rikatz

For the default backend, apparently it is using proxy_protocol. Proxy is not implemented yet, as NGINX does not support setting proxy using a variable.

Probably need to create 2 segregated internal listeners, one with proxy and one without it.

Maybe, if I can already pass inside what backend should be used (a dynamic variable with the script loaded globally? otherwise will have to query the shared map twice)

rikatz

package main

import (
	"flag"
	"log"
	"net"

	"github.com/davecgh/go-spew/spew"
	"github.com/insomniacslk/dhcp/dhcpv4"
	client4 "github.com/insomniacslk/dhcp/dhcpv4/client4"

rikatz

package main

import (
	"context"
	"encoding/base64"
	"flag"
	"fmt"
	"log"
	"math/rand"
	"time"

rikatz

iptables-xml
ldd /usr/bin/iptables-xml
	linux-vdso.so.1 (0x00007fff2c394000)
	libip4tc.so.2 => /usr/lib/x86_64-linux-gnu/libip4tc.so.2 (0x00007f5f0316c000)
	libip6tc.so.2 => /usr/lib/x86_64-linux-gnu/libip6tc.so.2 (0x00007f5f03162000)
	libxtables.so.12 => /usr/lib/x86_64-linux-gnu/libxtables.so.12 (0x00007f5f0314f000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f5f02f8a000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f5f02f84000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f5f031fb000)
  

rikatz

{
  "annotations": {
    "list": [
      {
        "builtIn": 1,
        "datasource": "-- Grafana --",
        "enable": true,
        "hide": true,
        "iconColor": "rgba(0, 211, 255, 1)",
        "name": "Annotations & Alerts",

rikatz

Initial startup
=====================================
*****************
Service: &{Service:Namespace:"default" Name:"hello-world1" Type:"ClusterIP" IPs:{ClusterIP:"10.107.43.121" ExternalIPs:{}} Ports:{Name:"management" Protocol:TCP Port:15672 TargetPort:15672} Ports:{Name:"amqp" Protocol:TCP Port:5672 TargetPort:5672} Endpoints:[IPs:{V4:"172.16.104.14"}]}
*****************
*****************
Service: &{Service:Namespace:"default" Name:"hello-world1-nodes" Type:"ClusterIP" IPs:{ClusterIP:"None" ExternalIPs:{}} Ports:{Name:"epmd" Protocol:TCP Port:4369 TargetPort:4369} Ports:{Name:"cluster-rpc" Protocol:TCP Port:25672 TargetPort:25672} Endpoints:[Hostname:"hello-world1-server-0" IPs:{V4:"172.16.104.14"}]}
*****************
*****************
Service: &{Service:Namespace:"default" Name:"kubernetes" Type:"ClusterIP" IPs:{ClusterIP:"10.96.0.1" ExternalIPs:{}} Ports:{Name:"https" Protocol:TCP Port:443 TargetPort:6443} Endpoints:[IPs:{V4:"192.168.0.150"}]}

rikatz

package main

import (
        "context"
        "fmt"

        monitoring "cloud.google.com/go/monitoring/apiv3/v2"
        monitoringpb "google.golang.org/genproto/googleapis/monitoring/v3"
        "google.golang.org/protobuf/types/known/durationpb"
)

rikatz

Expected combined:
+--------+-----+-----+-----+-----+-----+-----+-----+-----+-----+
| TCP/80 | X/A | X/B | X/C | Y/A | Y/B | Y/C | Z/A | Z/B | Z/C |
| TCP/81 |     |     |     |     |     |     |     |     |     |
| UDP/80 |     |     |     |     |     |     |     |     |     |
| UDP/81 |     |     |     |     |     |     |     |     |     |
+--------+-----+-----+-----+-----+-----+-----+-----+-----+-----+
| x/a    | X   | X   | X   | .   | .   | X   | .   | .   | X   |
|        | X   | X   | X   | X   | X   | X   | X   | X   | X   |
|        | X   | X   | X   | X   | X   | X   | X   | X   | X   |

rikatz

apiVersion: v1
data:
  prometheus.yaml: |
    global:
      scrape_interval:     300s
      evaluation_interval: 300s
    rule_files:
      - "cert_rules.yaml"
    scrape_configs:
      - job_name: certmanager

rikatz

apiVersion: v1
kind: ConfigMap
metadata:
  name: gke-certmanager-config
  namespace: kube-system
data:
  gke-metrics-agent-config.yaml : |
    receivers:
      prometheus:
        config: