nyrahul

[
  {
    "microservice": "cluster-entity-daemon",
    "operator": ">=",
    "version": "v0.2.0"
  },
  [
    {
      "depends_on": "shared-informer-service",
      "operator": ">=",

nyrahul

version: "3"

networks:
  gitea:
    external: false

services:
  server:
    image: gitea/gitea:1.17.1
    container_name: gitea

nyrahul

git fetch upstream
git checkout -b v0.3-backport remotes/upstream/v0.3
git cherry-pick <commit-hash> #Note that you should not pick merge hash
git push origin v0.3-backport

# Raise a PR from origin/v0.3-backport to upstream/v0.3

nyrahul

# Backporting to a branch by cherry-picking from the upstream/stable branch
git fetch upstream
git checkout upstream/v0.2 # verify if the tip is same as that of the branch you expect by comparing sha hash
git switch -c gke-cos-fix
git cherry-pick e2737efa975198efde13a48435cc994daa3ba018  # substitute with your commit of interest
git push origin gke-cos-fix # push the branch to your origin repo
# Go to github UI and raise PR to the v0.2 branch

# Pull PR locally and test
git fetch upstream pull/37/head:mybranch

nyrahul

//https://stackoverflow.com/questions/70344928/bpf-kprobe-macro-provides-unexpected-value-of-function-argument

// Trying without BPF_KPROBE
SEC("kprobe/__x64_sys_close")
int myclose(struct pt_regs *ctx) {
    u32 pid = bpf_get_current_pid_tgid() >> 32; 
    int fd = PT_REGS_PARM1_CORE(ctx);

    // filter specific pid for simplicity
    if (pid != SRV_PID) {

nyrahul

#!/usr/bin/env bash

annotate()
{
    ns_ignore_list=("kube-system" "explorer" "cilium" "kubearmor")
    while read line; do
        depnm=${line/ */} 
        depns=${line/* /}
        [[ " ${ns_ignore_list[*]} " =~ " ${depns} " ]] && continue
        echo "Applying KubeArmor visibility annotation for namespace=[$depns], $1=[$depnm]"

nyrahul

# -------[ Cilium installation on GKE ]---------
NATIVE_CIDR="$(gcloud container clusters describe "cluster-core-backend" --zone "us-central1-c" --format 'value(clusterIpv4Cidr)')"

# with hubble-relay
helm install cilium cilium/cilium --version 1.9.6 \
    --namespace kube-system \
    --set nodeinit.enabled=true \
    --set nodeinit.reconfigureKubelet=true \
    --set nodeinit.removeCbrBridge=true \
    --set cni.binPath=/home/kubernetes/bin \

nyrahul

#!/bin/bash

# Usage: $0 <pod> [tcpdump-filter]

[[ "$1" == "" ]] && echo "Usage: $0 <pod> [tcpdump-filter]" && exit 1

ep_id=`kubectl get cep -A -o jsonpath="{.items[?(@.metadata.name==\"$1\")].status.id}"`
iface=`cilium endpoint get $ep_id -o jsonpath="{[*].status.networking.interface-name}"`
shift

nyrahul

ssh -L 6060:127.0.0.1:6060 vagrant@192.168.34.11

golang pprof tool by default starts the pprof web server on localhost:6060. My pprof was running inside a VM and I needed to access the web server from the host. I could ssh to the VM. Thus I needed to enable port-forwarding on the host to the VM (remote).

ssh -L 6060:127.0.0.1:6060 vagrant@192.168.34.11
         |      |       |  |-------v------------|
         |      |       |           \--------------- remote ssh user@hostname
         |      |       |
         |      |       \--------- remote port to forward
         |      |

nyrahul

#include <stdio.h>

#define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2 * !!(condition)]))

int main(void)
{
    struct t { 
        int x;
        int y;
        int z;