onpaws

kubectl run -it --rm --restart=Never --image ubuntu tempubuntu -- /bin/bash

onpaws

#!/usr/bin/tclsh
if {[llength $argv]!=2} {exit 1}
set in [open [lindex $argv 0] rb]
set out [open [lindex $argv 1] wb]
while {1} {
read $in 16
if {[eof $in]} {exit 0}
set user [read $in 2048]
puts -nonewline $out $user
read $in 288

onpaws

# Instant HTTP/3 sandbox

# 1. Install a version of curl with HTTP/3 support (e.g. quiche)
# TL,DR: brew install -s https://raw.githubusercontent.com/cloudflare/homebrew-cloudflare/master/curl.rb --HEAD 
# More info https://developers.cloudflare.com/http3/intro/curl-brew/

# 2. Stand up an HTTP/3 server. Below is a k8s manifest using nginx + quiche
# Note: In this example, port 8080 is HTTP/1.1 and 8443 is HTTP/3 (also HTTP/2).
# HTTP/1.1 might be useful to confirm you can reach nginx at all. Then you can move onto HTTP/3.

onpaws

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  namespace: default
  name: pv-default-100g-disk01
  annotations:
    volume.beta.kubernetes.io/storage-class: default
spec:
  accessModes:
  - ReadWriteOnce

onpaws

Kubernetes and Rancher Adventures...on the cheap

TL, DR: a guide to setup k8s clusters quickly and cheaply, optionally with Rancher for easy GUI-based admin and role management.

I wanted to learn more about k8s but didn't particularly want to commit to paying substantial $ for hosting a 'normal' Kubernetes cluster somewhere. I wanted to stick to the lowest possible budget, but still have real k8s running on a server somewhere.

This doc explains how I did that. It happens to go into Rancher but it could be any cloud native app. Intended for my own learning purposes and edification. If things go well, I might stand up some real apps with external users one day.

Cheap unmanaged k8s option

Hetzner offers 'just compute' at pretty competitive prices. While you don't get managed Kubernetes, if you're early in your k8s journey, it may be in your interest from a lowest possible cost perspective. Consider e.g. k3s_hetzner

onpaws

2023-07-06T03:30:05.143Z DEBUG hyper::proto::h1::io                    > parsed 5 headers
 2023-07-06T03:30:05.143Z DEBUG hyper::proto::h1::conn                  > incoming body is content-length (44 bytes)
 2023-07-06T03:30:05.143Z DEBUG hyper::proto::h1::conn                  > incoming body completed
 2023-07-06T03:30:05.144Z DEBUG sqlparser::parser                       > parsing expr
 2023-07-06T03:30:05.144Z DEBUG sqlparser::parser                       > parsing expr
 2023-07-06T03:30:05.144Z DEBUG sqlparser::parser                       > prefix: Value(Number("1", false))
 2023-07-06T03:30:05.144Z DEBUG sqlparser::parser                       > get_next_precedence() TokenWithLocation { token: Comma, location: Location { line: 0, column: 0 } }
 2023-07-06T03:30:05.144Z DEBUG sqlparser::parser                       > 0: , 1: 2 2: )
 2023-07-06T03:30:05.144Z DEBUG sqlparser::parser                       > next precedence: 0
 2023-07-06T03:30:05.144Z DEBUG sqlparser::parser                       > parsing

onpaws

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pv-standard-550g-disk01
  annotations:
    volume.beta.kubernetes.io/storage-class: standard
spec:
  accessModes:
    - ReadWriteOnce
  resources:

onpaws

/* via http://stackoverflow.com/questions/7048839/sql-server-query-to-find-all-permissions-access-for-all-users-in-a-database
Security Audit Report
1) List all access provisioned to a sql user or windows user/group directly 
2) List all access provisioned to a sql user or windows user/group through a database or application role
3) List all access provisioned to the public role

Columns Returned:
UserName        : SQL or Windows/Active Directory user cccount.  This could also be an Active Directory group.
UserType        : Value will be either 'SQL User' or 'Windows User'.  This reflects the type of user defined for the 
                  SQL Server user account.

onpaws

# k8s will evict pods when resources get too tight, and by default retains a long history of evictions (either >12k, or 1000 on Rancher)
# This commmand will clean up the stale/evicted pods

kubectl get pods -A | grep Evicted | while read namespace pod rest; do kubectl delete pod $pod -n $namespace; done

onpaws

url: https://github.com/splitgraph/seafowl-gcsfuse/

comment: Hello HN! I'm an engineer at Splitgraph and recently started learning Rust so I could make my first contribution to Seafowl [0], an early stage analytical database. Along the way I figured out a database hosting hack on GCP and wanted to share it with HN. It's a way to achieve "true" scale to zero database hosting that could be useful for certain side projects or spiky traffic situations.

A recurring problem I've faced with side projects is the need for Postgres, but no desire to deploy or maintain new instances. So when I learned GCP's "always free" tier includes serverless [1] I got curious to see if I could run a database.

While a lot of classic databases aren't usually a great fit for serverless, Seafowl separates compute, storage and catalog (catalog == a SQLite file of metadata). [2] Last month I was able to introduce GCS bucket compat to Seafowl, which enabled me to mount the catalog via gcsfuse (i.e. an adapter that allows attaching