You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This (and related gists) captures how i created my docker swarm architecture. This is intended mostly for my own notes incase i need to re-creeate anything later! As such expect some typos and possibly even an error...
Installation Step-by-Step
Each major task has its own gist, this is to help with maitainability long term.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WSL2 uses Hyper-V for networking. The WSL2 network settings are ephemeral and configured on demand when any WSL2
instance is first started in a Windows session. The configuration is reset on each Windows restart and the IP addresses change each time. The Windows host creates a hidden switch named "WSL" and a network adapter named "WSL" (appears as
"vEthernet (WSL)" in the "Network Connections" panel). The Ubuntu instance creates a corresponding network interface
named "eth0".
Assigning static IP addresses to the network interfaces on the Windows host or the WSL2 Ubuntu instance enables support
for the following scenarios:
Simple envoy configuration with basic authentication and without authorization service
Sometime you need scrape prometheus metrics from external envoy that deploy not to kubernetes environment
You can use iptable or other stuff on external server to allow only trusted IP for scraping metrics - but for dynamic infrastructure some time it's hard to support it.
Envoy can expose this metrics more elegant style - using basic auth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Docker allows storing configurations outside docker images and running containers. This feature, named configs, eliminates the need to use volumes, bind-mount, or environment variables to pass configurations to containers.
The configs have the following characteristics:
Configs are not encrypted (secrets are encrypted)
Config values can be strings or binary data
Config values have maximum size of 500 kB
Configs are mounted as a file in the container filesystem. The default location is /<config-name> in the container
Configs can be added or removed from a service at any time
Hardened Traefik sample with whoami + HTTPS everywhere/redirect
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters