start new:
tmux
start new with session name:
tmux new -s myname
{ - arteffect tdsn reader - (c) 1997 SSG/arteffect - 28th Sep 97 - 15:54 - } | |
uses | |
XStream,XColl,XBuf,XMouse,Objects,qText,XStr,Dos; | |
type | |
PArticle = ^TArticle; | |
TArticle = record |
#!/bin/bash | |
# Requires: awscli (http://aws.amazon.com/cli/) | |
# Prints out a list of all security groups and their settings, just for quickly auditing it. | |
# Your AWS credentials | |
if [ -z ${AWS_ACCESS_KEY_ID} ]; then | |
export AWS_ACCESS_KEY_ID='***' | |
export AWS_SECRET_ACCESS_KEY='***' | |
fi |
Here are several different ways to test a TCP port without telnet.
$ cat < /dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_5.3
^C
$ cat < /dev/tcp/127.0.0.1/23
Warning: the RKE install method is only supported up to v2.0.8!
This gist describes how to setup Rancher 2 HA, by using self signed certificates (with intermediate) and a Layer 4 Loadbalancer (TCP)
type tmux
in terminal
Windows:
Panes/Split:
# export the task def | |
family='TaskDefName' | |
$ aws ecs describe-task-definition --task-definition $family \ | |
--query "taskDefinition.{family:family, taskRoleArn:taskRoleArn, executionRoleArn:executionRoleArn, networkMode:networkMode, containerDefinitions:containerDefinitions, volumes:volumes, placementConstraints:placementConstraints, requiresCompatibilities:requiresCompatibilities, cpu:cpu, memory:memory, tags:tags, pidMode:pidMode, ipcMode:ipcMode, proxyConfiguration:proxyConfiguration}" | jq 'del(.[] | nulls)' > taskDef.json | |
# import the task def into newFamily task family | |
$ aws ecs register-task-definition --cli-input-json file://taskDef.json --family newFamily | |
# one-liner | |
aws ecs describe-task-definition --task-definition $family \ |
tiers-basic:platform for certified infrastructure, standard:advanced image and container management, LDAP,RBAC , advanced:security scanning | |
docker swarm:clustering and scheduling tool | |
docker swarm manager:responsible for validating, logging the state of and distributing instructions to docker swarm workers | |
docker service daemon is installed on every node in a swarm (manager or worker) | |
managers:use a consensus algorithm to maintain quorum (require a min of 2 managers) | |
workers: register with managers and receive workloads from them | |
services:an application that exist and hosted across workers | |
RBAC:roll based access control | |
/etc/docker/daemon.json | |
/var/lib/docker/containers |
#!/usr/bin/env python3 | |
import atexit | |
import json | |
import requests | |
import subprocess | |
import sys | |
namespace = sys.argv[1] | |
proxy_process = subprocess.Popen(['kubectl', 'proxy']) | |
atexit.register(proxy_process.kill) |
kubectl create secret docker-registry regcred \ | |
--docker-server=<aws-account-id>.dkr.ecr.<aws-region>.amazonaws.com \ | |
--docker-username=AWS \ | |
--docker-password=$(aws ecr get-login-password) \ | |
-o yaml | |
# This creates the regcred secret and at the same time output YAML to standard output which you | |
# can store elsewhere. In my case I have two machines, one having aws and the other having kubectl. | |
# So I run "aws ecr get-login-password" on one machine and paste the result to replace | |
# $(aws ecr get-login-password). |