Skip to content

Instantly share code, notes, and snippets.

View tsaarni's full-sized avatar

Tero Saarni tsaarni

45 followers · 0 following
  • Ericsson
  • Finland
  • 23:46 (UTC +02:00)
View GitHub Profile
@tsaarni
tsaarni / output.txt
Last active June 6, 2024 11:17
Testing local validation of Kubernetes tokens (Kubernetes as OIDC provider)
Fetching OIDC discovery endpoint from https://kubernetes.default.svc/.well-known/openid-configuration...
Fetching public keys from https://172.20.0.3:6443/openid/v1/jwks...
Validating the default service account token in the pod...
Token is valid!
Claims: {
"aud": [
"https://kubernetes.default.svc.cluster.local"
],
"exp": 1749207355,
"iat": 1717671355,
@tsaarni
tsaarni / echoserver.yaml
Created January 14, 2024 11:29
apiVersion: apps/v1
kind: Deployment
metadata:
name: echoserver
spec:
selector:
matchLabels:
app: echoserver
template:
metadata:
@tsaarni
tsaarni / README.md
Last active April 20, 2023 14:03
Step-by-step development tutorial: making a code change to Contour

Step-by-step development tutorial: making a code change to Contour and seeing live results

This tutorial is a step-by-step guide to making a small code change to Contour. It shows how to run Contour locally on your laptop and have it control Envoy(s) running in a Kind cluster. It allows for a very fast feedback cycle and easy debugging.

Preparation

Create a Kind cluster, for example by running:

@tsaarni
tsaarni / 00-readme.md
Last active October 4, 2022 19:17
Manual test procedure for slow start mode

Manual test procedure for slow start mode

This document describes manual test procedure for PR projectcontour/contour#4772

The test is executed by using k6. Additionally, it uses InfluxDB to record the performance test results and Grafana to visualize them.

Preparations

Spin up influxdb and grafana using docker-compose:

@tsaarni
tsaarni / timeout-server.py
Last active September 21, 2022 12:30
How to simulate TCP connect timeout
#!/bin/env python3
#
# This script can be used as a server when you need to test the handling of
# TCP connection establishment timeouts of your client.
#
# The protocol can be HTTP, HTTPS or just about anything else, since connection
# will never be established. It will hang in TCP handshake.
#
import socket
@tsaarni
tsaarni / kubernetes-debug-containers.md
Last active July 26, 2022 14:28

How to use debug containers

Following K8s feature-gate must be enabled in kind (kubeadm) config file to access the feature

featureGates:
  EphemeralContainers: true

First we start debug / emphemeral container and attach it to contour shutdown-manager container.

@tsaarni
tsaarni / gist:8ab8339b35d2067e31f9faf82fe2e39b
Created June 14, 2021 08:03
proto_print /tmp/tmpoyvg8bdx/b/envoy/api/v2/ratelimit/ratelimit.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/api/v2/core/health_check.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/api/v2/cluster/outlier_detection.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/admin/v2alpha/tap.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/api/v2/rds.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/api/v2/listener/udp_listener_config.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/api/v2/cluster/filter.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/admin/v2alpha/server_info.proto
proto_print /tmp/tmpoyvg8bdx/b/envoy/api/v2/listener/quic_config.proto
Please apply following patch to directory './api'
@tsaarni
tsaarni / upload-as-uncompressed.py
Last active June 9, 2021 17:39
Upload image to registry with uncompressed layers
#!/usr/bin/env python3
import os
import subprocess
import requests
import json
import gzip
import hashlib
SOURCE_IMAGE = 'docker://alpine:latest'
@tsaarni
tsaarni / 01-README.md
Last active September 5, 2023 04:56
Running Kubernetes with Kind
@tsaarni
tsaarni / README.md
Last active September 17, 2020 06:08
Manual test procedure for client cert authentication for backend TLS