Skip to content

Instantly share code, notes, and snippets.

😩
knowledge

Koichi Shiraishi zchee

😩
knowledge
Block or report user

Report or block zchee

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@zchee
zchee / ANSI.md
Created Feb 13, 2020 — forked from fnky/ANSI.md
ANSI Escape Codes
View ANSI.md

ANSI Escape Sequences

Standard escape codes are prefixed with Escape:

  • Ctrl-Key: ^[
  • Octal: \033
  • Unicode: \u001b
  • Hexadecimal: \x1b
  • Decimal: 27
@zchee
zchee / spinnaker-rbac.yaml
Created Dec 10, 2019 — forked from rantav/spinnaker-rbac.yaml
Kubernetes RBAC for Spinnaker
View spinnaker-rbac.yaml
# Authorize read-write in the default namespace. Add this Role and the below RoleBinding to every namespace spinnaker deploys artifacts to
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: spinnaker-role
namespace: default
rules:
- apiGroups: [""]
resources: ["namespaces", "events", "replicationcontrollers", "serviceaccounts", "pods/logs"]
@zchee
zchee / disable.sh
Created Dec 5, 2019 — forked from pwnsdx/disable.sh
Disable bunch of #$!@ in Catalina
View disable.sh
#!/bin/bash
# IMPORTANT: Don't forget to logout from your Apple ID in the settings before running it!
# IMPORTANT: You will need to run this script from Recovery. In fact, macOS Catalina brings read-only filesystem which prevent this script from working from the main OS.
# This script needs to be run from the volume you wish to use.
# E.g. run it like this: cd /Volumes/Macintosh\ HD && sh /Volumes/Macintosh\ HD/Users/sabri/Desktop/disable.sh
# WARNING: It might disable things that you may not like. Please double check the services in the TODISABLE vars.
# Get active services: launchctl list | grep -v "\-\t0"
# Find a service: grep -lR [service] /System/Library/Launch* /Library/Launch* ~/Library/LaunchAgents
@zchee
zchee / go_1.13_error_migration.bash
Created Oct 16, 2019 — forked from Peltoche/go_1.13_error_migration.bash
Go 1.13 error format migration script
View go_1.13_error_migration.bash
#!/bin/bash
FILES=$@
echo "Migrate: $FILES"
sed -i "s/errors.Wrapf(\(.*\), \"\(.*\)\", \(.*\))/fmt.Errorf(\"\2: %w\", \3, \1)/g" $FILES
sed -i "s/errors.Wrap(\(.*\), \"\(.*\)\")/fmt.Errorf(\"\2: %w\", \1)/g" $FILES
sed -i "s/errors.Errorf/fmt.Errorf/g" $FILES
goimports -w .
View Kubernetes Master Nodes Backup for Kops on AWS - A step-by-step Guide.md

Kubernetes Master Nodes Backup for Kops on AWS - A step-by-step Guide

For those who have been using kops for a while should know the upgrade from 1.11 to 1.12 poses a greater risk, as it will upgrade etcd2 to etcd3.

Since this upgrade is disruptive to the control plane (master nodes), although brief, it's still something we take very seriously because nearly all the Buffer production services are running on this single cluster. We felt a more thorough backup process than the currently implemented Heptio Velero was needed.

To my surprises, my Google searches didn't yield any useful result on how to carry out the backup steps. To be fair, there are a few articles that are specifically for backing up master nodes created by kubeedm but nothing too concrete for `kop

@zchee
zchee / kubectl-root-in-host-nopriv.pks.sh
Created Sep 9, 2019 — forked from jjo/kubectl-root-in-host-nopriv.pks.sh
Yeah. Get a root shell at any Kubernetes *node* via `privileged: true` + `nsenter` sauce. PodSecurityPolicy will save us. DenyExecOnPrivileged didn't (kubectl-root-in-host-nopriv.sh exploits it)
View kubectl-root-in-host-nopriv.pks.sh
#!/bin/sh
# Launch a Pod ab-using a hostPath mount to land on a Kubernetes node cluster as root
# without requiring `privileged: true`, in particular can abuse `DenyExecOnPrivileged`
# admission controller.
# Pod command in turn runs a privileged container using node's /var/run/docker.sock.
#
# Tweaked for PKS nodes, which run their docker stuff from different
# /var/vcap/... paths
node=${1}
case "${node}" in
@zchee
zchee / foo.md
Created Jul 31, 2019 — forked from sdstrowes/foo.md
Reverse Engineering the Speedtest.net Protocol, Gökberk Yaltıraklı
View foo.md

Source: https://web.archive.org/web/20141216073338/https://gkbrk.com/blog/read?name=reverse_engineering_the_speedtest_net_protocol Author: Gökberk Yaltıraklı

Reverse Engineering the Speedtest.net Protocol

After finishing my command line speed tester written in Rust, I didn't have a proper blog to document this process. A few days ago I wrapped up a simple blogging script in Python so hopefully it works good enough to explain how everything works.

By now I have already figured out the whole protocol for performing a speed test but I will write all the steps that I took so you can learn how to reverse engineer a simple protocol.

The code that I wrote can be found at https://github.com/gkbrk/speedtest-rust.

View The_Site_Reliability_Workbook.ch11.md

負荷の管理

  • 100%の時間 利用可能なサービスはない
    • 配慮のないクライアント
    • 50倍の要求
      • (訳注: 上記2つはPokemon Goのことでもある)
    • スラフィックのスパイク
    • 海底ケーブルの切断
  • 私達のサービスに依存するユーザーがいる
@zchee
zchee / hosts
Created Feb 23, 2017 — forked from consti/hosts
/etc/hosts to block shock sites etc.
View hosts
# This hosts file is brought to you by Dan Pollock and can be found at
# http://someonewhocares.org/hosts/
# You are free to copy and distribute this file for non-commercial uses,
# as long the original URL and attribution is included.
#<localhost>
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
255.255.255.255 broadcasthost
::1 localhost
View codecov.yml
codecov:
token: uuid # Your private repository token
url: "http" # for Codecov Enterprise customers
slug: "owner/repo" # for Codecov Enterprise customers
branch: master # override the default branch
bot: username # set user whom will be the consumer of oauth requests
ci: # Custom CI domains if Codecov does not identify them automatically
- ci.domain.com
- !provider # ignore these providers when checking if CI passed
# ex. You may test on Travis, Circle, and AppVeyor, but only need
You can’t perform that action at this time.