Skip to content

Instantly share code, notes, and snippets.

Kelsey Hightower kelseyhightower

Block or report user

Report or block kelseyhightower

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: helloworld-uwsgi
name: helloworld-uwsgi
spec:
ports:
- port: 80
protocol: TCP
View config.yaml
static_resources:
listeners:
- name: health_check_listener
address:
socket_address:
address: 0.0.0.0
port_value: 80
filter_chains:
- filters:
- name: envoy.http_connection_manager
View generic ingress
apiVersion: v1
kind: Service
metadata:
labels:
app: helloworld-uwsgi
name: helloworld-uwsgi
spec:
ports:
- port: 80
protocol: TCP
View gist:151f28bebfce9a59b7a563d93f4c50ce
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- vault
View vault-tokenreview-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: vault-tokenreview-binding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:auth-delegator
subjects:
View index.js
function denyenv (req, res) {
 // Extract the Kubernetes Pod resource and reject it if any of the containers
 // are using environment variables.
}
View index.js
'use strict';
exports.denyenv = function denyenv (req, res) {
var admissionRequest = req.body;
// Get a reference to the pod spec
var object = admissionRequest.request.object;
console.log(`validating the ${object.metadata.name} pod`);
View pod.yaml
Name: nginx-8586cf59-4mjmd
Namespace: default
Start Time: Thu, 08 Feb 2018 11:10:18 -0800
Status: Running
IP: 10.28.0.12
Controlled By: ReplicaSet/nginx-8586cf59
Containers:
nginx:
Image: nginx
State: Running
View gist:597bbfe5df8d945c2ced58783c0fd6bc
apiVersion: apps/v1beta1
kind: Deployment
metadata:
labels:
app: app
customer: customer2
name: app-customer-2
spec:
template:
metadata:
View gist:d036a65a81a3fe036237c0f0b4808dd9
labels: endpoint=good-goose-55.backplaneapp.io, release=v1
healthcheck timeout: 1s
[endpoint=good-goose-55.backplaneapp.io, release=v1,id=fcbdb3f0f08e1d48] agentID=fcbdb3f0f08e1d48 Connecting to the Backplane network...
[endpoint=good-goose-55.backplaneapp.io, release=v1,id=fcbdb3f0f08e1d48] agentID=fcbdb3f0f08e1d48 There was an error registering with the Backplane network
[endpoint=good-goose-55.backplaneapp.io, release=v1,id=fcbdb3f0f08e1d48] agentID=fcbdb3f0f08e1d48 There was an error registering with the Backplane network
[endpoint=good-goose-55.backplaneapp.io, release=v1,id=fcbdb3f0f08e1d48] agentID=fcbdb3f0f08e1d48 There was an error registering with the Backplane network
[endpoint=good-goose-55.backplaneapp.io, release=v1,id=fcbdb3f0f08e1d48] agentID=fcbdb3f0f08e1d48 There was an error registering with the Backplane network
[endpoint=good-goose-55.backplaneapp.io, release=v1,id=fcbdb3f0f08e1d48] agentID=fcbdb3f0f08e1d48 There was an error registering with the Backplane network
[endpoint=good-goose-55.
You can’t perform that action at this time.