This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kubectl -n kube-system create serviceaccount tiller | |
kubectl create clusterrolebinding tiller \ | |
--clusterrole=cluster-admin \ | |
--serviceaccount=kube-system:tiller | |
helm init --service-account tiller |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#cloud-config | |
package_upgrade: true | |
package_update: true | |
packages: | |
- curl | |
- nfs-kernel-server | |
- python3-pip | |
runcmd: | |
- curl -s -o /var/tmp/install_docker https://releases.rancher.com/install-docker/18.09.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kubectl get authorizationrolebinding.auth.containership.io \ | |
| tail -n +2 | awk '{ print $1 }' | while read x; do | |
kubectl get -o yaml authorizationrolebinding.auth.containership.io/$x -o json | jq '.metadata.finalizers=[]' \ | |
| kubectl apply -f -; | |
done | |
kubectl get authorizationrole.auth.containership.io \ | |
| tail -n +2 | awk '{ print $1 }' | while read x; do | |
kubectl get -o yaml authorizationrole.auth.containership.io/$x -o json | jq '.metadata.finalizers=[]' \ | |
| kubectl apply -f -; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# Individual DoH server entries, one server per resolver. | |
# These establish proxy ports that the upstream resolvers | |
# can be reached via. | |
## | |
server { | |
listen 8001 default_server; | |
server_name _; | |
location / { | |
proxy_pass https://dns.google; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
mkdir certs my-safe-directory | |
cat > ca.cnf <<EOF | |
# OpenSSL CA configuration file | |
[ ca ] | |
default_ca = CA_default | |
[ CA_default ] | |
default_days = 365 |
OlderNewer