I hereby claim:
- I am skippy on github.
- I am adamgreene (https://keybase.io/adamgreene) on keybase.
- I have a public key ASByMY7_fuDQ0XecthPOkCmQIzy_ynIAgfuXqlMWhQjoWQo
To claim this, I am signing this object:
{ | |
"listeners": [ | |
{ | |
"address": "tcp://0.0.0.0:443", | |
"ssl_context": { | |
"cert_chain_file": "/etc/envoy/cert/cert.crt", | |
"private_key_file": "/etc/envoy/cert/cert.key", | |
"ca_cert_file": "/etc/envoy/cert/cert.ca" | |
}, | |
"filters": [ |
you'll want to setup ENVs, such as: | |
(dockerfile) | |
``` | |
ENV VAULT_ADDR "https://active.vault.service.capsci:8200" | |
ENV VAULT_CACERT "/vault/config/vault_tls.ca" | |
ENV CURL_CA_BUNDLE "/vault/config/vault_tls.ca" | |
``` | |
/vault/config/vault_tls.ca is pre-cached from when vault is initally bootstrapped and the PKI instance is initalized. But once it is, and you put it into your container, you are good to go. |
core@ip-10-0-10-31 ~ $ sudo systemctl restart vault | |
$ docker exec -it vault vault unseal -ca-cert=/tmp/tmp_ca/ca.cer -address=https://127.0.0.1:8200 | |
Key (will be hidden): | |
Sealed: true | |
Key Shares: 5 | |
Key Threshold: 3 | |
Unseal Progress: 1 | |
$ docker exec -it vault vault unseal -ca-cert=/tmp/tmp_ca/ca.cer -address=https://127.0.0.1:8200 | |
Key (will be hidden): | |
Sealed: true |
I hereby claim:
To claim this, I am signing this object:
2016/08/03 21:28:05.791986 [DEBUG] ("secret(pki/internal-services/issue/base)") vault returned the secret | |
2016/08/03 21:28:05.792014 [INFO] (view) "secret(pki/internal-services/issue/base)" received data | |
2016/08/03 21:28:05.792034 [DEBUG] (view) "secret(pki/internal-services/issue/base)" starting fetch | |
2016/08/03 21:28:05.792096 [DEBUG] ("secret(pki/internal-services/issue/base)") querying vault with &{AllowStale:true WaitIndex:1470259685 WaitTime:1m0s} | |
2016/08/03 21:28:05.792107 [DEBUG] ("secret(pki/internal-services/issue/base)") pretending to long-poll for "59s" | |
2016/08/03 21:28:05.792130 [DEBUG] (runner) receiving dependency "secret(pki/internal-services/issue/base)" | |
2016/08/03 21:28:05.792137 [INFO] (runner) running | |
2016/08/03 21:28:05.792142 [DEBUG] (runner) checking template /consul-template/template.d/internal-proxy.service.consul.pem.tmpl | |
2016/08/03 21:28:05.792454 [DEBUG] (runner) checking ctemplate &{Source:/consul-template/template.d/internal-proxy.service.consul.pem.tmpl Destination:/etc/haproxy/ |
-- Logs begin at Thu 2015-09-10 19:31:27 UTC, end at Fri 2015-09-11 02:58:04 UTC. -- | |
Sep 10 19:31:58 ip-10-0-12-192.us-west-2.compute.internal systemd[1]: Starting vault service... | |
Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[843]: Error response from daemon: no such id: vault | |
Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[843]: time="2015-09-10T19:31:59Z" level=fatal msg="Error: failed to kill one or more containers" | |
Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[951]: Error response from daemon: no such id: vault | |
Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[951]: time="2015-09-10T19:31:59Z" level=fatal msg="Error: failed to remove one or more containers" | |
Sep 10 19:32:01 ip-10-0-12-192.us-west-2.compute.internal flock[975]: latest: Pulling from skippy/vault.dev | |
Sep 10 19:32:01 ip-10-0-12-192.us-west-2.compute.internal flock[975]: 31f630c65071: Pulling fs layer | |
Sep 10 19:32:01 ip-10-0-12-192.us-west-2.compute.internal flock[975]: 084e |
Update the google/protobuf 3.0-alpha library in 2 concrete areas, and 1 opinionated way:
#push
, should be tested as this library uses plenty of low-level handcrafted codenil
instead of raising an exception when an array index out-of-bounds occurs, have common names and aliases for methods (e.g. #size
and #length
), and having RepeatedFields
quack like an array, and Map
quack like a hash. There may be other examples.First off, I'm ve
#!/usr/bin/env ruby | |
require 'rubygems' | |
require 'bundler/setup' | |
require 'benchmark' | |
require 'google/protobuf' | |
pool = Google::Protobuf::DescriptorPool.new | |
pool.build do |
# google-protobuf/master | |
require 'google/protobuf' | |
pool = Google::Protobuf::DescriptorPool.new | |
pool.build do | |
add_message 'ProtoMsg' do | |
repeated :msg_string, :string, 1 | |
end | |
end | |
ProtoMsg = pool.lookup('ProtoMsg').msgclass |
require 'benchmark' | |
require 'google/protobuf' | |
pool = Google::Protobuf::DescriptorPool.new | |
pool.build do | |
add_message "TestMessage" do | |
optional :optional_int32, :int32, 1 | |
optional :optional_int64, :int64, 2 | |
optional :optional_uint32, :uint32, 3 | |
optional :optional_uint64, :uint64, 4 |