Skip to content

Instantly share code, notes, and snippets.

@PatrLind
PatrLind / protect-kube-config.md
Created April 26, 2021 08:43
How to protect your ~/.kube/ configuration

How to protect your ~/.kube/ configuration

I had a need to protect my Kubernetes config file on my computer against accidental or malicious change or reading, so I came up with this way of protecting the config files.

How it works

The ~/.kube folder is mounted using encfs. By using the --ondemand flag it will automatically ask for the encryption key/password when accessed and keep

@f41gh7
f41gh7 / api-server.yaml
Last active August 21, 2023 10:31
vm operator configuration examples
apiVersion: operator.victoriametrics.com/v1beta1
kind: VMServiceScrape
metadata:
name: apiserver
namespace: monitoring-system
spec:
endpoints:
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
bearerTokenSecret:
key: ""
@hermanbanken
hermanbanken / kustomize_vars.md
Created November 22, 2020 13:11
Kustomize Vars example

This was initially posted in an kubernetes-sigs/kustomize issue.

We are using Kustomize's vars feature. Initially we didn't understand how to use it for our purpose, but it is a 100% fit. One example is our Ingress resource, which looks like this:

# file: base/ingress.yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: services
# Config
terraform {
required_version = ">=0.12.0"
required_providers {
aws = ">= 2.0"
}
}
provider "aws" {
@svx
svx / delete-evicted-pods-all-namespaces.sh
Created August 15, 2018 12:45 — forked from psxvoid/delete-evicted-pods-all-namespaces.sh
Delete evicted pods from all namespaces (also ImagePullBackOff and ErrImagePull)
#!/bin/sh
# based on https://gist.github.com/ipedrazas/9c622404fb41f2343a0db85b3821275d
# delete all evicted pods from all namespaces
kubectl get pods --all-namespaces | grep Evicted | awk '{print $2 " --namespace=" $1}' | xargs kubectl delete pod
# delete all containers in ImagePullBackOff state from all namespaces
kubectl get pods --all-namespaces | grep 'ImagePullBackOff' | awk '{print $2 " --namespace=" $1}' | xargs kubectl delete pod
# delete all containers in ImagePullBackOff or ErrImagePull or Evicted state from all namespaces
@ipbastola
ipbastola / clean-up-boot-partition-ubuntu.md
Last active June 5, 2024 21:05
Safest way to clean up boot partition - Ubuntu 14.04LTS-x64, Ubuntu 16.04LTS-x64

Safest way to clean up boot partition - Ubuntu 14.04LTS-x64, Ubuntu 16.04LTS-x64

Reference

Case I: if /boot is not 100% full and apt is working

1. Check the current kernel version

$ uname -r 
apiVersion: v1
clusters:
- cluster:
certificate-authority: /home/tomas/.kube/ca
server: https://kubernetes
name: aws_kubernetes
contexts:
- context:
cluster: aws_kubernetes
user: aws_kubernetes
@JohnMorales
JohnMorales / close_docker_files.sh
Last active January 5, 2021 11:43
Closes leaked deleted and eventfd left by docker
#!/bin/bash
export PATH=/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin
docker_pid=$(cat /var/run/docker.pid)
gdb -p $docker_pid <<< "$( ls /proc/$docker_pid/fd -l --time-style=+'%s' | grep -E 'deleted' | awk '{ printf("p close(%s)\n", $7)}')" >/dev/null
#closing evenfds that do not have a corresponding memory.oom_control
eventfds="$(for eventfd in $(ls /proc/$docker_pid/fd -l --time-style=+'%s' | grep -E 'eventfd'| awk '{print $7}'); do
memory_pid=$((eventfd - 1))
@alexedwards
alexedwards / gist:dc3145c8e2e6d2fd6cd9
Last active May 28, 2024 20:35
Example of working with Go's database/sql and NULL fields
CREATE TABLE books (
isbn char(14) NOT NULL,
title varchar(255),
author varchar(255),
price decimal(5,2)
);
INSERT INTO books (isbn, title, author, price) VALUES
('978-1503261969', 'Emma', 'Jayne Austen', 9.44),
('978-1514274873', 'Journal of a Soldier', NULL, 5.49),
@eeichinger
eeichinger / jenkins_list_git_tags_and_branches.groovy
Created March 25, 2014 13:35
Groovy script to list git tags and branches using jenkins' Dynamic Choices Parameter plugin
def gettags = ("git ls-remote -t -h ssh://jenkins@<mygitpath>/repo/some.git feature/*").execute()
return gettags.text.readLines()
.collect { it.split()[1].replaceAll('refs/heads/', '') }
.unique()
.findAll { it.startsWith('<some more pattern>') }