I hereby claim:
- I am dlamotte on github.
- I am dlamotte (https://keybase.io/dlamotte) on keybase.
- I have a public key ASD44TCKZyCe-_-5B1i5dzhER_h41M9LIZ7rSj7ef0uyRAo
To claim this, I am signing this object:
Dan LaMotte dlamotte
dlamotte
/ gist:352dced12a021e763073026f6c9187fd
Created
December 12, 2020 04:14
Azure AKS Node cannot make new connection to k8s apiserver
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The node is reporting healthy in kubernetes, but it is unable to make new connections to the apiserver (as seen below). | |
| root@aks-zone2x2-32490931-vmss00003V:/# curl -v https://k8s-cloud-mz-3-1eb51d05.hcp.westeurope.azmk8s.io | |
| * Rebuilt URL to: https://k8s-cloud-mz-3-1eb51d05.hcp.westeurope.azmk8s.io/ | |
| * Trying 51.137.28.79... | |
| ... | |
| As a result, kube-proxy cannot fetch updated endpoints from apiserver and fails to update the network for existing workloads which results in outage for our application to connect to our kafka cluster. | |
| [PROD] (k8s-cloud-mz-3) dlamotte@azure.2:~$ kubectl get endpoints -n pkc-lg1x1 kafka-bootstrap-lb -o json | jq '.subsets[].addresses[].ip' |
dlamotte
/ aws-policy-require-mfa-terraform.tf
Last active
June 23, 2017 21:44
AWS Policy to Require MFA for API access. New IAM users can only configure MFA and then can proceed with the normal permissions of their access.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_users-self-manage-mfa-and-creds.html | |
| resource "aws_iam_policy" "require_mfa_presence" { | |
| name = "RequireMfaPresence" | |
| path = "/" | |
| description = "Require presence of MFA on IAM User. IAM User has enough permissions to self-configure an MFA Device." | |
| # we tried using <<-EOF here, it seems to be that during `apply`, if you're | |
| # using <<-EOF instead of <<EOF that `apply` breaks with: | |
| # * aws_iam_policy.require_mfa_presence: Error updating IAM policy | |
| # arn:aws:iam::111111111111:policy/RequireMfaPresence: |
dlamotte
/ gist:c92c6d4a720d775fbbbbe1a24e1c11c2
Created
April 24, 2016 21:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://gist.github.com/anonymous/cfc4e7d379a7e5b3ab64fca14ff1cbc9 |
dlamotte
/ pex-build.py
Last active
November 30, 2017 10:10
Using pex to build a single python executable (minimal requirements)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2.7 | |
| from pex.pex_builder import PEXBuilder | |
| from pex.resolvable import resolvables_from_iterable | |
| from pex.resolver import CachingResolver | |
| from pex.resolver_options import ResolverOptionsBuilder | |
| import argparse | |
| import os | |
| import shutil | |
| import sys |
dlamotte
/ curl-ssl.log
Last active
October 9, 2015 15:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| * About to connect() to stash.veritas.com port 8443 (#0) | |
| * Trying 10.123.192.53... connected | |
| * Connected to stash.veritas.com (10.123.192.53) port 8443 (#0) | |
| * found 138 certificates in /home/dlamotte/portage/linux-64/etc/ssl/certs/ca-certificates.crt | |
| * server certificate verification SKIPPED | |
| * common name: stash.veritas.com (matched) | |
| * server certificate expiration date OK | |
| * server certificate activation date OK | |
| * certificate public key: RSA | |
| * certificate version: #1 |
dlamotte
/ gnuplot.txt
Last active
December 19, 2015 00:29
— forked from kellabyte/gnuplot.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set term png transparent truecolor size 1920, 1080 | |
| set output "results.png" | |
| set key outside | |
| set key right top | |
| set multiplot | |
| set timefmt "%d-%m %H:%M:%S" | |
| set format x "%H:%M:%S" | |
| set grid | |
| # CPU plot |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RewriteEngine On | |
| RewriteCond %{HTTP_HOST} != host.com | |
| RewriteRule ^/?(.*) https://host.com/$1 [R,L] | |
| RewriteCond %{HTTPS} !=on | |
| RewriteRule ^/?(.*) https://host.com/$1 [R,L] |
dlamotte
/ gondor.conf
Created
June 15, 2011 01:37
— forked from ojii/example.html
base settings for django-cms and gondor project
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [gondor] | |
| site_key = | |
| vcs = hg | |
| [app] | |
| ; this path is relative to your project root (the directory .gondor is in) | |
| requirements_file = requirements.txt | |
| ; this is a Python path and the default value maps to deploy/wsgi.py on disk | |
| wsgi_entry_point = wsgi |