_rule" and
    rc.change.after.addresses is ["0.0.0.0/0"]
  }
}

## blog-BHci2WwMBMY0.sh
$ terraform plan
...
Cost estimation:

Resources: 1 of 3 estimated
           $9.4303999999999992/mo +$0.0

## blog-vTPSiVBXy0Sr.bash
$ mount --bind /root/sql-dependencies /root/sql-dependencies-v1

## blog-wYQwgeJ5dfDJ.bash
# create mount namespace "some-sql"
$ unshare --mount some-sql start

# mount the host folder to "some-sql" namespace
# similar to docker command --volume
$ mount --bind /var/lib/mysql /my/own/datadir

## blog-XOxF2WReO66c.bash
$ unshare --net some-sql start

## blog-OmkmPQ4URIWf.sh
$ docker inspect c84ad4878642
[
  {
    "State": {
      "Pid": 52507,
    ...

## blog-7ZBS5y3LsOk0.sh
# listed all Linux namespace attach by process 52507
$ lsns | grep 52507
4026539260 mnt         4 52507 root            /bin/sh -c ./env.sh
4026539261 uts         4 52507 root            /bin/sh -c ./env.sh
4026539262 pid         4 52507 root            /bin/sh -c ./env.sh

## blog-Pc2b2VLhKiix.sh
$ ip netns exec c84ad4878642 netstat -lnpt

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address         Foreign Address           State       PID/Program name
tcp        0      0 127.0.0.1:8080        127.0.0.1:*               LISTEN      52583/nginx: master

## blog-QXTWVNcdUOZq.sh
# create meta data file for network namespace
$ pid=$(docker inspect -f '{{.State.Pid}}' ${container_id})
$ mkdir -p /var/run/netns/
$ ln -sfT /proc/$pid/ns/net /var/run/netns/[container_id]

# list all the network namespace on host
$ ip netns ls
c84ad4878642 (id: 77)
	$ terraform plan
	...
	# aws_instance.web will be updated in-place
	~ resource "aws_instance" "web" {
	id = "i-07caf923df8e31740"
	~ tags = {
	~ "Name" = "what-is-this" -> "The first ec2"
	}
	}
	Plan: 0 to add, 1 to change, 0 to destroy.
	deny_network_acl_rule_0_0_0_0_0 {
	denied_actions = ["aws_network_acl_rule.create"]

	# This rule is triggered if any AWS network ACL rule allows IP range 0.0.0.0/0
	rule = any tfplan.resource_changes as _, rc {
	rc.type is "aws_network_acl_rule" and
	rc.change.after.addresses is ["0.0.0.0/0"]
	}
	}
	$ terraform plan
	...
	Cost estimation:

	Resources: 1 of 3 estimated
	$9.4303999999999992/mo +$0.0
	# create mount namespace "some-sql"
	$ unshare --mount some-sql start

	# mount the host folder to "some-sql" namespace
	# similar to docker command --volume
	$ mount --bind /var/lib/mysql /my/own/datadir
	# listed all Linux namespace attach by process 52507
	$ lsns \| grep 52507
	4026539260 mnt 4 52507 root /bin/sh -c ./env.sh
	4026539261 uts 4 52507 root /bin/sh -c ./env.sh
	4026539262 pid 4 52507 root /bin/sh -c ./env.sh
	$ ip netns exec c84ad4878642 netstat -lnpt

	Active Internet connections (only servers)
	Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
	tcp 0 0 127.0.0.1:8080 127.0.0.1:* LISTEN 52583/nginx: master
	# create meta data file for network namespace
	$ pid=$(docker inspect -f '{{.State.Pid}}' ${container_id})
	$ mkdir -p /var/run/netns/
	$ ln -sfT /proc/$pid/ns/net /var/run/netns/[container_id]

	# list all the network namespace on host
	$ ip netns ls
	c84ad4878642 (id: 77)