Suraj Deshmukh surajssd

## deploy-istio.sh
# download the release from https://istio.io/docs/setup/kubernetes/#downloading-the-release

cd ~/study/istio-setup/istio-1.2.2/
kubectl apply -f install/kubernetes/istio-demo-auth.yaml
kubectl get pods,svc -n istio-system
sleep 200
kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)
kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
kubectl apply -f samples/bookinfo/networking/destination-rule-all-mtls.yaml
kubectl get pods,svc

## deploytillerhelm.sh
start-minikube
kubectl apply -f https://raw.githubusercontent.com/kinvolk/terraform-render-bootkube/kinvolk-master/resources/manifests/psp-restricted.yaml
kubectl apply -f https://raw.githubusercontent.com/kinvolk/terraform-render-bootkube/kinvolk-master/resources/manifests/psp-privileged.yaml


kubectl --namespace kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller


## storageprovisioner.yaml
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  annotations:
    storageclass.beta.kubernetes.io/is-default-class: "true"
  labels:
    addonmanager.kubernetes.io/mode: EnsureExists
  name: standard
provisioner: k8s.io/minikube-hostpath

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                surajssd
                / keybase.md
            
            
              Created
              February 6, 2019 12:58
            
          
    Keybase proof

I hereby claim:

I am surajssd on github.
I am surajd (https://keybase.io/surajd) on keybase.
I have a public key ASB8i9JgXg7hQyCJZbvRL7BtgYjhzKacxHCdOVvGeOXJOQo

To claim this, I am signing this object:

  
## flatcar.ipxe
#!ipxe

set base-url https://stable.release.flatcar-linux.net/amd64-usr/current
kernel ${base-url}/flatcar_production_pxe.vmlinuz initrd=flatcar_production_pxe_image.cpio.gz flatcar.first_boot=1 flatcar.oem.id=packet console=ttyS1,115200n8
initrd ${base-url}/flatcar_production_pxe_image.cpio.gz
boot

## minikube.log
-- Logs begin at Tue 2019-01-15 07:46:21 UTC, end at Tue 2019-01-15 07:51:50 UTC. --
Jan 15 07:46:34 minikube systemd[1]: Started kubelet: The Kubernetes Node Agent.
Jan 15 07:46:34 minikube kubelet[2379]: Flag --cluster-dns has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
Jan 15 07:46:34 minikube kubelet[2379]: Flag --authorization-mode has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
Jan 15 07:46:34 minikube kubelet[2379]: Flag --client-ca-file has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
Jan 15 07:46:34 minikube kubelet[2379]

## vagrant-libvirt-passwordless.sh
sudo -i
echo "
[Allow vagrant libvirt management permissions]
Identity=unix-user:vagrant
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
" | tee /etc/polkit-1/localauthority/50-local.d/vagrant.pkla

## dotfiles-setup.sh
sudo dnf -y install git
mkdir ~/git
cd ~/git
git clone https://github.com/surajssd/dotfiles
cd dotfiles
./installers/install-configs.sh
./installers/install-local-bin.sh


## Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|

  config.vm.define "master" do |master|
    master.vm.box = "fedora/28-cloud-base"
    master.vm.hostname = "master"
    master.vm.network "private_network", ip: "192.168.50.10"
  end

## testing-psp.sh
echo "
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: privileged
  annotations:
    seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
spec:
  privileged: true
  allowPrivilegeEscalation: true
	# download the release from https://istio.io/docs/setup/kubernetes/#downloading-the-release

	cd ~/study/istio-setup/istio-1.2.2/
	kubectl apply -f install/kubernetes/istio-demo-auth.yaml
	kubectl get pods,svc -n istio-system
	sleep 200
	kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)
	kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
	kubectl apply -f samples/bookinfo/networking/destination-rule-all-mtls.yaml
	kubectl get pods,svc
	start-minikube
	kubectl apply -f https://raw.githubusercontent.com/kinvolk/terraform-render-bootkube/kinvolk-master/resources/manifests/psp-restricted.yaml
	kubectl apply -f https://raw.githubusercontent.com/kinvolk/terraform-render-bootkube/kinvolk-master/resources/manifests/psp-privileged.yaml


	kubectl --namespace kube-system create sa tiller
	kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
	helm init --service-account tiller
	---
	apiVersion: storage.k8s.io/v1
	kind: StorageClass
	metadata:
	annotations:
	storageclass.beta.kubernetes.io/is-default-class: "true"
	labels:
	addonmanager.kubernetes.io/mode: EnsureExists
	name: standard
	provisioner: k8s.io/minikube-hostpath
	#!ipxe

	set base-url https://stable.release.flatcar-linux.net/amd64-usr/current
	kernel ${base-url}/flatcar_production_pxe.vmlinuz initrd=flatcar_production_pxe_image.cpio.gz flatcar.first_boot=1 flatcar.oem.id=packet console=ttyS1,115200n8
	initrd ${base-url}/flatcar_production_pxe_image.cpio.gz
	boot
	-- Logs begin at Tue 2019-01-15 07:46:21 UTC, end at Tue 2019-01-15 07:51:50 UTC. --
	Jan 15 07:46:34 minikube systemd[1]: Started kubelet: The Kubernetes Node Agent.
	Jan 15 07:46:34 minikube kubelet[2379]: Flag --cluster-dns has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
	Jan 15 07:46:34 minikube kubelet[2379]: Flag --authorization-mode has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
	Jan 15 07:46:34 minikube kubelet[2379]: Flag --client-ca-file has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
	Jan 15 07:46:34 minikube kubelet[2379]
	sudo -i
	echo "
	[Allow vagrant libvirt management permissions]
	Identity=unix-user:vagrant
	Action=org.libvirt.unix.manage
	ResultAny=yes
	ResultInactive=yes
	ResultActive=yes
	" \| tee /etc/polkit-1/localauthority/50-local.d/vagrant.pkla
	sudo dnf -y install git
	mkdir ~/git
	cd ~/git
	git clone https://github.com/surajssd/dotfiles
	cd dotfiles
	./installers/install-configs.sh
	./installers/install-local-bin.sh
	# -- mode: ruby --
	# vi: set ft=ruby :
	Vagrant.configure("2") do \|config\|

	config.vm.define "master" do \|master\|
	master.vm.box = "fedora/28-cloud-base"
	master.vm.hostname = "master"
	master.vm.network "private_network", ip: "192.168.50.10"
	end
	echo "
	apiVersion: policy/v1beta1
	kind: PodSecurityPolicy
	metadata:
	name: privileged
	annotations:
	seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
	spec:
	privileged: true
	allowPrivilegeEscalation: true