This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
resource "google_compute_firewall" "allow_nodes_from_cloud_iap" { | |
name = "allow-gke-nodes-ssh-from-cloud-iap" | |
description = "Allow Cloud IAP to communicate with the the GKE nodes." | |
network = var.network | |
allow { | |
protocol = "tcp" | |
ports = ["22"] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Pod | |
metadata: | |
name: example-uid | |
spec: | |
containers: | |
- name: test | |
image: busybox | |
command: ["/bin/sh", "echo", "$EXAMPLE_UID"] | |
env: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: networking.gke.io/v1beta2 | |
kind: ManagedCertificate | |
metadata: | |
name: {{ .Values.domain | replace "." "-" }} | |
namespace: kise | |
spec: | |
domains: | |
- {{ .Values.domain }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
locals { | |
project_ids = [123456789012, 234567890123, 345678901234] | |
bucket_region = "us" | |
bucket_project = "something-123456" | |
bucket_name = "${local.bucket_region}.artifacts.${local.bucket_project}.appspot.com" | |
} | |
# Allow Cloud Build in every other project access to GCR images hosted in the central project | |
resource "google_storage_bucket_iam_member" "container_registry" { | |
for_each = var.project_ids |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
locals { | |
project_ids = [123456789012, 234567890123, 345678901234] | |
} | |
# Allow every other project access to GCE VM images in a central project | |
resource "google_project_iam_member" "image_user" { | |
for_each = local.project_ids | |
project = "tools-275721" | |
role = "roles/compute.imageUser" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
resource "google_service_account" "service_account" { | |
account_id = "test | |
display_name = "Test" | |
} | |
resource "google_service_account_key" "service_account" { | |
service_account_id = google_service_account.service_account.name | |
public_key_type = "TYPE_X509_PEM_FILE" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Port forward to kube-state-metrics on the cluster | |
kubectl port-forward service/kube-state-metrics 8080:8080 -n kube-system & | |
# Hit the metrics endpoint | |
curl localhost:8080/metrics |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Check what $GOPATH and $GOBIN are currently | |
echo "GOPATH = ${GOPATH}\nGOBIN = ${GOBIN}" | |
# Set them relative to your home directory | |
export GOPATH=$HOME && export GOBIN=$GOPATH/bin | |
echo "GOPATH = ${GOPATH}\nGOBIN = ${GOBIN}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Port forward to a Pod | |
kubectl port-forward elasticsearch-0 9200:9200 | |
# Port forward to a Service | |
kubectl port-forward service/elasticsearch 9200:9200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HOSTNAME=example.com && \ | |
echo | openssl s_client -showcerts \ | |
-servername $HOSTNAME \ # Required for SNI | |
-connect $HOSTNAME:443 2>/dev/null | \ | |
openssl x509 -inform pem -noout -text | \ | |
grep Validity -A 2 |