Skip to content

Instantly share code, notes, and snippets.

View vancluever's full-sized avatar

Chris Marchesi vancluever

95 followers · 4 following
View GitHub Profile
@vancluever
vancluever / kvm-vhost-vs-userspace.md
Created March 9, 2023 20:42
KVM vhost-net vs userspace networking

KVM - vhost-net vs Userspace Host CPU Performance Comparison

I've been kicking the tires recently on a new KVM server I'm using for a home lab, and one of the things I've been investigating recently is network optimization in the guest.

Being especially anal about it and during my investigation of whether or not I could reasonably fix an approximately 500usec latency difference between pinging the guest and host, I started to look into making sure vhost-net was enabled on my rudimentary and extremely minimal KVM host running Alpine Linux. After ultimately getting it set up and finding the same latency, I wanted to see where the real value laid with having this setup on what will ultimately still be a not-so-busy low-end machine. I found some interesting results!

TL;DR: at the very least, vhost-net will save you a decent amount of CPU. Read on!

The test setup

@vancluever
vancluever / verify.sh
Created January 24, 2023 01:50
MacOS Notarization Script
#!/usr/bin/env sh
spctl -a -vv "$1" && codesign --test-requirement="=notarized" --verify --verbose "$1" && codesign -dv --verbose=4 "$1"
@vancluever
vancluever / .envrc
Created December 15, 2022 02:37
Direnv for project node_modules
layout node
@vancluever
vancluever / tolower.sh
Created August 24, 2022 15:59
tolower alias
alias tolower='tr '\''[:upper:]'\'' '\''[:lower:]'\'''
@vancluever
vancluever / HOMEBREW-OLD.md
Last active February 28, 2022 18:01
Installing old versions of Homebrew packages
@vancluever
vancluever / lsnet.sh
Created June 9, 2021 17:59
List open network sockets using lsof on MacOS
#!/bin/sh
lsof -Pni
@vancluever
vancluever / macos-verify.sh
Created April 2, 2021 02:18
Validate MacOS Binary's Signature/Notarization Status
#!/usr/bin/env sh
spctl -a -vv "$1" && codesign --test-requirement="=notarized" --verify --verbose "$1" && codesign -dv --verbose=4 "$1"
@vancluever
vancluever / macos-big-sur-ssh-agent-local-no-disable-sip.md
Last active March 9, 2024 21:45
Run SSH Agent w/Modified Options (MacOS Big Sur, No Homebrew, No SIP Modification)

Run SSH Agent w/Modified Options (MacOS Big Sur, No Homebrew, No SIP Modification)

The following will show you how you can modify the startup options of the SSH agent supplied by MacOS in a non-invasive way. This can be useful for doing things like setting a key lifetime, which can then be used with AddKeysToAgent in your ~/.ssh/config to automate the timing out of saved keys. This ensures that your passphrase is re-asked for periodically without having to shutdown, re-log, or having it actually persisted in keychain, the latter being almost as bad as having no passphrase at all, given that simply being logged in is generally enough to then use the key.

This method does not modify the system-installed SSH agent service (com.openssh.ssh-agent), but rather duplicates its functionality into a user-installed launch agent where we can then modify the options. Modifying the system-installed service is becoming increasingly harder to do; SIP generally protects

@vancluever
vancluever / tfr-provider-downloads-ranked.sh
Last active June 3, 2021 20:39
Get Terraform Registry providers, sort by most downloads (use --community to get community providers only)
#!/usr/bin/env bash
getproviders() {
for (( PAGE=1; ; PAGE++ )); do
if [ "$1" == "--community" ]; then
DATA="$(curl -fs "https://registry.terraform.io/v2/providers?filter[tier]=community&page[number]=$PAGE")"
else
DATA="$(curl -fs "https://registry.terraform.io/v2/providers?page[number]=$PAGE")"
fi
@vancluever
vancluever / mixed_indent_hcl.go
Created April 26, 2018 21:15
HCL + Go mixed indentation example (vim-airline)
package main
import "fmt"
const fooBar = `
resource "foo" "bar" {
a = "b"
}
`