I hereby claim:
-
I am liejuntao001 on github.
-
I am liejuntao001 (https://keybase.io/liejuntao001) on keybase.
-
I have a public key ASA0FmGf5MYq84OjXvO8knIHD_2pyZzpAiGlfZ8svK7qLAo
scenario: | |
desktop ---> proxy ---> hop_host open reverse port | |
other hosts -> hop_host -> desktop | |
# desktop ~/.ssh/config | |
Host hop_host | |
Hostname hop_host.domain.com | |
ProxyCommand /usr/bin/corkscrew proxy_ip 8080 %h %p ~/.corkscrew-auth | |
# desktop open and keep a reverse ssh tunnel |
I hereby claim:
I am liejuntao001 on github.
I am liejuntao001 (https://keybase.io/liejuntao001) on keybase.
I have a public key ASA0FmGf5MYq84OjXvO8knIHD_2pyZzpAiGlfZ8svK7qLAo
# this is for haproxy1 | |
vrrp_instance VI_1 { | |
state MASTER | |
interface eth0 | |
virtual_router_id 101 | |
priority 101 # higher priority | |
advert_int 1 | |
unicast_src_ip 192.168.3.122 # haproxy1 private ip | |
unicast_peer { | |
192.168.2.17 # haproxy2 private ip |
frontend k8s-api | |
bind *:6443 | |
mode tcp | |
option tcplog | |
default_backend k8s-api | |
backend k8s-api | |
mode tcp | |
option tcplog | |
option tcp-check |
# traefik.toml | |
debug = false | |
checkNewVersion = false | |
logLevel = "INFO" | |
defaultEntryPoints = ["http","https"] | |
InsecureSkipVerify = true | |
[entryPoints] | |
[entryPoints.http] | |
address = ":80" | |
[entryPoints.http.redirect] |
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
name: kibana-ingress | |
namespace: kube-system | |
annotations: | |
kubernetes.io/ingress.class: "traefik" | |
ingress.kubernetes.io/auth-type: "basic" | |
ingress.kubernetes.io/auth-secret: "kubesecret" | |
spec: |
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
name: prometheus-ingress | |
namespace: monitoring | |
annotations: | |
kubernetes.io/ingress.class: "traefik" | |
ingress.kubernetes.io/auth-type: "basic" | |
ingress.kubernetes.io/auth-secret: "kubesecret" | |
spec: |
// Modified version of: | |
// https://github.com/coreos/prometheus-operator/blob/master/contrib/kube-prometheus/example.jsonnet | |
local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet'; // https://github.com/ksonnet/ksonnet-lib/blob/master/ksonnet.beta.3/k.libsonnet - imports k8s.libsonnet | |
// * https://github.com/ksonnet/ksonnet-lib/blob/master/ksonnet.beta.3/k8s.libsonnet defines things such as "persistentVolumeClaim:: {" | |
// | |
local pvc = k.core.v1.persistentVolumeClaim; // https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#persistentvolumeclaim-v1-core (defines variable named 'spec' of type 'PersistentVolumeClaimSpec') | |
local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + | |
(import 'kube-prometheus/kube-prometheus-kubeadm.libsonnet') { |
kind: Service | |
apiVersion: v1 | |
metadata: | |
name: testsvc | |
spec: | |
selector: | |
app: test | |
ports: | |
- protocol: TCP | |
port: 8001 |
# copy secret | |
kubectl get secret gitlab-registry --namespace=revsys-com --export -o yaml |\ | |
kubectl apply --namespace=devspectrum-dev -f - | |
# modify configmap | |
kubectl create configmap foo --from-file foo.properties -o yaml --dry-run | kubectl replace -f - |