I hereby claim:
- I am ibenrodriguez on github.
- I am iben (https://keybase.io/iben) on keybase.
- I have a public key whose fingerprint is C3E0 0E81 BE7F C64A DEBE 9D07 79FF 2842 8805 C7E0
To claim this, I am signing this object:
8 commits over 2 days 14 changed files with 170 additions and 73 deletions. | |
31 terraform/aws_compute.tf | |
@@ -39,11 +39,9 @@ resource "aws_instance" "vm2a" { | |
user_data = "${data.template_file.install_ubuntu_deps_vm2a.rendered}" | |
vpc_security_group_ids = [ | |
"${aws_security_group.aws-allow-icmp.id}", | |
"${aws_security_group.aws-allow-ssh.id}", | |
"${aws_security_group.aws-allow-nginx.id}", |
apoctl api update hookpolicy 5d93638b36063 \ | |
--api https://api.console.aporeto.com \ | |
--namespace /namespace \ | |
--data '{ | |
"ID": "5d93638b311ddc0036063", | |
"annotations": {}, | |
"associatedTags": [], | |
"certificateAuthority": "", | |
"clientCertificate": "", | |
"clientCertificateKey": "", |
$ gcloud container clusters get-credentials k8s1a-vl7h --region asia-northeast1-a | |
Fetching cluster endpoint and auth data. | |
kubeconfig entry generated for k8s1a-vl7h. | |
$ kubectl get nodes | |
NAME STATUS ROLES AGE VERSION | |
gke-k8s1a-vl7h-k8s1a-node-pool-vl7h-817a4e41-2qv6 Ready <none> 154m v1.14.6-gke.2 | |
gke-k8s1a-vl7h-k8s1a-node-pool-vl7h-817a4e41-sgq0 Ready <none> 154m v1.14.6-gke.2 | |
gke-k8s1a-vl7h-k8s1a-node-pool-vl7h-817a4e41-wn5c Ready <none> 113m v1.14.6-gke.2 | |
gke-k8s1a-vl7h-k8s1a-node-pool-vl7h-817a4e41-xt9l Ready <none> 154m v1.14.6-gke.2 | |
$ kubectl get services |
# from trusted box: | |
$ nmap -A -Pn 34.84.71.162 | |
Starting Nmap 7.60 ( https://nmap.org ) at 2019-10-06 01:18 UTC | |
Nmap scan report for 162.71.84.34.bc.googleusercontent.com (34.84.71.162) | |
Host is up (0.10s latency). | |
Not shown: 998 filtered ports | |
PORT STATE SERVICE VERSION | |
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | |
| ssh-hostkey: |
cat vpn_check.log | |
Testing connection from vm1a-m17u to vm1b-m17u | |
ssh -o 'StrictHostKeyChecking no' -i ~/ssh_private_key auser@10.241.2.100 hostname | |
PASS: Hostname on vm1b-m17u(IP:10.241.2.100): matches vm1b-m17u | |
curl http://10.241.2.100:80 | |
PASS: NGINX running on vm1b-m17u(IP:10.241.2.100 and can be accessed at http://34.89.70.9:80 | |
Testing connection from vm1a-m17u to vm1c-m17u | |
ssh -o 'StrictHostKeyChecking no' -i ~/ssh_private_key auser@10.241.1.200 hostname |
ubuntu@ip-172-31-12-153:~/j19mct$ ssh -o 'StrictHostKeyChecking no' -i /home/ubuntu/multi-cloud-test-logs/2019-10-03-01.35.51-ios8/id_rsa ubuntu@vm1a-public-ip-address | |
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.15.0-1042-gcp x86_64) | |
ubuntu@vm1a-ios8:~$ nmap 10.241.1.0/24 | |
Starting Nmap 7.01 ( https://nmap.org ) at 2019-10-06 00:25 UTC | |
Nmap scan report for gke-k8s1a-ios8-k8s1a-node-pool-ios8-fc2766f8-pqrn.asia-northeast1-a.c.gcp-proj.internal (10.241.1. | |
Host is up (0.040s latency). | |
Not shown: 999 closed ports |
# output of curl test showing allowed and rejected traffic flows | |
# the first curl session works and you see the results. | |
# the second session fails and no output is returned. | |
curl http://34.84.11.239:80 | |
<!DOCTYPE html> | |
<html lang="en"> | |
<head> | |
<meta charset="UTF-8"> |
Deployment log showing initiated deployments with hexid, region, and time stamp - some fail and are restarted with new hexid | |
Sep 19 09:46 2019-09-19-09.46.08-yzdi | |
Sep 25 12:23 2019-09-19-10.17.55-7ezy | |
Sep 19 11:34 2019-09-19-11.34.03-hbz6 | |
Sep 19 12:10 2019-09-19-11.34.10-32w0 | |
Sep 19 13:26 2019-09-19-12.44.49-if1q | |
Sep 19 15:56 2019-09-19-15.15.40-lrau | |
Sep 19 20:02 2019-09-19-20.02.16-ub1a | |
Sep 19 20:51 2019-09-19-20.50.45-pqcb | |
Sep 19 21:09 2019-09-19-21.09.21-xlr9 |
I hereby claim:
To claim this, I am signing this object: