Skip to content

Instantly share code, notes, and snippets.

View pavolloffay's full-sized avatar
🚀
Let's build something together!

Pavol Loffay pavolloffay

🚀
Let's build something together!
View GitHub Profile
@pavolloffay
pavolloffay / searchguard.md
Last active March 9, 2020 13:26
Jaeger ECL search guard

This issue contains my knowledge of SearchGuard configuration in image https://github.com/openshift/origin-aggregated-logging/tree/master/elasticsearch/sgconfig. Which is then used in https://github.com/openshift/elasticsearch-operator.

SearchGuard is configured in these files:

  • sg_action_groups.yml - ES privileges https://www.elastic.co/guide/en/shield/2.2/privileges-list.html mapped into SG groups . Note that there are cluster and index privileges. These grous are then used in sg_roles.yml
  • sg_roles.yml - maps users with action groups - e.g. jaeger can READ
  • sg_roles_mapping.yml - maps users/roles to authentication types

Curator will be authenticated via certificates:

package tlscfg
import (
"crypto/tls"
"fmt"
"github.com/stretchr/testify/require"
"go.uber.org/zap"
"io/ioutil"
"net/http"
"testing"

What I Wish I'd Known About Equity Before Joining A Unicorn

Disclaimer: This piece is written anonymously. The names of a few particular companies are mentioned, but as common examples only.

This is a short write-up on things that I wish I'd known and considered before joining a private company (aka startup, aka unicorn in some cases). I'm not trying to make the case that you should never join a private company, but the power imbalance between founder and employee is extreme, and that potential candidates would

@pavolloffay
pavolloffay / readme.md
Last active October 24, 2023 07:54
DevNation October 2023 Tempo and OTEL auto-instrumentation
kubectl apply -f https://raw.githubusercontent.com/pavolloffay/kubecon-eu-2023-opentelemetry-kubernetes-tutorial/main/app/k8s.yaml

kubectl port-forward svc/frontend-service -n tutorial-application 4000:4000

kubectl patch deployment frontend-deployment -n tutorial-application -p '{"spec": {"template":{"metadata":{"annotations":{"instrumentation.opentelemetry.io/inject-sdk":"true"}}}} }'

kubectl patch deployment backend1-deployment -n tutorial-application -p '{"spec": {"template":{"metadata":{"annotations":{"instrumentation.opentelemetry.io/inject-python":"true"}}}} }'