Pierre-Yves Aillet pyaillet

## ubuntu-docker-install.sh
#!/bin/sh

sudo apt-get update

sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    software-properties-common

## test-nested-vm.sh
#!/bin/sh

VM_NAME=nested-vm
VM_IMAGE_NAME=ubuntu-1604-nested
SOURCE_DISK=ubuntu-1604-xenial-v20180424
SOURCE_PROJECT=ubuntu-os-cloud
ZONE=europe-west1-d
MIN_CPU_MODEL="Intel Haswell"

#gcloud compute images create $VM_IMAGE_NAME \

## cc-install.sh
#!/bin/sh

# install docker
sudo -E apt-get -y install apt-transport-https ca-certificates wget software-properties-common
wget -qO - https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo -E add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo -E apt-get update
sudo -E apt-get -y install docker-ce

# install clear containers

## tasks.md

      
              1 file
            
          
              5 forks
            
          
              0 comments
            
          
              15 stars
            
          
                pyaillet
                / tasks.md
            
            
              Last active
              November 12, 2022 19:49
            
              
                CKA prep: k8s.io tasks
              
          
    Kubernetes tasks


Install tools

 Install and Set Up kubectl
 Install Minikube


Configure Pods and Containers

 Assign Memory Resources to Containers and Pods
 Assign CPU Resources to Containers and Pods
 Configure Quality of Service for Pods


 Assign Extended Resources to a Container


## Readme.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                pyaillet
                / Readme.md
            
            
              Last active
              November 28, 2018 13:44
            
              
                Access etcd from cluster (setup with kubeadm)
              
          
    Steps to access etcd from cluster (setup with kubeadm)

Create secret with etcd credentials

cd /etc/kubernetes/pki
kubectl create secret generic etcd-creds --from-file=etcd/ca.crt --from-file=apiserver-etcd-client.crt --from-file=apiserver-etcd-client.key

kubectl describe secret etcd-creds


## GCP-Architect.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              0 stars
            
          
                pyaillet
                / GCP-Architect.md
            
            
              Last active
              October 30, 2022 08:41
            
          
    All Products

Compute Products


 Compute Engine: Virtual Machines, Disks, Network ^🔗 ^📄
 App Engine: Managed App Platform ^🔗 ^📄
 Kubernetes Engine: Managed Kubernetes/Containers ^🔗 ^📄
 Cloud Functions: Event-driven serverless functions ^🔗 ^📄


## cfssl-example.json
{
  "CN": "Kubernetes",
  "key": {
    "algo": "rsa",
    "size": 2048
  },
  "names": [
    {
      "C": "FR",
      "L": "Nantes",

## setup.sh
#!/usr/bin/env sh

# Install
apt update
apt install -y python3 python3-pip neovim docker.io golang

USER="pyaillet"
USER_HOME="/home/$USER"
groupadd $USER
useradd -d $USER_HOME -m -g $USER -G adm,dialout,cdrom,floppy,audio,dip,video,plugdev,netdev,lxd,ubuntu,google-sudoers $USER

## cks-tasks.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              0 stars
            
          
                pyaillet
                / cks-tasks.md
            
            
              Last active
              December 29, 2022 10:00
            
              
                CKS Tasks
              
          
 Check certificates

/etc/kubernetes/pki
openssl x509 -in <certificate.crt> -noout -text
kubeadm certs renew all


 Check PID Namespace isolation

v1.PodSpec.shareProcessNamespace: true


 Use Network policies

 Default deny ingress
 Default deny egress


 frontend to backend


## docker-compose.blue.yaml
version: "3"
services:
  blue:
    image: containous/whoami
    labels:
    - traefik.http.routers.blue.rule=PathPrefix("/")
    - color=blue
  proxy:
    image: traefik:v2.5.4
    # Enables the web UI and tells Traefik to listen to docker
	#!/bin/sh

	sudo apt-get update

	sudo apt-get install \
	apt-transport-https \
	ca-certificates \
	curl \
	software-properties-common
	#!/bin/sh

	VM_NAME=nested-vm
	VM_IMAGE_NAME=ubuntu-1604-nested
	SOURCE_DISK=ubuntu-1604-xenial-v20180424
	SOURCE_PROJECT=ubuntu-os-cloud
	ZONE=europe-west1-d
	MIN_CPU_MODEL="Intel Haswell"

	#gcloud compute images create $VM_IMAGE_NAME \
	#!/bin/sh

	# install docker
	sudo -E apt-get -y install apt-transport-https ca-certificates wget software-properties-common
	wget -qO - https://download.docker.com/linux/ubuntu/gpg \| sudo apt-key add -
	sudo -E add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
	sudo -E apt-get update
	sudo -E apt-get -y install docker-ce

	# install clear containers
	{
	"CN": "Kubernetes",
	"key": {
	"algo": "rsa",
	"size": 2048
	},
	"names": [
	{
	"C": "FR",
	"L": "Nantes",
	#!/usr/bin/env sh

	# Install
	apt update
	apt install -y python3 python3-pip neovim docker.io golang

	USER="pyaillet"
	USER_HOME="/home/$USER"
	groupadd $USER
	useradd -d $USER_HOME -m -g $USER -G adm,dialout,cdrom,floppy,audio,dip,video,plugdev,netdev,lxd,ubuntu,google-sudoers $USER
	version: "3"
	services:
	blue:
	image: containous/whoami
	labels:
	- traefik.http.routers.blue.rule=PathPrefix("/")
	- color=blue
	proxy:
	image: traefik:v2.5.4
	# Enables the web UI and tells Traefik to listen to docker