pavolloffay

This issue contains my knowledge of SearchGuard configuration in image https://github.com/openshift/origin-aggregated-logging/tree/master/elasticsearch/sgconfig. Which is then used in https://github.com/openshift/elasticsearch-operator.

SearchGuard is configured in these files:

• sg_action_groups.yml - ES privileges https://www.elastic.co/guide/en/shield/2.2/privileges-list.html mapped into SG groups . Note that there are cluster and index privileges. These grous are then used in sg_roles.yml
• sg_roles.yml - maps users with action groups - e.g. jaeger can READ
• sg_roles_mapping.yml - maps users/roles to authentication types

Curator will be authenticated via certificates:

pavolloffay

package tlscfg

import (
	"crypto/tls"
	"fmt"
	"github.com/stretchr/testify/require"
	"go.uber.org/zap"
	"io/ioutil"
	"net/http"
	"testing"

pavolloffay

What I Wish I'd Known About Equity Before Joining A Unicorn

Disclaimer: This piece is written anonymously. The names of a few particular companies are mentioned, but as common examples only.

This is a short write-up on things that I wish I'd known and considered before joining a private company (aka startup, aka unicorn in some cases). I'm not trying to make the case that you should never join a private company, but the power imbalance between founder and employee is extreme, and that potential candidates would

pavolloffay

kubectl apply -f https://raw.githubusercontent.com/pavolloffay/kubecon-eu-2023-opentelemetry-kubernetes-tutorial/main/app/k8s.yaml

kubectl port-forward svc/frontend-service -n tutorial-application 4000:4000

kubectl patch deployment frontend-deployment -n tutorial-application -p '{"spec": {"template":{"metadata":{"annotations":{"instrumentation.opentelemetry.io/inject-sdk":"true"}}}} }'

kubectl patch deployment backend1-deployment -n tutorial-application -p '{"spec": {"template":{"metadata":{"annotations":{"instrumentation.opentelemetry.io/inject-python":"true"}}}} }'