Skip to content

Instantly share code, notes, and snippets.

View yogeek's full-sized avatar

Guillaume Dupin yogeek

View GitHub Profile
@yogeek
yogeek / Dockerfile
Last active February 16, 2024 08:32
Gosu usage in Docker
FROM ubuntu
RUN apt-get install ...
# grab gosu for easy step-down from root
ENV GOSU_VERSION 1.10
RUN set -x \
&& curl -sSLo /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \
&& curl -sSLo /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \
&& export GNUPGHOME="$(mktemp -d)" \
@yogeek
yogeek / README.md
Last active January 1, 2024 19:40 — forked from figaw/README.md
Setup for labs.play-with-k8s

From 0 to 100 w/ one command and 4ish minutes, in labs.k8s

tl;dr

  1. Click the raw button to get the raw-url of the fig-play-with-k8s.sh-file and, in a VM from labs.play-with-k8s.com,
  2. Run bash -x <( curl -L url-to-raw-gist )
  3. Copy the "blue-port-url" and change http to https
  4. Goto url in Firefox

e.g. bash -x &lt;( curl -L https://gist.github.com/yogeek/e0dc5e16e158815e7bbb77b896cad3c6/raw/fig-play-with-k8s.sh )

@yogeek
yogeek / ec2-nodeclass.yaml
Last active November 22, 2023 19:09
karpenter
# https://karpenter.sh/v0.32/concepts/nodeclasses/
apiVersion: karpenter.k8s.aws/v1beta1
kind: EC2NodeClass
metadata:
name: default
spec:
# required, resolves a custom ami and userdata
# (otherwise the user-data from this file will be merged with the default user-data of the amiFamily)
amiFamily: Custom
registry=# select * from schedule;
id | creation_time | update_time | vendor_type | vendor_id | cron | callback_func_name | callback_func_param | cron_type | extra_attrs | revision
-----+----------------------------+----------------------------+-------------------------+-----------+---------------+-------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------+--------------------------+------------
296 | 2023-04-25 08:30:21.377146 | 2023-04-25 08:30:21.377146 | RETENTION | 35 | 0 0 0 * * * | RETENTION | {"PolicyID":35,"Trigger":"Schedule"}
@yogeek
yogeek / manifest.yaml
Last active May 17, 2023 15:11
k8s-echoserver
apiVersion: apps/v1
kind: Deployment
metadata:
name: echoserver
labels:
app: echoserver
spec:
replicas: 1
selector:
matchLabels:
@yogeek
yogeek / glow.md
Last active May 15, 2023 21:38
Charm.sh

Glow

https://github.com/charmbracelet/glow

Install

# for now we use a forked version of the official plugin to fix an issue (https://github.com/chessmango/asdf-glow/pull/1)
asdf plugin install https://github.com/yogeek/asdf-glow/
asdf install glow latest
@yogeek
yogeek / AWSContainerDay.txt
Created April 18, 2023 16:58
KubeCon EU 2023
AWS Container Day
https://aws-kubecon-eu.splashthat.com/
-------------------
VPC Lattice
- https://aws.amazon.com/fr/blogs/aws/introducing-vpc-lattice-simplify-networking-for-service-to-service-communication-preview/
- https://aws.amazon.com/blogs/networking-and-content-delivery/build-secure-multi-account-multi-vpc-connectivity-for-your-applications-with-amazon-vpc-lattice/
- https://aws.amazon.com/blogs/containers/introducing-aws-gateway-api-controller-for-amazon-vpc-lattice-an-implementation-of-kubernetes-gateway-api/
New K8S registry : https://kubernetes.io/blog/2022/11/28/registry-k8s-io-faster-cheaper-ga/
@yogeek
yogeek / ranked_failures_by_ns.sh
Created April 13, 2023 13:59
Kyverno reports
#!/usr/bin/env bash
declare -A failures
failures=()
for ns in $(kubectl get ns -l owner!="gtp" -o name)
do
NS=$(echo $ns | cut -d'/' -f2)
if [[ "$(kubectl get polr -n $NS 2>/dev/null | wc -l)" != "0" ]]
then
@yogeek
yogeek / calico-node.log
Created October 27, 2022 09:32
Calico-node issue with node local cache DNS
This file has been truncated, but you can view the full file.
calico-node-vgs4z calico-node 2022-10-27 08:14:45.911 [INFO][22] startup/startup.go 427: Early log level set to info
calico-node-vgs4z calico-node 2022-10-27 08:14:45.911 [INFO][22] startup/utils.go 127: Using NODENAME environment for node name ip-10-215-103-50.eu-central-1.compute.internal
calico-node-vgs4z calico-node 2022-10-27 08:14:45.911 [INFO][22] startup/utils.go 139: Determined node name: ip-10-215-103-50.eu-central-1.compute.internal
calico-node-vgs4z calico-node 2022-10-27 08:14:45.911 [INFO][22] startup/startup.go 94: Starting node ip-10-215-103-50.eu-central-1.compute.internal with version v3.24.3
calico-node-vgs4z calico-node 2022-10-27 08:14:46.145 [INFO][22] startup/startup.go 432: Checking datastore connection
calico-node-vgs4z calico-node 2022-10-27 08:14:46.257 [INFO][22] startup/startup.go 456: Datastore connection verified
calico-node-vgs4z calico-node 2022-10-27 08:14:46.258 [INFO][22] startup/startup.go 104: Datastore is ready
@yogeek
yogeek / sopssecret-cert-template.txt
Created October 12, 2022 07:58
Template k8s manifest with yq
$ cat /tmp/cert.pem
-------BEGIN CERTIFICATE-------
asdoqijepoqjwe1i49i120941p2j4omslasdajsdqweqwe
qwelqjwkasdlajsölkjasldkjakljsdlkjasdasdpiqwe
-------END CERTIFICATE--------
$ CERT=$(cat /tmp/cert.pem)
$ cat /tmp/test0.yaml
apiVersion: isindir.github.com/v1alpha2