Skip to content

Instantly share code, notes, and snippets.

View medined's full-sized avatar

David Medinets medined

View GitHub Profile
@medined
medined / rbac-for-pod-security-policies.yaml
Created August 1, 2020 17:50
Initial Pod Security Policy Resources For Kubernetes
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: privileged
annotations:
seccomp.security.alpha.kubernetes.io/allowedProfileNames: "*"
labels:
addonmanager.kubernetes.io/mode: EnsureExists
spec:
@medined
medined / ingress-controller-manifest.yaml
Last active August 1, 2020 15:21
Ingress Controller Installation For Kubernetes
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
name: ingress-nginx
---
apiVersion: v1
kind: ServiceAccount
metadata:
You can use `kubectl` as a reverse proxy so that it handles locating the API server and
authentication. It can run in the background but I like to use the foreground to make it easy
to stop.
```bash
kubectl proxy --port=8080
```
Now you can open another terminal to explore the API.
@medined
medined / lynis-report-after-stig.txt
Created June 26, 2020 15:23
Results of Running Lynis Audit on Centos7 After Running MindPoint Group RHEL7 STIG
2020-06-26 15:02:05 Starting Lynis 3.0.0 with PID 11125, build date 2020-03-20
2020-06-26 15:02:05 ====
2020-06-26 15:02:05 ### 2007-2020, CISOfy - https://cisofy.com/lynis/ ###
2020-06-26 15:02:05 Checking permissions of /usr/share/lynis/include/profiles
2020-06-26 15:02:05 File permissions are OK
2020-06-26 15:02:05 Reading profile/configuration /etc/lynis/default.prf
2020-06-26 15:02:05 Action: created temporary file /tmp/lynis.PsCgQxJx67
2020-06-26 15:02:05 Language set via profile to ''
2020-06-26 15:02:05 Plugin 'authentication' enabled according profile (/etc/lynis/default.prf)
2020-06-26 15:02:05 Plugin 'compliance' enabled according profile (/etc/lynis/default.prf)
@medined
medined / stig-results.txt
Created June 26, 2020 15:19
Results Of Running MindPoint Group RHEL7 STIG Against Latest Centos7 (ami-0affd4508a5d2481b)
PLAY [Apply STIG] *****************************************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************************
ok: [34.192.52.20]
TASK [/data/projects/RHEL7-STIG : Gather distribution info] ***********************************************************************************************************************************************
skipping: [34.192.52.20]
TASK [/data/projects/RHEL7-STIG : Check OS version and family] ********************************************************************************************************************************************
ok: [34.192.52.20] => {
@medined
medined / gist:1dbbcdbbef555f71f7c1b714f1a70643
Created June 19, 2020 15:25
HTTP Code 404 When Generating Report
2020-06-19 15:23:50.0718|1|INFO|Microsoft.AspNetCore.Hosting.Internal.WebHost|Request starting HTTP/1.0 GET http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/?pii=false&filter=low |url: http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/|action:
2020-06-19 15:23:50.0718|2|INFO|Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler|Successfully validated the token. |url: http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/|action:
2020-06-19 15:23:50.0727|0|INFO|Microsoft.AspNetCore.Routing.EndpointMiddleware|Executing endpoint 'openrmf_api_compliance.Controllers.ComplianceController.GetCompliancBySystem (openrmf-api-compliance)' |url: http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/|action: GetCompliancBySystem
2020-06-19 15:23:50.0727|3|INFO|Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker|Route matched with {action = "GetCompliancBySystem", controller = "Compliance"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResu
@medined
medined / README-che-installation.md
Created February 18, 2019 13:47
Attempt to Install Multi-User Eclipse Che On OpenShift

Eclipse Che

Introduction

I am working to install multi-user Eclipse Che on a three node OKD cluser on AWS. There is one master and two worker nodes on a common security group. Each runs Centos. Single-user Che intalled flawlessly.

$ oc version

I hereby claim:

  • I am medined on github.
  • I am medined (https://keybase.io/medined) on keybase.
  • I have a public key ASAisVKwZNRmz62jhQXJAawUhJEHd5Oo3yHwZX29yQj7Tgo

To claim this, I am signing this object:

{
@medined
medined / adjacency_matrices
Created December 3, 2014 05:08
Adjacency Matrices
Adjacency matrices are often square and both out-vertices (rows) and the in-vertices (columns) are the same set of vertices.
A B C
D 1 0 0
F 0 0 0
G 0 0 1
The above matrix represents two 6 vertices and two edges. They could be represented as:
D -> A
@medined
medined / tserver_grail.debug.log
Created July 26, 2014 15:12
TSERVER showing MYHOSTNAME (which should be grail)
2014-07-26 10:14:59,767 [server.Accumulo] INFO : tserver starting
2014-07-26 10:14:59,769 [server.Accumulo] INFO : Instance c4334106-5e4f-4807-8fb4-df30fd244b3f
2014-07-26 10:14:59,771 [server.Accumulo] INFO : Data Version 6
2014-07-26 10:14:59,771 [server.Accumulo] INFO : Attempting to talk to zookeeper
2014-07-26 10:14:59,774 [zookeeper.ZooKeeper] INFO : Client environment:zookeeper.version=3.4.5-1392090, built on 09/30/2012 17:52 GMT
2014-07-26 10:14:59,774 [zookeeper.ZooKeeper] INFO : Client environment:host.name=grail
2014-07-26 10:14:59,774 [zookeeper.ZooKeeper] INFO : Client environment:java.version=1.7.0_55
2014-07-26 10:14:59,774 [zookeeper.ZooKeeper] INFO : Client environment:java.vendor=Oracle Corporation
2014-07-26 10:14:59,774 [zookeeper.ZooKeeper] INFO : Client environment:java.home=/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.55.x86_64/jre
2014-07-26 10:14:59,775 [zookeeper.ZooKeeper] INFO : Client environment:java.class.path=/usr/lib/accumulo-1.6.0/conf:/usr/lib/accumulo/lib/accumulo-start.jar:/usr/l