#Some discussions on logging from docker: Using logstash Using Papertrail
A lot of this boils down to whether you want a single or multi-process (systemd, supervisord etc.) container...
Key-Type: 1 | |
Key-Length: 2048 | |
Subkey-Type: 1 | |
Subkey-Length: 2048 | |
Name-Real: Root Superuser | |
Name-Email: root@handbook.westarete.com | |
Expire-Date: 0 |
packer build packer.json 2>&1 | sudo tee output.txt | |
tail -2 output.txt | head -2 | awk 'match($0, /ami-.*/) { print substr($0, RSTART, RLENGTH) }' > sudo ami.txt |
#Some discussions on logging from docker: Using logstash Using Papertrail
A lot of this boils down to whether you want a single or multi-process (systemd, supervisord etc.) container...
""" | |
Copies all keys from the source Redis host to the destination Redis host. | |
Useful to migrate Redis instances where commands like SLAVEOF and MIGRATE are | |
restricted (e.g. on Amazon ElastiCache). | |
The script scans through the keyspace of the given database number and uses | |
a pipeline of DUMP and RESTORE commands to migrate the keys. | |
Requires Redis 2.8.0 or higher. |
#!/bin/sh | |
set -x | |
set -e | |
# | |
# Docker build calls this script to harden the image during build. | |
# | |
# NOTE: To build on CircleCI, you must take care to keep the `find` | |
# command out of the /proc filesystem to avoid errors like: | |
# | |
# find: /proc/tty/driver: Permission denied |
processor : 0 | |
vendor_id : GenuineIntel | |
cpu family : 6 | |
model : 61 | |
model name : Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz | |
stepping : 4 | |
microcode : 0x23 | |
cpu MHz : 2457.468 | |
cache size : 3072 KB |
#!/usr/bin/env python | |
import boto3 | |
import argparse | |
class StaleSGDetector(object): | |
""" | |
Class to hold the logic for detecting AWS security groups that are stale. | |
""" | |
def __init__(self, **kwargs): |
Cross posted from blog.n1analytics.com
At N1 Analytics we use Kubernetes for running experiments, continuous integration testing and deployment. In this post I document setting up a Kubernetes cluster to automatically provision TLS certificates from Let's Encrypt using Jetstack's Certificate Manager, the helm package manager and the nginx-ingress controller.
I wrote this after migrating our cluster from traefik to use cert manager and nginx-ingress. The end state will be one where we can create Kubernetes ingress with a TLS certificate with only a set of annotations in the respective helm template.
I'm going to assume some background knowlege for this post, if you haven't heard of [Let's Encrypt](https://letsencrypt.org/abou