Sept. 11, 2019 (Seattle, WA)
metral
/ Dockerfile
Created
September 29, 2021 04:19
— forked from avishayp/Dockerfile
Add non-root user for alpine linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # non root user example for alpine | |
| # | |
| # usage: | |
| # $ docker build --build-arg "USER=someuser" --tag test . | |
| # $ docker run --rm test | |
| FROM alpine | |
| ARG USER=default | |
| ENV HOME /home/$USER |
metral
/ Pulumi.yaml
Created
July 2, 2020 17:51
— forked from JakeGinnivan/Pulumi.yaml
Pulumi /w TypeScript project references + dynamodb lock
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: serverless-mono | |
| description: Serverless mono infrastructure | |
| backend: | |
| url: s3://my-pulumi-state-bucket | |
| runtime: | |
| name: nodejs | |
| options: | |
| typescript: false | |
| lock: | |
| region: ap-southeast-2 |
metral
/ pulumiWaitFor.ts
Created
June 18, 2020 17:42
— forked from timmyers/pulumiWaitFor.ts
Wait for a resource in pulumi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Make sure x is a true output so pulumi doesn't try to run this function during preview. | |
| const ingressIP = pulumi.all([x]).apply(async ([x]) => { | |
| const kc = new k8sClient.KubeConfig(); | |
| const provider = (this.getProvider('kubernetes::') as any) | |
| const kubeConfig = provider.kubeconfig as pulumi.Output<string>; | |
| const ip = kubeConfig.apply(async (config) => { | |
| kc.loadFromString(config); | |
| const k8sApi = kc.makeApiClient(k8sClient.CoreV1Api); |
metral
/ after.ts
Created
February 27, 2020 03:29
— forked from lblackstone/after.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Define the application configuration and secrets. | |
| const configs = new kx.ConfigMap("app-config", { | |
| data: { "config": "very important data" } | |
| }); | |
| const secrets = new kx.Secret("app-secrets", { | |
| stringData: { | |
| "app-password": new kx.RandomPassword("app-password"), | |
| "database-password": config.databasePassword | |
| } |
metral
/ after.ts
Created
February 27, 2020 03:29
— forked from lblackstone/after.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Define the application configuration and secrets. | |
| const configs = new kx.ConfigMap("app-config", { | |
| data: { "config": "very important data" } | |
| }); | |
| const secrets = new kx.Secret("app-secrets", { | |
| stringData: { | |
| "app-password": new kx.RandomPassword("app-password"), | |
| "database-password": config.databasePassword | |
| } |
metral
/ launch-talk.md
Last active
September 12, 2019 01:19
Secure, Production-Ready Kubernetes Apps Productively
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ aws ec2 describe-images --filters Name=description,Values=*linux*,*Linux* Name=name,Values=*amazon-eks-node* Name=manifest-location,Values=*amazon-eks-node-* Name=description,Values=*k8s*1.12* --owners 602401143452 | |
| { | |
| "Images": [ | |
| { | |
| "Architecture": "x86_64", | |
| "CreationDate": "2019-03-30T00:32:52.000Z", | |
| "ImageId": "ami-0abcb9f9190e867ab", | |
| "ImageLocation": "602401143452/amazon-eks-node-1.12-v20190329", | |
| "ImageType": "machine", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ aws ec2 describe-images --filters Name=description,Values=*linux*,*Linux* Name=name,Values=*amazon-eks-node* Name=manifest-location,Values=*amazon-eks-node-* Name=description,Values=*k8s*1.12* --owners 602401143452 | |
| { | |
| "Images": [ | |
| { | |
| "Architecture": "x86_64", | |
| "CreationDate": "2019-03-30T00:32:52.000Z", | |
| "ImageId": "ami-0abcb9f9190e867ab", | |
| "ImageLocation": "602401143452/amazon-eks-node-1.12-v20190329", | |
| "ImageType": "machine", |
metral
/ gist:81966d0edb8ff81fd30cda56937a3c33
Last active
December 2, 2020 17:47
metral/k8sdebug Pod
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: debug | |
| spec: | |
| #hostNetwork: true | |
| #hostPID: true | |
| containers: | |
| - image: metral/debug:latest | |
| command: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import * as awsx from "@pulumi/awsx"; | |
| import * as eks from "@pulumi/eks"; | |
| import * as k8s from "@pulumi/kubernetes"; | |
| const name = "test001" | |
| // Pull in existing VPC | |
| const vpc = awsx.Network.fromVpc(name, | |
| { | |
| vpcId: "vpc-<ID0>", |
NewerOlder