Instantly share code, notes, and snippets.

Working on App Mesh guide

Tony Pujals subfuzion

View GitHub Profile

Sample template (greeting.tpl) for testing with subfuzion/envtpl. Note that the template pipes to the title function, which will convert the value of $USER in your shell to initial uppercase (ex: tony => Tony).

Make sure you click the Raw button for greeting.tpl to get the correct link.



The Istio docs provide comprehensive instructions for setting up Istio for a variety of environments. You will want to refer to them to understand the variety of configuration options and for more in depth explanations for the related topics. The following are concise notes based on my own experience running Istio using Docker for Mac with Kubernetes enabled, and basically meant to be a guide for demo purposes. Others may find this streamlined format useful as well.

Warning: the official docs for 0.8.0 are not entirely up-to-date. In particular, there are a number of errors in the Telemetry section. The steps in this guide have been verified to work.

To keep this concise, the setup is based on installing Istio

  • without using Helm
  • without mutual TLS between sidecars
  • with automatic sidecar injection


For Voting App

Need MySQL queries for the following:

  1. Statement: create voter. Register a unique username of reasonable lengths (3-64 characters, such as "tonypujals" and password to be able to vote. Password field will store bcrypt-encrypted strings, specifically:
  • CHAR(60)
  • CHARACTER SET latin1
  • COLLATE latin1_bin

Here's an example of how to debug Mocha v4 if it hangs.

Ensure you're using a Node.js 8 or newer (or any version with async_hooks support).

If you run your test, you'll notice it hangs:

$ mocha test.js

Keybase proof

I hereby claim:

  • I am subfuzion on github.
  • I am subfuzion ( on keybase.
  • I have a public key ASDaezjPtNiBGf-CDL4gmWviZ8RURHuHmO_ALSNAKopREgo

To claim this, I am signing this object:



This gist is based on the information available at golang/dep, only slightly more terse and annotated with a few notes and links primarily for my own personal benefit. It's public in case this information is helpful to anyone else as well.

I initially advocated Glide for my team and then, more recently, vndr. I've also taken the approach of exerting direct control over what goes into vendor/ in my Dockerfiles, and also work from isolated GOPATH environments on my system per project to ensure that dependencies are explicitly found under vendor/.

At the end of the day, vendoring (and committing vendor/) is about being in control of your dependencies and being able to achieve reproducible builds. While you can achieve this manually, things that are nice to have in a vendoring tool include:


This is a simplified makefile for making it easy to to rebuild whatever needs rebuilding when touching any of the protocol buffer files or other source files for either the server or the cli.

For convenience, I use an alias:

$ alias m="make -f amp.makefile"

Then I just invoke m to make all, and then m deploy to update the stack, then restart logs in another terminal (docker service logs -f amplifier_amplifier).


Secrets Example


In this example, you will create a pair of x.509 certificates for the public and private keys to encrypt and decrypt messages.

You will then create a compose file for a service that you will configure with the private key. You will encrypt messages using the public key, then send the encrypted messages to the service.

# Source:
command_exists() {
command -v "$@" > /dev/null 2>&1
sh_c='sh -c'
if [ "$user" != 'root' ]; then
if command_exists sudo; then
We couldn’t find that file to show.