Skip to content

Instantly share code, notes, and snippets.

View xandout's full-sized avatar

xandout

3 followers · 3 following
View GitHub Profile
@xandout
xandout / README.md
Created April 9, 2024 20:18
Daily host OS updates for kubernetes nodes

Kubernetes DaemonSet: Automated YUM Security Updates

This Kubernetes DaemonSet, named yum-update, is designed to perform automatic security updates using YUM on nodes within a Kubernetes cluster. It leverages a privileged container to gain necessary system access, ensuring that your nodes are regularly updated with the latest security patches. This is particularly useful for maintaining the security and stability of your Kubernetes nodes without manual intervention.

Overview

  • DaemonSet Name: yum-update
  • Container Image: alexeiled/nsenter:2.38.1
  • Purpose: To automatically apply YUM security updates on each node in a Kubernetes cluster.
@xandout
xandout / README.md
Last active March 9, 2024 17:42
Kubernetes DaemonSet that enables a direct shell on each Node using SSH to localhost

Getting a shell on each node

I run several K8S cluster on EKS and by default do not setup inbound SSH to the nodes. Sometimes I need to get into each node to check things or run a one-off tool.

Rather than update my terraform, rebuild the launch templates and redeploy brand new nodes, I decided to use kubernetes to access each node directly.

Alternative option

https://github.com/alexei-led/nsenter

@xandout
xandout / gist:2d2ed75baf58e3d4097d67da84a9667b
Created February 15, 2024 14:34
restream error
66Third-party cookie will be blocked. Learn more in the Issues tab.
RcVCite_v00_04.js:463 RcVCite.cite() took 4 milliseconds to cite https://app.restream.io/settings/billing
RcVCite_v00_04.js:463 RcVCite.cite() took 0 milliseconds to cite https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fapp.restream.io%2Fsettings%2Fbilling&title=&referrer=https%3A%2F%2Frestream.io%2F&muid=4ad4106a-12fe-4008-8b27-825be2a02c34e1a6ff&sid=6d96ebac-d59b-471f-b76c-3d708a39a2f3ff1d8b&version=6&preview=false
main.59407c54.js:2
GET https://connect.facebook.net/en_US/fbevents.js net::ERR_BLOCKED_BY_CLIENT
(anonymous) @ index.js:58
y.run @ browser.js:153
d @ browser.js:123
@xandout
xandout / README.md
Last active November 22, 2023 21:12
Terraform Stateless

Create new resources each time terraform runs

This configuration will allow you to deploy resources many times in a row with no "stateful" behavior.

terraform apply
@xandout
xandout / hosts.csv.out
Created June 26, 2019 18:10
1561572401,horse-uat,Ubuntu,16,16.04,xenial
1561572405,moose-uat,Ubuntu,16,16.04,xenial
1561572408,duck-uat,Ubuntu,16,16.04,xenial
1561572413,goat-uat,Ubuntu,16,16.04,xenial
1561572415,horse-dev,Ubuntu,16,16.04,xenial
1561571759,moose-dev,Amazon,2016,NA,NA
1561572422,duck-dev,Ubuntu,16,16.04,xenial
1561572426,goat-dev,Ubuntu,14,14.04,trusty
@xandout
xandout / README.md
Created March 21, 2022 21:29
FFmpeg Utility Scripts

FFmpeg helpers

Requirements: ffmpeg 4.3+ for crossfade. All commands tested on 4.4.1-3ubuntu1+20.04

I think that it is required that all videos(maybe audios) need to be the same resolution, framerate and all that. For my use case this is solved by pixabay

My specific goal here is to be able to use a site such as https://pixabay.com videos and mp3s to make long form videos with multiple songs

Obviously, you don't have to use pixabay. You probably don't have to use mp4s or mp3s, untested but ffmpeg should be able to figure it out, the commands do not use any codec specific flags.

@xandout
xandout / full-k8s-deployment-with-ingress.yml
Created March 9, 2022 13:37
A bare example of a Deployment, Service and Ingress on Kubernetes
---
apiVersion: v1
kind: Service
metadata:
labels:
kubernetes.io/name: "fun-apache"
name: "fun-apache-svc"
namespace: "{{ namespace }}"
spec:
type: LoadBalancer # NodePort might work for your lab as well.
@xandout
xandout / README.md
Last active March 18, 2021 08:29
OpenVPN TOTP Auth

Script to use TOTP tokens as passwords for OpenVPN auth

The user will be prompted for a username and password.

The username is the client username and the password is generated by their MFA app such as Authy or Google Authenticator.

OpenVPN server config

Add the following flags to your OpenVPN server config

@xandout
xandout / TrelloHorizontalScroll.js
Last active February 23, 2021 16:54
Enable horizontal scrolling on Trello boards
//To create a bookmarklet just append javascript: to this code and set as the URL in a new bookmark
var el = document.getElementById('board');
el.className += " trello-scroll";
document.addEventListener("wheel", function(e){
var under = document.elementFromPoint(e.clientX, e.clientY);
if(hasClass(under, "list-wrapper") || hasClass(under, "trello-scroll")){
if((e.wheelDelta>0?"left":"right") == "right"){
el.scrollLeft += 10;
} else {
el.scrollLeft -= 10;
@xandout
xandout / README.md
Created December 15, 2020 18:58
MongoDB User Management

MongoDB User Management

This is a simple script that will keep the database users in sync with a defined JSON document.

My ultimate use case is in a K8S environment so the files will be templated and I will add and remove users from my databases that way.

This is the test rig and shows how to manage the creation, updating and deletion of MongoDB users.

Parts