James Harr jamesharr

## 000-README.md

      
              4 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                jamesharr
                / 000-README.md
            
            
              Last active
              December 23, 2021 00:03
            
              
                Cilium DNS Test Problems
              
          
    I'm having a problem getting FQDNs working, and I figured I'd post here to see if anyone could help.
The logs I'm seeing from hubble observe seem to fly directly in the face of the policy that's written.
The Kubernetes manifest is attached as dns-return-test.yml. The cluster is K3s (latest) running fairly stock. See below for details.
Things that seemed odd to me:

I had to explicitly allow return traffic from kube-dns to my pods, if that was not in the  manifest, DNS would not work and hubble observe would show a weird ERROR. The specific area of the manifest is noted.
Disabling DNS inspection (noted in manifest) would cause DNS to work fine without the aforementioned rule. FQDNs wouldn't work, but DNS would.


## ssh_config
# ~/.ssh/config
Host bingbingbong
 HostName 192.0.2.1

 PermitLocalCommand yes
 LocalCommand say '[[volm 0.5]]' bing bing bong &

## .bashrc
_start_tmux() {
  # Skip if we're not interactive
  [ -z "$PS1" ] || return
  echo $- | grep -qs i || return

  # Skip if we're logged in via VSCode
  [ -z "$VSCODE_IPC_HOOK_CLI" ] || return

  # Skip if we're not on an ssh connection
  [ -z "$SSH_CONNECTION" ] && return

## .bashrc
aws-token(){
  aws_token_sn=arn:aws:iam::REDACTED_ACCT_NUM:mfa/REDACTED_USER_PASSWD
  aws_token_duration=43200
  export AWS_ACCESS_KEY_ID=""
  export AWS_SECRET_ACCESS_KEY=""
  export AWS_SESSION_TOKEN=""

  read -p "MFA Code: " aws_token_code
  OUT="$(aws sts get-session-token \
    --serial-number $aws_token_sn \

## community-detection.py
#!/usr/bin/env python3
import networkx as nx
import community

G = nx.Graph()
G.add_node('node_a')
G.add_node('node_b')

G.add_node('node_c')
G.add_node('node_d')

## output.txt
$ time go run random-quiz-crypto.go
decryptKey 239333
decrypt 375289 -> 230801
decrypt 485994 -> 200009
decrypt 047367 -> 190020
decrypt 543573 -> 051400
decrypt 785337 -> 131504
decrypt 477107 -> 002023
decrypt 727268 -> 150000
"WHAT IS TEN MOD TWO  "

## controller.go
package controllers

import (
	"github.com/astaxie/beego"
	"io/ioutil"
)

type MainController struct {
	beego.Controller
}

## http-example.groovy
import groovyx.net.http.HTTPBuilder
import static groovyx.net.http.Method.GET
import static groovyx.net.http.ContentType.TEXT

def http = new HTTPBuilder('https://grickle.org/')

http.get( path: '/myip.php', contentType: TEXT ) { resp, reader ->
    printn "Status: ${resp.statusLine}" // <-- typo right here
    System.out << reader
}

## example.go
package main

import (
	"fmt"
	. "play/fill"
)

func main() {
	var a Foo // Foo is just an interface, not a concrete type.

## tmpclean-mac.sh
#!/bin/bash

# Keep Downloads folder clean on a mac using xattr to track age.
# Normally, stick something like this in your crontab. It's pretty quick
# and not I/O intentisve, so I run every hour on some random time.
#
# Example crontab:
#  37 * * * * LOGME=1 /Users/james/bin/tmpclean-mac.sh /Users/james/Downloads 7

dir="$1"
	# ~/.ssh/config
	Host bingbingbong
	HostName 192.0.2.1

	PermitLocalCommand yes
	LocalCommand say '[[volm 0.5]]' bing bing bong &
	_start_tmux() {
	# Skip if we're not interactive
	[ -z "$PS1" ] \|\| return
	echo $- \| grep -qs i \|\| return

	# Skip if we're logged in via VSCode
	[ -z "$VSCODE_IPC_HOOK_CLI" ] \|\| return

	# Skip if we're not on an ssh connection
	[ -z "$SSH_CONNECTION" ] && return
	aws-token(){
	aws_token_sn=arn:aws:iam::REDACTED_ACCT_NUM:mfa/REDACTED_USER_PASSWD
	aws_token_duration=43200
	export AWS_ACCESS_KEY_ID=""
	export AWS_SECRET_ACCESS_KEY=""
	export AWS_SESSION_TOKEN=""

	read -p "MFA Code: " aws_token_code
	OUT="$(aws sts get-session-token \
	--serial-number $aws_token_sn \
	#!/usr/bin/env python3
	import networkx as nx
	import community

	G = nx.Graph()
	G.add_node('node_a')
	G.add_node('node_b')

	G.add_node('node_c')
	G.add_node('node_d')
	$ time go run random-quiz-crypto.go
	decryptKey 239333
	decrypt 375289 -> 230801
	decrypt 485994 -> 200009
	decrypt 047367 -> 190020
	decrypt 543573 -> 051400
	decrypt 785337 -> 131504
	decrypt 477107 -> 002023
	decrypt 727268 -> 150000
	"WHAT IS TEN MOD TWO "
	package controllers

	import (
	"github.com/astaxie/beego"
	"io/ioutil"
	)

	type MainController struct {
	beego.Controller
	}
	import groovyx.net.http.HTTPBuilder
	import static groovyx.net.http.Method.GET
	import static groovyx.net.http.ContentType.TEXT

	def http = new HTTPBuilder('https://grickle.org/')

	http.get( path: '/myip.php', contentType: TEXT ) { resp, reader ->
	printn "Status: ${resp.statusLine}" // <-- typo right here
	System.out << reader
	}
	package main

	import (
	"fmt"
	. "play/fill"
	)

	func main() {
	var a Foo // Foo is just an interface, not a concrete type.
	#!/bin/bash

	# Keep Downloads folder clean on a mac using xattr to track age.
	# Normally, stick something like this in your crontab. It's pretty quick
	# and not I/O intentisve, so I run every hour on some random time.
	#
	# Example crontab:
	# 37 * * * * LOGME=1 /Users/james/bin/tmpclean-mac.sh /Users/james/Downloads 7

	dir="$1"