Skip to content

Instantly share code, notes, and snippets.

View mgoodness's full-sized avatar

Michael Goodness mgoodness

84 followers · 8 following
View GitHub Profile
@mgoodness
mgoodness / k8s-svc-annotations.md
Last active March 11, 2024 16:24
AWS ELB-related annotations for Kubernetes Services (as of v1.12.0)

AWS Service annotations

  • service.beta.kubernetes.io/aws-load-balancer-access-log-emit-interval (in minutes)
  • service.beta.kubernetes.io/aws-load-balancer-access-log-enabled (true|false)
  • service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-name
  • service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-prefix
  • service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags (comma-separated list of key=value)
  • service.beta.kubernetes.io/aws-load-balancer-backend-protocol (http|https|ssl|tcp)
  • service.beta.kubernetes.io/aws-load-balancer-connection-draining-enabled (true|false)
@mgoodness
mgoodness / _pyenv.zsh
Last active December 24, 2023 15:36
"New" (compsys) zsh completion script for pyenv
#compdef pyenv
# Ref: https://github.com/pyenv/pyenv/pull/1644
if [[ ! -o interactive ]]; then
return
fi
local state line
typeset -A opt_args
@mgoodness
mgoodness / openpgp.md
Created December 5, 2022 18:24
Keyoxide Proof

[Verifying my cryptographic key:openpgp4fpr:4C556569AD90DE0419009E974A31C228815AA553]

@mgoodness
mgoodness / heapster-user-rbac.yaml
Created October 13, 2017 20:37
Minimal RBAC to enable `kubectl top`
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: heapster-user
rules:
- apiGroups:
- ""
resourceNames:
- "http:heapster:"
@mgoodness
mgoodness / helm-rbac.md
Last active October 30, 2021 17:04
Helm RBAC setup for K8s v1.6+ (tested on minikube) 
kubectl -n kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller
@mgoodness
mgoodness / asp.sh
Last active October 14, 2021 08:36
Bash/Zsh function for switching AWS profiles (supports sts assume-role)
function asp {
if [[ -z "$1" ]]; then
if [[ -z "$AWS_DEFAULT_PROFILE" ]]; then
echo "No profile set"
else
asp "$AWS_DEFAULT_PROFILE"
echo "$AWS_DEFAULT_PROFILE"
fi
else
if ! fgrep -q "[profile $1]" ~/.aws/config; then
@mgoodness
mgoodness / git-rebase-preserve-author.fish
Created September 4, 2017 23:37
function git-rebase-preserve-author -d 'Rebase preserving original author' -a branch
git rebase --preserve-merges $branch
set -l root_dir (git rev-parse --show-toplevel)
while test -f $root_dir/.git/rebase-merge/stopped-sha
set -l stopped_sha (cat $root_dir/.git/rebase-merge/stopped-sha)
set -l git_author_string (git show -s --format='%an <%ae>' $stopped_sha)
for c in (git diff --name-only --diff-filter=U)
eval $EDITOR $root_dir/$c
@mgoodness
mgoodness / format-etcd-ebs.service
Last active January 2, 2021 22:08
Systemd unit file to format EBS volume
[Unit]
Description=Format EBS volume if needed
Before=etcd2.service
[Service]
ExecStart=/bin/bash -c \
'(/usr/sbin/blkid -t TYPE=ext4 | grep /dev/xvdb) || \
(/usr/sbin/wipefs -fa /dev/xvdb && /usr/sbin/mkfs.ext4 /dev/xvdb)'
RemainAfterExit=yes
Type=oneshot
@mgoodness
mgoodness / var-lib-etcd2.mount
Last active July 20, 2020 12:29
Systemd unit file to mount EBS volume to /var/etc/data
[Unit]
Description=Mount EBS volume at /var/lib/etcd2
Requires=format-etcd-ebs.service
After=format-etcd-ebs.service
Before=etcd2.service
[Mount]
DirectoryMode=0777
Type=ext4
What=/dev/xvdb
@mgoodness
mgoodness / kube-dns-rbac.md
Last active June 7, 2019 18:33
kube-dns RBAC setup for K8s v1.6+ (tested on minikube) 
kubectl -n kube-system create sa kube-dns
kubectl -n kube-system patch deploy/kube-dns -p '{"spec": {"template": {"spec": {"serviceAccountName": "kube-dns"}}}}'