First drop into the kind-worker container
podman exec -ti kind-worker /bin/bash
install the wireguard-tools package without any of the additional recommended packages
root@kind-worker# apt-get install --no-install-recommends wireguard-tools
jspaleta
/ K8s 1.27.3 w\o Cilium: CoreDNS on Node Restart Works
Last active
September 7, 2023 19:56
Cilium 1.4.1 CoreDNS On restart Disfunction Example Using Kind
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [jspaleta@msi ~]$ cat kind-cluster.yaml | |
| kind: Cluster | |
| apiVersion: kind.x-k8s.io/v1alpha4 | |
| nodes: | |
| - role: control-plane | |
| image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 | |
| - role: worker | |
| image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 | |
| - role: worker | |
| image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 |
jspaleta
/ Kind-Node-Instructions.md
Last active
May 10, 2024 19:18
Kind Cluster with WireGuard Enabled Node
jspaleta
/ Testing Egress Policy with dummy service.md
Last active
May 10, 2024 19:21
K3s HomeLab Setup for CiliumEgresssGatewayPolicy testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: cilium-observability | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: prometheus-k8s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type: CheckConfig | |
| api_version: core/v2 | |
| metadata: | |
| name: nginx-http-service-healthcheck | |
| annotations: | |
| # Required key: io.sensu.ansible.config.actions | |
| # Value: stringified json array of Job Template Requests | |
| # all request attributes are optional | |
| # Each Job Template Request may consist of: | |
| # Either template_name and/or template_id, with template_id taking precedence |
jspaleta
/ sensu_go_loadbalancer.conf
Created
January 23, 2020 17:18
Basic Sensu Go Cluster LoadBalancer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Example of Basic Sensu Go Load Balancer | |
| # Load balancer for backend api | |
| # Default port is 8080 | |
| upstream sensu_api { | |
| # Clients with the same IP are redirected to the same backend | |
| ip_hash; | |
| # Available backend servers |
jspaleta
/ system-profile-linux-dashboard.json
Created
November 4, 2019 06:00
Linux System Profile Metrics Example Dashboard
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "__inputs": [ | |
| { | |
| "name": "DS_INFLUXDB", | |
| "label": "InfluxDB", | |
| "description": "", | |
| "type": "datasource", | |
| "pluginId": "influxdb", | |
| "pluginName": "InfluxDB" | |
| } |
jspaleta
/ exec_start_pre.conf
Created
October 11, 2019 22:13
Populate Sensu Agent Name from EC2 metadata
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Extend the sensu-agent service init to call the update_name.sh script | |
| # place this file in: /etc/systemd/system/sensu-agent.service.d | |
| # With systemd you don't have to edit the vendor provided service init script. | |
| # local admins can extend/override vendor settings by using correctly named extension directory structures | |
| # Ex: /etc/systemd/system/sensu-agent.service.d/ | |
| # This .d directory will be parsed for systemd directives to extend/override the vendor supplied sensu-agent.service | |
| # For now all we want to do is add an ExecStartPre directive, |
jspaleta
/ check_status_as_metric.sh
Created
August 29, 2019 00:08
Sensu Check Status to Metric Mutator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # check_status_as_metric.sh | |
| # optionally set measurement, field | |
| # Ex: | |
| # check_status_as_metric.sh measurement="${entity_name}" field="${check_name}.status" | |
| # | |
| event=$(cat /dev/stdin) |
jspaleta
/ ruby-runtime-asset-notes.txt
Created
August 20, 2019 21:22
Steps to test ruby-runtime-asset in multiple containers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Build asset tarball place in staging directory | |
| include test script in staging directory | |
| include additional asset tarballs for test into staging directory | |
| run test script on target os container mount staging directory | |
| Test script functionality: | |
| unpack asset tarball(s) | |
| set PATH and LD_LIBRARY_PATH to mimick asset environment | |
| run test check | |
| look for errors |
NewerOlder