Skip to content

Instantly share code, notes, and snippets.

View alexeldeib's full-sized avatar

Ace Eldeib alexeldeib

131 followers · 20 following
View GitHub Profile
@alexeldeib
alexeldeib / demo.sh
Last active February 25, 2021 06:08
Vault panic on untrusted TLS certs
#!/usr/bin env bash
#
#
# I didn't run exactly this, but something very similar.
#
#
mkdir -p /etc/certs/vault
pushd /etc/certs/vault
cat << EOF > ca-config.json
@alexeldeib
alexeldeib / enumerate.sh
Created March 9, 2021 02:33
Enumerate AKS clusters IDs in all visible subs
#!/usr/bin/env bash
set -euo pipefail
set -x
SUBS="$(az account list --query [].id -o tsv)"
echo "$SUBS" | while read SUB; do
az account set -s "$SUB"
az aks list --query [].id -o tsv
done
@alexeldeib
alexeldeib / nginx.yaml
Created April 2, 2021 18:09
rbac with raw token demo
---
apiVersion: v1
kind: Namespace
metadata:
name: nginx
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: nginx-service-account
@alexeldeib
alexeldeib / manifests.yaml
Last active April 21, 2021 19:31
godemo manifests
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: couchbase
name: couchbase
spec:
replicas: 1
selector:
@alexeldeib
alexeldeib / do.sh
Created July 19, 2021 23:53
wget https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init
chmod +x rustup-init
./rustup-init -y -t x86_64-unknown-linux-gnu x86_64-unknown-linux-musl
echo "export PATH=\"/home/$(whoami)/.cargo/bin:$PATH\"" > "/home/$(whoami)/.bashrc"
export PATH="/home/$(whoami)/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
echo $PATH > "$(whoami)/.path"
rustup install stable
cargo install just --target x86_64-unknown-linux-gnu
@alexeldeib
alexeldeib / certs.sh
Last active August 16, 2021 22:25
Generate Root/Intermediate Certificate Authority + Serving and Client certificates with cfssl
#!/usr/bin/env bash
set -euo pipefail
echo "setting up"
WORKDIR="${1:-$(mktemp -d)}"
echo "setting up ${WORKDIR}"
pushd "$WORKDIR"
sudo apt update -y && sudo apt install -y apt-transport-https curl gnupg make gcc < /dev/null
@alexeldeib
alexeldeib / apply.sh
Last active September 9, 2021 15:36
AKS Kata Runtime Class Demo
#!/usr/bin/env bash
set -euo pipefail
kubectl apply -f rc.yaml
kubecyl apply -f nginx-kata.yaml
@alexeldeib
alexeldeib / devbox.sh
Last active June 23, 2022 12:00
devbox
#!/usr/bin/env bash
set -euo pipefail
#mdadm --stop /dev/md* || true
#umount /dev/md* || true
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get -o Dpkg::Options::="--force-confold" upgrade -q -y
apt-get -o Dpkg::Options::="--force-confold" dist-upgrade -q -y
@alexeldeib
alexeldeib / manifests.yaml
Last active September 22, 2021 14:27
AKS NP-Series FPGA setup
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: &name nsenter
labels:
app: *name
spec:
selector:
matchLabels:
app: *name
@alexeldeib
alexeldeib / simple.sh
Created September 25, 2021 18:18
No retry runtime k8s bootstrap (with some go templates)
#!/usr/bin/env bash
set -x
NODE_INDEX=$(hostname | tail -c 2)
NODE_NAME=$(hostname)
TENANT_ID={{GetVariable "tenantID"}}
KUBERNETES_VERSION={{GetParameter "kubernetesVersion"}}
KUBE_BINARY_URL={{GetParameter "kubeBinaryURL"}}
KUBEPROXY_URL={{GetParameter "kubeProxySpec"}}
APISERVER_PUBLIC_KEY={{GetParameter "apiServerCertificate"}}
SUBSCRIPTION_ID={{GetVariable "subscriptionId"}}