vadirajks

sudo yum install epel-release
sudo yum install certbot-nginx
#if it is not working, follow the below steps:
sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip
sudo /opt/certbot/bin/pip install certbot certbot-nginx
sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
sudo certbot --nginx
sudo systemctl reload nginx

vadirajks

#!/bin/bash

# Get the hostname
host=$(hostname -i)

# Set the input variable based on the hostname
if [[ $host == *"172.16.25.137"* ]]; then
    input="m1=172.16.25.137:8001, s-m2=172.16.25.138:7001, s-m3=172.16.25.139:6001"
elif [[ $host == *"172.16.25.138"* ]]; then
    input="m2=172.16.25.138:8002, s-m1=172.16.25.137:7002, s-m3=172.16.25.139:6002"

vadirajks

#!/bin/bash
function list_folders_recursive {
    local folder="$1"
    
    # Fetch folder names
    local folders=$(gcloud resource-manager folders list --folder="$folder" --format="csv[no-heading](name)")
    
    # Check if folders is empty
    if [ -z "$folders" ]; then
        return

vadirajks

#!/bin/bash
#https://medium.com/@rakeshsaw/workload-identity-secured-way-to-access-google-cloud-apis-from-gke-workloads-44882ec5036a
#https://luandy-4171.medium.com/how-does-gke-workload-identify-work-with-iam-service-account-b996656284f8
#https://stackoverflow.com/questions/75948510/access-to-google-cloud-storage-from-an-autopilot-gke-cluster
#https://bijukunjummen.medium.com/gke-autopilot-and-workload-identity-a2732cf256de
#https://docs.ray.io/en/latest/cluster/kubernetes/user-guides/gke-gcs-bucket.html
# Set variables
CLUSTER_NAME="<YOUR_CLUSTER_NAME>"
PROJECT_ID="<YOUR_PROJECT_ID>"
NAMESPACE="default"  # Change if your workloads are deployed in a different namespace

vadirajks

DECLARE active_logical_price_per_gb NUMERIC DEFAULT 0.02;
DECLARE long_term_logical_price_per_gb NUMERIC DEFAULT 0.01;
DECLARE active_physical_price_per_gb NUMERIC DEFAULT 0.04;
DECLARE long_term_physical_price_per_gb NUMERIC DEFAULT 0.02;
WITH storage AS
(
  SELECT DISTINCT
    tb.table_schema AS dataset,
    tb.table_name,
    total_rows,

vadirajks

upstream fastcgi_backend {
     server  unix:/run/php/php7.4-fpm.sock;
}

server {
    server_name example.com;
    listen 127.0.0.1:8080;
    set $MAGE_ROOT /var/www/html/webfolder;
    fastcgi_buffers 16 16k; 
    fastcgi_buffer_size 32k;

vadirajks

{
 graphitePort: 2003,
 graphiteHost: "graphite",
 port: 8125,
 mgmt_adress: "127.0.0.1",
 mgmt_port: 8126,
 backends: [ "./backends/graphite" ],
 graphite: {
   legacyNamespace: false,
   globalPrefix: "stats",

vadirajks

#!/bin/bash
project_name="Project-ID"
echo -e "project_id,dataset_id,table_id,creation_time,last_modified_time,row_count,size_mb,size_gb,type,partiton,partition_expiration_days,cluster_key" > /tmp/bq_out.csv
for dataset in $(bq ls|tail -n +3); do
bq query --format=csv --use_legacy_sql=false '
SELECT
  t1.project_id as project_id,
  t1.dataset_id as dataset_id ,
  t1.table_id as table_id,
  TIMESTAMP_MILLIS(t1.creation_time) AS creation_time,

vadirajks

GKE ingress in a nutshell

• https://medium.com/google-cloud/ingress-in-google-kubernetes-products-f22ded21f4ed

Solution #1 (ManagedCertificate CRD in GKE)

• GKE with Google-managed SSL certificates
  • Use ManagedCertificate CRD to create a object.
  • Associate the ManagedCertificate object to an Ingress by adding an annotation networking.gke.io/managed-certificates to the Ingress. This annotation is a comma-separated list of ManagedCertificate resources, cert1,cert2,cert3 for example.

Solution #2 (Google Cloud SSL Certificate)

Assumption

vadirajks

• VARS Operations

  • Create dict based on dict
  • Create List of public IPs of the ansible control host

• Template Operations

• Tasks Operations

• DigitalOcean

  • Ensure SSH KEY of Ansible Control Machine exists at DigitalOcean

• Hosts Operations