superbrothers

$ kubectl create token default >token

$ awk -F. '{print $2}' token
eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjYxMTcyMzc2LCJpYXQiOjE2NjExNjg3NzYsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJkZWZhdWx0Iiwic2VydmljZWFjY291bnQiOnsibmFtZSI6ImRlZmF1bHQiLCJ1aWQiOiI3OGZkNjM0MS0yMDUyLTQ5ZjYtOWViZC1hMWY0OTEyODBiMDQifX0sIm5iZiI6MTY2MTE2ODc3Niwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmRlZmF1bHQ6ZGVmYXVsdCJ9

$ awk -F. '{print $2}' token | base64 -d
{"aud":["https://kubernetes.default.svc.cluster.local"],"exp":1661172376,"iat":1661168776,"iss":"https://kubernetes.default.svc.cluster.local","kubernetes.io":{"namespace":"default","serviceaccount":{"name":"default","uid":"78fd6341-2052-49f6-9ebd-a1f491280b04"}},"nbf":1661168776,"sub":"system:serviceaccount:default:default"}

$ awk -F. '{print $2}' token | base64 -d | jq -r '.exp'
1661172376

superbrothers

v1.24.0

Documentation

Downloads for v1.24.0

Source Code

filename	sha512 hash

superbrothers

# based on https://github.com/kubermatic/kubeone/issues/1215#issuecomment-992471229
apiVersion: v1
kind: ConfigMap
metadata:
  name: metrics-proxy-config
  namespace: monitoring
data:
  haproxy.cfg: |
    defaults
      mode http

superbrothers

#!/usr/bin/env bash

set -e -o pipefail; [[ -n "$DEBUG" ]] && set -x

curl_opts=(--silent -L)
if [[ -n "$PAT" ]]; then
  curl_opts+=(-H "Authorization: token $PAT")
fi

cat | while read line; do

superbrothers

#!/usr/bin/env bash

# This is a strongSwan updown script that allows Docker containers to be
# accessed through IPSec VPN on the host.

set -e -o pipefail; [[ -n "$DEBUG" ]] && set -x

docker_addr_pools=( $(docker system info -f "{{range .DefaultAddressPools}}{{.Base}} {{end}}") )

case "$PLUTO_VERB" in

superbrothers

NLB + Envoy 負荷分散検証

TL;DR

• Envoy はデフォルトでは接続済みコネクションを無制限に保持するため、Envoy Deployment の更新などでコネクション数が一度偏ると長時間それが維持される
• Envoy max-connection-duration を用いて定期的にコネクションをクローズすることでコネクション数が分散する
  • gRPC クライアントはコネクションがクローズされると自動的に再接続する（Go クライアントの場合）
• アクティブなコネクションのクローズを避けたい場合は idle-timeout も使用できる

superbrothers

#!/bin/bash -e

# https://gist.github.com/superbrothers/23e159f722eebe2627a7d9ea34447457

#Set Variables
BTPATH=/boot/firmware
CKPATH="$BTPATH/vmlinuz"
DKPATH="$BTPATH/vmlinux"

#Check if compression needs to be done.

superbrothers

{
  "metadata": {
    "name": "event-exporter.162d26137f11b560",
    "namespace": "monitoring",
    "selfLink": "/api/v1/namespaces/monitoring/events/event-exporter.162d26137f11b560",
    "uid": "47d47d0a-719a-4629-82d9-36599a9ff17b",
    "resourceVersion": "2475",
    "creationTimestamp": "2020-08-21T02:01:47Z",
    "managedFields": [
      {

superbrothers

# HELP fluentbit_input_bytes_total Number of input bytes.
# TYPE fluentbit_input_bytes_total counter
fluentbit_input_bytes_total{name="systemd.0"} 572360 1597101884056
# HELP fluentbit_input_records_total Number of input records.
# TYPE fluentbit_input_records_total counter
fluentbit_input_records_total{name="systemd.0"} 510 1597101884056
# HELP fluentbit_output_errors_total Number of output errors.
# TYPE fluentbit_output_errors_total counter
fluentbit_output_errors_total{name="stdout.0"} 0 1597101884056
# HELP fluentbit_output_proc_bytes_total Number of processed output bytes.

superbrothers

# Create a minikube cluster
minikube start

# Install kubectl-debug_ns plugin
TMPDIR="$(mktemp -d)"
curl -L -o "${TMPDIR}/kubectl-debug_node" https://raw.githubusercontent.com/superbrothers/kubectl-plugins/master/kubectl-debug_node
chmod +x "${TMPDIR}/kubectl-debug_node"
export PATH="$TMPDIR:$PATH"

# Create a debugging pod for node/minikube