Skip to content

Instantly share code, notes, and snippets.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: argocd-server-http-ingress
namespace: argocd
annotations:
kubernetes.io/ingress.class: "contour"
ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
rules:
var tls=require("tls")
var https=require("https")
var options={
host:"containersteve.com",
// host:"demo.projectcontour.io",
port:443,
path:"/"
}
var agentOptions = {
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: containersteve-com
namespace: default
spec:
secretName: containersteve-secret
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
sudo iptables -L -n -v
Chain INPUT (policy ACCEPT 778 packets, 364K bytes)
pkts bytes target prot opt in out source destination
11M 2729M cali-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:Cz_u1IQiXIMmKD4c */
11M 2727M KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */
11M 2891M KUBE-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 10 packets, 400 bytes)
pkts bytes target prot opt in out source destination
1892K 1853M cali-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:wUHhoiAYhphO9Mso */
$ sudo iptables -L -n -v
Chain INPUT (policy ACCEPT 278 packets, 57387 bytes)
pkts bytes target prot opt in out source destination
4469 5825K cali-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:Cz_u1IQiXIMmKD4c */
7873 36M KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */
20691 208M KUBE-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 18 packets, 720 bytes)
pkts bytes target prot opt in out source destination
1648 87080 cali-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:wUHhoiAYhphO9Mso */
$ sudo iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */
KUBE-FIREWALL all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER-ISOLATION all -- anywhere anywhere
DOCKER all -- anywhere anywhere
<section>
<section id="a-modular-workshop-series-for-learning-kubernetes">
<a href="http://kubernetes.io/"><img src="https://cdn.rawgit.com/ryanj/1aed9676c69ab0073be0beb60ca77a9c/raw/74f82bdfb47f1addaca529e8ee63ed678356a62f/kubernetes-blueprint-logo.svg" alt="kubernetes" style='width:30%;'></a>
<h1><code>k8s-workshops</code></h1>
<h4>a modular workshop series for <a href="http://kubernetes.io/">Kubernetes</a></h4>
<br/>
<h3 class='fragment grow'><a href="http://bit.ly/k8s-workshops"><code>bit.ly/k8s-workshops</code></a></h3>
</section>
<section id='brought-to-you-by' data-markdown>
brought to you by
Nov 03 15:12:25 ip-10-0-70-22.ec2.internal kubelet-wrapper[26385]: E1103 15:12:25.666697 26385 kubelet.go:1813] Unable to mount volumes for pod "es-master02-4258059340-gsy7q_steve(a59dc63e-a1d7-11e6-80f0-12eeb6a0f22c)": timeout expired waiting for volumes to attach/mount for pod "es-master02-4258059340-gsy7q"/"steve". list of unattached/unmounted volumes=[storage]; skipping pod
Nov 03 15:12:25 ip-10-0-70-22.ec2.internal kubelet-wrapper[26385]: E1103 15:12:25.666736 26385 pod_workers.go:184] Error syncing pod a59dc63e-a1d7-11e6-80f0-12eeb6a0f22c, skipping: timeout expired waiting for volumes to attach/mount for pod "es-master02-4258059340-gsy7q"/"steve". list of unattached/unmounted volumes=[storage]
Nov 03 15:12:32 ip-10-0-70-22.ec2.internal kubelet-wrapper[26385]: I1103 15:12:32.598588 26385 reconciler.go:229] VerifyControllerAttachedVolume operation started for volume "kubernetes.io/aws-ebs/aws://us-east-1b/vol-e433bf30" (spec.Name: "pvc-a494d9f4-a1d7-11e6-80f0-12eeb6a0f22c") pod "a4f236e7-a1d7-11e6-8
<Response>
<Say voice="alice">Hello, this is hcOS. I am calling Casey to verify some allergies. Are you alergic to apples?</Say>
<Play>http://demo.twilio.com/docs/classic.mp3</Play>
</Response>
@stevesloka
stevesloka / gist:2b409cc549f9c3a1468db22d4e61649a
Created August 11, 2016 13:48
selinux - coreos 899.15.0
core@ip-10-0-70-51 ~ $ cat /etc/selinux/config
# This file controls the state of SELinux on the system on boot.
# SELINUX can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE can take one of these four values: