# Generate private key
openssl genrsa -out myuser.pem 2048
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Description | |
A Day in the Life… | |
You get back from the school run and make yourself some coffee. Turn on your monitor and join the hangout for your daily standup. You spend the morning working on securing the Docker infrastructure. You go and meet some friends at your favourite bistro for lunch. When you get back, those penetration test reports are available, you review, suggesting countermeasures that can be taken to reduce the risk of the system being hacked. The day goes by in a blink and before you know it it's time for the evening school run. | |
What you'll be doing | |
At nearForm, we work with international clients who are industry leaders in their respective fields. Our role is to help them build solutions and platforms; help them to launch new product ventures and fundamentally change how they operate. | |
As a DevSecOps engineer, you will be leading the security efforts on building secure CI/CD pipelines on orchestration platforms such as DCOS or Kubernetes. | |
You will also be developing tools to enforce and mo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gcloud beta container --project "kubernetes-prototype-197913" clusters create "istio" --zone "europe-west2-a" --username "admin" --cluster-version "1.9.4-gke.1" --machine-type "n1-standard-1" --image-type "COS" --disk-size "100" --scopes "https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/pubsub","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append" --preemptible --num-nodes "4" --network "default" --subnetwork "default" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# First we start the manual process, this will give us the details of the TXT entry we | |
# have to use | |
docker run --rm -it \ | |
-v "${HOME}/.acme":/acme.sh \ | |
-e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \ | |
-e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \ | |
-e HOME=/root \ | |
neilpang/acme.sh --issue --dns -d "*.istio.sandbox.nutmeg.co.uk" --yes-I-know-dns-manual-mode-enough-go-ahead-please |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl -s http://localhost:9100/metrics | curl --data-binary @- http://pushgateway.example.org:9091/metrics/job/some_job/instance/some_instance |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- name: oauth2-proxy | |
image: a5huynh/oauth2_proxy | |
args: | |
- "-upstream=http://localhost:5601/" | |
- "-provider=github" | |
- "-cookie-secure=true" | |
- "-cookie-expire=168h0m" | |
- "-cookie-refresh=60m" | |
- "-cookie-secret=SECRET COOKIE" | |
- "-cookie-domain=kibana.fromatob.com" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# create sa for tiller and add the right role to that sa | |
kubectl create serviceaccount tiller --namespace kube-system | |
kubectl create clusterrolebinding tiller-admin \ | |
--clusterrole=cluster-admin \ | |
--serviceaccount=kube-system:tiller | |
# initialise helm-tiller using that sa | |
helm init --service-account tiller |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kubectl config set-cluster volume --server=https://api.volume.mydmain.com --insecure-skip-tls-verify=true | |
kubectl config set-context volume --cluster=volume --user=myuser | |
kubectl config set-credentials myuser --token=$KUBERNETES_TOKEN | |
kubectl config use-context volume | |
kubectl create namespace ks-dev | |
CURRENT_CONTEXT=$(kubectl config current-context) | |
CURRENT_CLUSTER=$(kubectl config get-contexts $CURRENT_CONTEXT | tail -1 | awk '{print $3}') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Replace “layer 19” with your desired layer number. | |
{REPLACE "\n; layer 19, Z = " "; layer 19\nG28 Y0 X0\nM300\nM25\nG92 E0\nG28 Y0 X0\n; layer 19 "} | |
// G28: Move to origin | |
// M300: Play beep sound | |
// M25: Pause SD print | |
// G92: set position | |
// G92 E0 sets the extrusion length to zero and stops the reversal of the extruder |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env sh | |
set -o errexit | |
set -o nounset | |
set -o pipefail | |
test -z "${DEBUG:-}" || { | |
set -x | |
} |