Neeraj Poddar nrjpoddar
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: EnvoyFilter | |
| metadata: | |
| name: outbound-max-streams | |
| spec: | |
| workloadSelector: | |
| labels: | |
| app: reviews | |
| configPatches: | |
| - applyTo: CLUSTER |
nrjpoddar
/ check-authz-migration-required.sh
Last active
April 5, 2021 14:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eEuo pipefail | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| NC='\033[0m' | |
| INGRESS_LABEL="istio=ingressgateway" | |
| INGRESS_NAMESPACE="istio-system" |
nrjpoddar
/ test-authz.yaml
Last active
April 2, 2021 10:10
Test AuthZ policies applied with bookinfo-gateway.yaml applied
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "security.istio.io/v1beta1" | |
| kind: "AuthorizationPolicy" | |
| metadata: | |
| name: block-admin-access-1 | |
| namespace: istio-system | |
| spec: | |
| selector: | |
| matchLabels: | |
| istio: ingressgateway | |
| action: DENY |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eEo pipefail | |
| trap clean_up EXIT SIGINT | |
| dockerID="" | |
| tmpDir="" | |
| clean_up() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "authentication.istio.io/v1alpha1" | |
| kind: "Policy" | |
| metadata: | |
| name: "jwt-example" | |
| namespace: istio-system | |
| spec: | |
| targets: | |
| - name: istio-ingressgateway | |
| origins: | |
| - jwt: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo EDITOR=vim visudo | |
| # Change the following in /etc/sudoers: | |
| # %sudo ALL=(ALL:ALL) ALL -> %sudo ALL=(ALL:ALL) NOPASSWD:ALL | |
| sudo mkdir -p /home/mynewuser/.ssh | |
| sudo adduser --home /home/mynewuser --disabled-password --shell /bin/bash mynewuser | |
| sudo usermod -aG sudo mynewuser | |
| sudo chown -R mynewuser:mynewuser /home/mynewuser/ | |
| sudo chmod 700 /home/mynewuser/.ssh |
nrjpoddar
/ build-proxy-image-local.sh
Last active
January 20, 2020 05:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eExo pipefail | |
| SCRIPTNAME=$(basename $0) | |
| function print_and_exit { | |
| cat << EOF | |
| $SCRIPTNAME <path-to-local-proxy-binary> | |
| EOF |
nrjpoddar
/ buffered-error.go
Created
July 3, 2019 21:48
Safe error handling from multiple Go routines via buffered channels
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func (m *Factory) StartInformer() error { | |
| // Stop channel for our informers | |
| stopCh := make(chan struct{}) | |
| // error channel for the go funcs | |
| errCh := make(chan string, 2) | |
| defer close(errCh) | |
| // Synchronizing at the end | |
| var wg sync.WaitGroup |
nrjpoddar
/ Helm downgrade
Last active
November 8, 2018 20:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| If you have ever have to downgrade Helm here are the steps (e.g. to version 2.8.2: | |
| 1) Download the binary for OSX from here: https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-darwin-amd64.tar.gz | |
| 2) mkdir -p /tmp/helm; tar -C /tmp/helm ~/Downloads/helm-v2.8.2-darwin-amd64.tar.gz | |
| 3) mv /tmp/helm/darwin-amd64/helm /usr/local/bin | |
| 4) rm -rf /tmp/helm ~/Downloads/helm-v2.8.2-darwin-amd64.tar.gz | |
| 5) helm init --client-only | |
| 6) Next, install helm diff, note that "helm plugin install https://github.com/databus23/helm-diff --version v2.8.2+2" doesn't work. | |
| 7) Instead download and move the helm-diff plugin in the $HELM_HOME dir. | |
| Note `brew install kubernetes-helm` doesn't work for old releases. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const transformer = require('transformer'); | |
| class MockClient { | |
| constructor() { this._msg = null; } | |
| put(msg) { this._msg = msg; } | |
| getMsg() { return this._msg; } | |
| } | |
| describe('test-transformer', function(done) { | |
| it('putsData', function(data) { |