Skip to content

Instantly share code, notes, and snippets.

View gist:75ff97d6b4afc92cb840eacbbafb3e2a
export KIND_CLUSTER_NAME=$(whoami)
export INSTALL_K3S_VERSION=v1.19.5+k3s2
export INSTALL_K3S_EXEC="--node-label cluster=${KIND_CLUSTER_NAME} --kubelet-arg=port=10260"
export K3S_TOKEN=K100eb593c7b4dcba3df04ffc638c7133bf66677599e3c5be1daca4bb7a7dedb27d::server:0b3300e83314273d0a4ffb08d4cb0144
export K3S_URL=https://honk.jeefy.dev:6443
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
View gist:1b89ad81ffad1f36ddc31ecb5b7ffbba
{
"AuxAudioDevice1": {
"balance": 0.5,
"deinterlace_field_order": 0,
"deinterlace_mode": 0,
"enabled": true,
"flags": 0,
"hotkeys": {
"libobs.mute": [],
"libobs.push-to-mute": [],
View kind-mn-nocni.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
networking:
disableDefaultCNI: true
nodes:
- role: control-plane
- role: worker
- role: worker
- role: worker
View calico-install.sh
#!/bin/bash
kubectl apply -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
curl -LO https://docs.projectcalico.org/manifests/custom-resources.yaml
echo "view and edit custom-reources.yaml for your clusters pod cidr and then apply."
View gist:0126a5081e4f52e55723e919a643892f
# Generated by iptables-save v1.8.4 on Wed Sep 2 12:04:55 2020
*mangle
:PREROUTING ACCEPT [203961:202662193]
:INPUT ACCEPT [107095:83508318]
:FORWARD ACCEPT [96866:119153875]
:OUTPUT ACCEPT [126202:88855983]
:POSTROUTING ACCEPT [223130:208015275]
:LIBVIRT_PRT - [0:0]
-A POSTROUTING -j LIBVIRT_PRT
-A LIBVIRT_PRT -o virbr1 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
View adv-audit.yaml
# https://www.outcoldsolutions.com/docs/monitoring-kubernetes/v4/audit/
apiVersion: audit.k8s.io/v1beta1
kind: Policy
rules:
# Do not log from kube-system accounts
- level: None
userGroups:
- system:serviceaccounts:kube-system
- level: None
users:
View components.yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: system:aggregated-metrics-reader
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
View kind-config.yaml
kind: Cluster
apiVersion: kind.sigs.k8s.io/v1alpha3
kubeadmConfigPatches:
- |
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
apiServer:
extraArgs:
etcd-servers-overrides: "/events#http://10.10.10.10:2379"
nodes:
View gatekeeper.yaml
apiVersion: v1
kind: Namespace
metadata:
labels:
admission.gatekeeper.sh/ignore: no-self-managing
control-plane: controller-manager
gatekeeper.sh/system: "yes"
name: gatekeeper-system
---
apiVersion: apiextensions.k8s.io/v1beta1
View gist:4ea64817fb6ac5f4f5656333e4c152d4
[
{
"Name": "kind",
"Id": "598350d8fd243335bc467d3637e9f8a1e873a1347bb74a388302003d9394b6c4",
"Created": "2020-05-11T12:55:41.17423453-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": true,
"IPAM": {
"Driver": "default",