Skip to content

Instantly share code, notes, and snippets.

Avatar

Manu Garg manugarg

View GitHub Profile
@manugarg
manugarg / gist:81d68bc17b455664bfacff541f29cea3
Last active Jan 6, 2020
TLS certificate to authenticate to K8s API Server
View gist:81d68bc17b455664bfacff541f29cea3
# Generate private key for RDS
openssl genrsa -out rds.key 4096
# Create certificate signing request config (config for CSR: [1])
cat > /tmp/csr.cnf <<END
[ req ]
default_bits = 2048
prompt = no
default_md = sha256
distinguished_name = dn
@manugarg
manugarg / gist:1726dfbbc312c0a074d592140dae9aee
Last active Dec 10, 2019
OAuth support in Cloudprober HTTP probes
View gist:1726dfbbc312c0a074d592140dae9aee
OAuth is a widely used HTTP authentication mechanism these days. It will be nice to add some OAuth support to Cloudprober.
This feature has also been requested by the users:
https://github.com/google/cloudprober/issues/27
Main complexity in adding OAuth support is in managing the token itself: How do we get it -- from config or retrieve from
somewhere at the runtime, how often to refresh it, etc.
Since OAuth tokens usually expire, it's not very useful to specify tokens in the config or even environment variable
(environment variables are passed at the process at the start time). In the config, we should specify the token source
and how often to access that token source. For example, a config could look like this:
You can’t perform that action at this time.