Skip to content

Instantly share code, notes, and snippets.

View mattymo's full-sized avatar

Matthew Mosesohn mattymo

56 followers · 1 following
  • Moscow, Russia
View GitHub Profile
@mattymo
mattymo / vagrant_box_upload.sh
Created November 24, 2020 11:35
vagrant box upload
#!/bin/bash
# Requires jq in the path - apt install jq
# References
# https://www.vagrantup.com/docs/vagrant-cloud/api.html#creating-a-usable-box-from-scratch
# https://www.vagrantup.com/docs/vagrant-cloud/boxes/create.html
BOX_FILE=$1
USER=magmacore
@mattymo
mattymo / yaml_ordered.py
Last active September 29, 2019 11:02 — forked from willmerae/yaml_ordered.py
Ansible inventory plugin that preserves the order of hosts in a host group
# Copyright (c) 2017 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
import os
from collections import MutableMapping
from yaml.nodes import MappingNode
@mattymo
mattymo / gist:6853e0c2b6f6d62de952b95fddee6af2
Last active October 11, 2017 14:49
kube bench results
# ./kube-bench master --config config.yml
[INFO] 1 Master Node Security Configuration
[INFO] 1.1 API Server
[FAIL] 1.1.1 Ensure that the --allow-privileged argument is set to false (Scored)
[FAIL] 1.1.2 Ensure that the --anonymous-auth argument is set to false (Scored)
[FAIL] 1.1.3 Ensure that the --basic-auth-file argument is not set (Scored)
[PASS] 1.1.4 Ensure that the --insecure-allow-any-token argument is not set (Scored)
[PASS] 1.1.5 Ensure that the --kubelet-https argument is set to true (Scored)
[FAIL] 1.1.6 Ensure that the --insecure-bind-address argument is not set (Scored)
[FAIL] 1.1.7 Ensure that the --insecure-port argument is set to 0 (Scored)
@mattymo
mattymo / kubedns.yml
Created September 12, 2017 06:06
kubedns
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-dns
namespace: "kube-system"
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
@mattymo
mattymo / kubedns-deploy.yml
Last active June 26, 2017 16:03
kubedns for federation
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kubedns
namespace: kube-system
labels:
k8s-app: kubedns
version: v19
kubernetes.io/cluster-service: "true"
spec:
@mattymo
mattymo / setup_childcluster_kubeconfig.sh
Last active June 27, 2017 14:43
Federation kubeconfig scripts
#!/bin/bash -xe
OLD_CLUSTERNAME="local"
OLD_CONTEXT="kubelet-cluster.second"
OLD_USER="kubelet"
LOADBALANCER="https://fed-loadbalancer-childcluster.kube-system"
NEW_CLUSTERNAME="childcluster"
NEW_CONTEXT="childcluster"
NEW_USER="kubelet-childcluster"
@mattymo
mattymo / teamcity-agent.yml
Created April 18, 2017 15:34
TeamCity agent deployment resource
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: teamcity-agent
labels:
name: teamcity-agent
name: frontend
spec:
replicas: 3
template:
@mattymo
mattymo / database.properties
Last active April 18, 2017 15:05
Teamcity MySQL database.properties
connectionUrl=jdbc:mysql://teamcity:3306/teamcity
connectionProperties.user=teamcity
connectionProperties.password=teamcity
maxConnections=50
connectionProperties.useUnicode=true
testOnBorrow=true
@mattymo
mattymo / galera-statefulset.yml
Last active April 18, 2017 14:51
Galera petset
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: mysql
spec:
serviceName: "galera"
replicas: 3
template:
metadata:
labels:
@mattymo
mattymo / etcd-restore.sh
Last active September 26, 2018 12:58
ETCD restore script
#!/bin/bash -e
# Change as necessary
RESTORE_PATH=${RESTORE_PATH:-/tmp/member}
#Extract node data from etcd config
source /etc/etcd.env || source /etc/default/etcd
function with_retries {
local retries=3