Skip to content

Instantly share code, notes, and snippets.

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: ClusterConfiguration
apiServer:
extraArgs:
service-node-port-range: "12301-12309"
apiVersion: v1
data:
authorized_keys: |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9Zt/CR+kt1omLPJmMLCJu1w3aIpg7IO0Vv7up+MVFI jp@hex
kind: ConfigMap
metadata:
name: shpod

Le partage de volume se fait-il uniquement au sein d'un pod ?

Non, on peut aussi partager un volume entre plusieurs pods !

S'il s'agit de plusieurs pods sur la même machine, on peut utiliser un volume de type hostPath. Il y a un exemple dans le manifest [hacktheplanet.yaml][htp], qui permet à un pod d'accéder au répertoire /root du node. (Ce qui permet alors d'y injecter une clé SSH pour prendre la main en root sur le node... Et oui, côté sécurité, ça craint ! Pour s'en prémunir, on peut utiliser les mécanismes de contrôle d'admission, comme par exemple les Pod Security Settings ou bien un policy engine comme Kyverno - on verra ça dans "Kubernetes Avancé".)

Quiche recipe

I usually bake 2 quiches at a time; one vegetarian, one with the bacon, so the recipe here is for that.

For two quiches:

  • [two round doughs][dough]
  • some hazelnuts (maybe about 100g)
  • 6 eggs
  • [two becher of crème fraîche][cremefraiche]
  • 2 onions
#!/bin/sh
# TODO:
# lookup missing ids from /usr/share/hwdata/usb.ids
# lookup bus controller ids (readlink -f . /.. on the bus controller)
# ... and display their PCI ID when available
# colorize output to highlight bus speeds maybe?
# add emojis to indicate device speeds?
drawtree() {
resource "google_container_cluster" "_" {
name = var.cluster_name
location = local.location
min_master_version = var.k8s_version
# To deploy private clusters, uncomment the section below,
# and uncomment the block in network.tf.
# Private clusters require extra resources (Cloud NAT,
# router, network, subnet) and the quota for some of these
# resources is fairly low on GCP; so if you want to deploy
@jpetazzo
jpetazzo / README.md
Last active April 7, 2023 08:32
Science Fiction written by women

Ann Leckie, "Ancillary Justice" (+2 sequels)

The AI of a powerful warship gets deprived from its thousands of eyes and hands, and still doesn't know which pronouns to use when interacting with others.

Ursula K. Le Guin, "The Dispossessed"

You can bannish communism to the dark side of the moon, but it will always come back when you least expect it.

Ursula K. Le Guin, "The Left Hand of Darkness"

@jpetazzo
jpetazzo / 🐋.py
Created April 18, 2021 13:14
Shut up, Moby, you're drunk
#!/usr/bin/env python
import random
import unicodedata
partial_states = {
'o': 'Oóòôõ°ø',
'O': 'oÓÒÔÕ0ØΩ',
'ó': 'Óoòôø',
'ò': 'Òoóôø',
#!/bin/sh
echo "codec args duration time_real time_user time_sys cpu_percent size_input size_output"
for F in *.log; do
. ./$F
echo "$CODEC $ARGS $duration $TIME_REAL $TIME_USER $TIME_SYS $CPU_PERCENT $SIZE_INPUT $SIZE_OUTPUT"
done
@jpetazzo
jpetazzo / fixedfocus.sh
Created September 14, 2020 09:51
Force focus on webcams (because autofocus is 💩 sometimes)
#!/bin/sh
setcam() {
FOCUS=$1
echo "Configuring camera $NAME on /dev/$DEV."
echo "Setting fixed focus to $FOCUS."
v4l2-ctl --device /dev/$DEV -c focus_auto=0
v4l2-ctl --device /dev/$DEV -c focus_absolute=$FOCUS
echo "Setting power line frequency to 50Hz."
v4l2-ctl --device /dev/$DEV -c power_line_frequency=1