I hereby claim:
- I am dlamotte on github.
- I am dlamotte (https://keybase.io/dlamotte) on keybase.
- I have a public key ASD44TCKZyCe-_-5B1i5dzhER_h41M9LIZ7rSj7ef0uyRAo
To claim this, I am signing this object:
The node is reporting healthy in kubernetes, but it is unable to make new connections to the apiserver (as seen below). | |
root@aks-zone2x2-32490931-vmss00003V:/# curl -v https://k8s-cloud-mz-3-1eb51d05.hcp.westeurope.azmk8s.io | |
* Rebuilt URL to: https://k8s-cloud-mz-3-1eb51d05.hcp.westeurope.azmk8s.io/ | |
* Trying 51.137.28.79... | |
... | |
As a result, kube-proxy cannot fetch updated endpoints from apiserver and fails to update the network for existing workloads which results in outage for our application to connect to our kafka cluster. | |
[PROD] (k8s-cloud-mz-3) dlamotte@azure.2:~$ kubectl get endpoints -n pkc-lg1x1 kafka-bootstrap-lb -o json | jq '.subsets[].addresses[].ip' |
# http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_users-self-manage-mfa-and-creds.html | |
resource "aws_iam_policy" "require_mfa_presence" { | |
name = "RequireMfaPresence" | |
path = "/" | |
description = "Require presence of MFA on IAM User. IAM User has enough permissions to self-configure an MFA Device." | |
# we tried using <<-EOF here, it seems to be that during `apply`, if you're | |
# using <<-EOF instead of <<EOF that `apply` breaks with: | |
# * aws_iam_policy.require_mfa_presence: Error updating IAM policy | |
# arn:aws:iam::111111111111:policy/RequireMfaPresence: |
I hereby claim:
To claim this, I am signing this object:
https://gist.github.com/anonymous/cfc4e7d379a7e5b3ab64fca14ff1cbc9 |
#!/usr/bin/env python2.7 | |
from pex.pex_builder import PEXBuilder | |
from pex.resolvable import resolvables_from_iterable | |
from pex.resolver import CachingResolver | |
from pex.resolver_options import ResolverOptionsBuilder | |
import argparse | |
import os | |
import shutil | |
import sys |
* About to connect() to stash.veritas.com port 8443 (#0) | |
* Trying 10.123.192.53... connected | |
* Connected to stash.veritas.com (10.123.192.53) port 8443 (#0) | |
* found 138 certificates in /home/dlamotte/portage/linux-64/etc/ssl/certs/ca-certificates.crt | |
* server certificate verification SKIPPED | |
* common name: stash.veritas.com (matched) | |
* server certificate expiration date OK | |
* server certificate activation date OK | |
* certificate public key: RSA | |
* certificate version: #1 |
set term png transparent truecolor size 1920, 1080 | |
set output "results.png" | |
set key outside | |
set key right top | |
set multiplot | |
set timefmt "%d-%m %H:%M:%S" | |
set format x "%H:%M:%S" | |
set grid | |
# CPU plot |
RewriteEngine On | |
RewriteCond %{HTTP_HOST} != host.com | |
RewriteRule ^/?(.*) https://host.com/$1 [R,L] | |
RewriteCond %{HTTPS} !=on | |
RewriteRule ^/?(.*) https://host.com/$1 [R,L] |
[gondor] | |
site_key = | |
vcs = hg | |
[app] | |
; this path is relative to your project root (the directory .gondor is in) | |
requirements_file = requirements.txt | |
; this is a Python path and the default value maps to deploy/wsgi.py on disk | |
wsgi_entry_point = wsgi |