Skip to content

Instantly share code, notes, and snippets.

View StevenACoffman's full-sized avatar

Steve Coffman StevenACoffman

103 followers · 19 following
View GitHub Profile
@StevenACoffman
StevenACoffman / Continuous Delivery Ideas.md
Last active December 28, 2019 23:49
Continuous Delivery Ideas

Hackathon Requirements

In order to organize a hackathon, we have to describe:

  • What the hackathon is about
  • What the benefits are
  • How the results/benefits will be reported
  • then talk to the resource managers and product managers with that stuff

General Requirements

We want per-branch automatic k8s deploys in our staging environment. Each github branch of a repo has an instance of - running. Deployments self-destruct after 4 hours if the branch is not master. Anyone can trigger a new build with a comment on a pull request (or new commit).

@StevenACoffman
StevenACoffman / job_submit.py
Created July 25, 2018 01:22 — forked from kozikow/job_submit.py
Submiting job to kubernetes
import os
import re
import kubernetes
import logging
import math
from kubernetes.client import V1Container
from kubernetes.client import V1EnvVar
from kubernetes.client import V1Job
@StevenACoffman
StevenACoffman / cascade_delete.py
Created July 25, 2018 01:21 — forked from nomastmas/cascade_delete.py
script to reproduce pods not being deleted on job delete through python api client
from __future__ import unicode_literals
from time import sleep
import yaml
from kubernetes import client, config
from kubernetes.client.rest import ApiException
job_template = """
apiVersion: batch/v1
@StevenACoffman
StevenACoffman / job.yaml
Created July 22, 2018 23:41 — forked from alexellis/job.yaml
Use a Kubernetes Job and Kaniko to build an OpenFaaS function from Git
# Alex Ellis 2018
# Example from: https://blog.alexellis.io/quick-look-at-google-kaniko/
# Pre-steps:
# kubectl create secret generic docker-config --from-file $HOME/.docker/config.json
# Other potential optimizations (suggested by @errordeveloper)
# - Store "templates" in a permanent volume
# - Download source via "tar" instead of git clone
@StevenACoffman
StevenACoffman / estimate.md
Created July 13, 2018 16:42
Estimate.md

From Twitter by Doc Norton (@DocOnDev)

A: How long will it take to build this simple feature?
B: Well, how should this part work?
A: We don't know yet.
B: And in this situation...?
A: We don't know yet.
B: And Here?
A: We don't know yet.
@StevenACoffman
StevenACoffman / eks_authenticator.md
Last active June 28, 2018 21:42
EKS authenticator

From https://aws.amazon.com/blogs/opensource/integrating-ldap-ad-users-kubernetes-rbac-aws-iam-authenticator-project/

3. Configure Role Permissions via Kubernetes RBAC

At this point, we have set up Microsoft AD to control authentication to the AWS SSO user portal. We have also set up partial authorization by specifying which AD group has been assigned access to Account B (where the EKS cluster resides). However, access control (i.e., the level of permissions granted to the AD users) has not yet been specified. In this section, we will demonstrate how Kubernetes RBAC can be configured to define access control for AD users/groups via federation through an AWS IAM role.

Before proceeding with the steps below, be sure that that:

  1. You have a working Kubernetes cluster with worker nodes.
@StevenACoffman
StevenACoffman / argo_vs_brigade.md
Last active August 30, 2018 22:31
argo vs brigade

Argo vs. Brigade some of the key differences are

  • K8s CRD vs. javascript execution service

  • Declarative YAML vs. javascript

  • Argo has built-in artifact support for input/output handling

  • Argo does not have event handling yet (working on it :-)

    As of dec 2017

Argo vs Airflow

@StevenACoffman
StevenACoffman / prometheus notes.md
Created June 4, 2018 23:54
prometheus notes
@StevenACoffman
StevenACoffman / kubernetes_add_service_account_kubeconfig.sh
Last active November 1, 2019 21:12 — forked from innovia/kubernetes_add_service_account_kubeconfig.sh
Create a service account and generate a kubeconfig file for it - this will also set the default namespace for the service account, and RBAC
#!/bin/bash -e
# NOTE: CHANGE THE S3_PREFIX!!!
# Add user to k8s 1.6+ using service account, RBAC for jobs and extensions only
if [[ -z "$1" ]] || [[ -z "$2" ]];then
echo "usage: $0 <service-account> <namespace (stg|prod)>"
exit 1
fi
SERVICE_ACCOUNT_NAME=$1
@StevenACoffman
StevenACoffman / delete_unused_launch_configurations.sh
Last active May 15, 2018 20:41 — forked from brauliobo/delete_unused_launch_configurations.sh
Delete unused Launch Configuration. Based on http://www.markomedia.com.au/delete-launch-config-programatically-aws/
#!/bin/bash
# Check if a value exists in an array
# @param $1 mixed Needle
# @param $2 array Haystack
# @return Success (0) if value exists, Failure (1) otherwise
# Usage: in_array "$needle" "${haystack[@]}"
# See: http://fvue.nl/wiki/Bash:_Check_if_array_element_exists
in_array() {