aleks aleks-mariusz

Automating things in software development is more than useful and using Ansible is one way to automate software provisioning, configuration management, and application deployment. Normally you would install Ansible to your control node just like any other application but an alternate strategy is to deploy Ansible inside a standalone Docker image. But why would you do that? This approach has benefits to i.a. operational processes.

Although Ansible does not require installation of any agents within managed nodes, the environment where Ansible is installed is not so simple to setup. In control node it requires specific Python libraries and their system dependencies. So instead of using package manager to install Ansible and it’s dependencies we just pull a Docker image.

By creating an Ansible Docker image you get the Ansible version you want and isolate all of the required dependencies from the host machine which potentially might break things in other area

Overview

The steps below bootstrap an instance of airflow, configured to use the kubernetes airflow executor, working within a minikube cluster.

This guide works with the airflow 1.10 release, however will likely break or have unnecessary extra steps in future releases (based on recent changes to the k8s related files in the airflow source).

Prerequisites

Docker installed
Minikube installed and started

Problem

Verizon Wireless assigns you ONE IPv4 address and ONE /64 IPv6 prefix for their cellular service, and VZW would reset your datalink once they received 1 packet with an illegal source address.

We have NAT for IP but for IPv6 we would like to avoid address translation to get some kind of end-to-end communication.

Solution

NPTv6, defined in RFC6296, would help us to do stateless prefix translation for IPv6.

Fluent-bit rocks

A short survey of log collection options and why you picked the wrong one. 😜

Who am I? Where am I from?

I'm Steve Coffman and I work at Ithaka. We do JStor (academic journals) and other stuff. How big is it?

Number	what it means
101,332,633	unique visitors in 2017

TDP and Turbo Parameter Modification with MSR on Non-Overclockable CPUs

Disclaimer

Modifying MSR may void your CPU's (or system board's) warranty. Proceed with caution. I am not responsible for any damage caused by this article.
MSR addresses vary significantly between CPUs. Check your CPU's MSR address using Intel's documentation.
This has only been tested on the Intel i7-8550U (Kaby Lake R).
This article is a translation of this article. If you can read Korean, I recommend reading that article instead.

	# Self-signed server certificates

	Strongswan 5.6.2
	Mac OS X 10.14.2 / Windows 7 / Windows 10

	Without doing anything MacOS X VPN error: User Authentication failed.
	After adding ca.crt and setting IP Security (IPSec) to "Always Trust", VPN connection works.
	After adding ca.crt also works for Windows 7 and Windows 10.

	# CA

	# Example of using an InitContainer in place of a GitRepo volume.
	# Unilke GitRepo volumes, this approach runs the git command in a container,
	# with the associated hardening.
	apiVersion: v1
	kind: Pod
	metadata:
	name: git-repo-demo
	annotations:
	seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
	spec:

	#!/bin/bash

	IMAGE="gcr.io/google-containers/ubuntu-slim:0.14"
	COMMAND="/bin/bash"
	SUFFIX=$(date +%s \| shasum \| base64 \| fold -w 10 \| head -1 \| tr '[:upper:]' '[:lower:]')

	usage_exit() {
	echo "Usage: $0 [-c command] [-i image] PVC ..." 1>&2
	exit 1
	}