gbrayut

# https://istio.io/latest/docs/reference/config/networking/service-entry/
apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
  name: test-service-entry
  namespace: testing
spec:
  hosts:
  - test.service # for host header matching
  addresses:

gbrayut

# The manifest below setups up a simple upload server behind gke ingress. Easiest to test from Cloud Shell or another GCE VM
# But there does seem to be a timeout/slowloris mitigation so testing with real world upload speeds is also recommended
# Also, the "right" way to do this is chunked uploads and/or direct to GCS signed URLs.
# But so far I don't see a reason why GCLB HTTPS LBs wouldn't work

# Download test files from http://xcal1.vodafone.co.uk/
curl -vsF file=@5MB.zip http://34.111.109.144:80/upload?token=1234
curl -vsF file=@50MB.zip http://34.111.109.144:80/upload?token=1234
curl -vsF file=@200MB.zip http://34.111.109.144:80/upload?token=1234

gbrayut

$ uname -a;systemctl --version
Linux gbmint02 5.4.0-113-generic #127-Ubuntu SMP Wed May 18 14:30:56 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
systemd 245 (245.4-4ubuntu3.17)
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid

$ sudo machinectl pull-tar http://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64-root.tar.xz
$ time /bin/sh -c 'ls /sys/fs/cgroup >/dev/null'

real	0m0.006s
user	0m0.003s

gbrayut

# config-connector export //cloudkms.googleapis.com/projects/gregbray-kms/locations/us-central1/keyRings/my-key-ring
apiVersion: kms.cnrm.cloud.google.com/v1beta1
kind: KMSKeyRing
metadata:
  annotations:
    cnrm.cloud.google.com/project-id: gregbray-kms
    cnrm.cloud.google.com/deletion-policy: abandon
  name: my-key-ring
spec:
  location: us-central1

gbrayut

apiVersion: serviceusage.cnrm.cloud.google.com/v1beta1
kind: Service
metadata:
  name: sqladmin.googleapis.com
spec:
  projectRef:
    external: projects/gregbray-gke
# If error: Per-product, per-project service account not found
# Fix using: gcloud beta services identity create --service=sqladmin.googleapis.com --project=gregbray-gke
#

gbrayut

apiVersion: v1
kind: Pod
metadata:
  name: runtimedefault-pod
spec:
  containers:
  - name: test-container
    image: r.j3ss.co/amicontained
    command: ["/usr/bin/amicontained"]
    securityContext:

gbrayut

#Flash 32bit os using rpi imager (with ssh and wifi settings) then login via ssh and configure device
ssh-import-id-gh gbrayut
sudo apt update
sudo apt install -y vim feh
sudo apt upgrade -y

# Copy pictures to rpi
scp -r /path/to/slideshow gbrayut@gbrpi3b:~/

# Configure systemd user unit file

gbrayut

version: '3.7'
services:
  homeassistant:
    container_name: home-assistant
    image: homeassistant/home-assistant:stable
    ports:
      - "8123"
    volumes:
      - /data/homeassistant:/config
      - /data/ssl:/ssl

gbrayut

# https://github.com/processone/eturnal but probably better to use https://github.com/processone/eturnal/tree/master/examples/kubernetes-kustomize
# for testing use https://icetest.info/ should match results for stun:stun.l.google.com:19302
apiVersion: v1
kind: Namespace
metadata:
  name: eturnal
---
apiVersion: apps/v1
kind: Deployment
metadata:

gbrayut

# from https://cloud.google.com/load-balancing/docs/network/udp-with-network-load-balancing
apiVersion: v1
kind: Namespace
metadata:
  name: udp-echo
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: echo