#Backup your github account
install the NPM package "repos"
npm install -g reposget a list of all your repos
ams0
/ backup-github.md
Last active
January 12, 2021 13:11
Backup your Github account and start over
ams0
/ auditpolicy-kube-apiserver.yaml
Created
January 10, 2021 03:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ... | |
| spec: | |
| containers: | |
| - command: | |
| - kube-apiserver | |
| - --audit-policy-file=/etc/kubernetes/audit-policy.yaml | |
| - --audit-log-path=/var/log/audit.log | |
| - --audit-log-maxsize=10 | |
| - --audit-log-maxbackup=7 |
ams0
/ check_storage_account_public_access_containers.sh
Last active
January 7, 2021 01:03
Checks the current subscription for public access containers in all storage accounts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| red=`tput setaf 1` | |
| reset=`tput sgr0` | |
| subscription=$(az account show -o tsv --query id) | |
| echo "Checking subscription $subscription" | |
| for account in `az storage account list -o tsv --query [].name` |
ams0
/ kubenet-azurecni-comparison.txt
Last active
December 28, 2020 16:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Kubenet vs AzureCNI for Cilium investigation | |
| az aks create -k 1.19.3 --enable-managed-identity -g k8s --network-plugin kubenet -s Standard_B4ms -c 2 -n kubenet --no-wait | |
| az aks create -k 1.19.3 --enable-managed-identity -g k8s --network-plugin azure -s Standard_B4ms -c 2 -n cilium --no-wait | |
| AzureCNI | |
| # cat /etc/systemd/system/kubelet.service | |
| [Unit] | |
| Description=Kubelet | |
| ConditionPathExists=/usr/local/bin/kubelet |
ams0
/ kubeadm-containerd-audit.md
Last active
January 29, 2021 13:36
First, we'll need a VM. In one simple command, you can create a VM in azure and pass a cloud-init script that will install containerd and kubeadm, and will deploy a single node Kubernetes cluster:
wget https://gist.githubusercontent.com/ams0/0e57d15d53782c2c2259cce8545caa70/raw/d4e0686e4dc068ea146717af5d5a7be3dab97a4c/kubeadm-containerd.sh
az group create -n cks
az vm create -g cks -n cks --image UbuntuLTS --ssh-key-values ~/.ssh/id_rsa.pub --admin-username cks --size Standard_B4ms --custom-data kubeadm-containerd.sh
ams0
/ azure-vote-all.yaml
Created
December 23, 2020 22:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: azure-vote-back | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: azure-vote-back | |
| template: |
ams0
/ kubeadm-containerd.sh
Last active
December 22, 2020 23:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Install kubeadm with containerd https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ & https://kubernetes.io/docs/setup/production-environment/container-runtimes/ | |
| #Prepare system for containerd | |
| cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf | |
| overlay | |
| br_netfilter | |
| EOF |
ams0
/ ## CKS notes December 2020.md
Last active
November 12, 2021 10:51
ams0
/ simple-ingress-nginx.yaml
Created
December 17, 2020 22:00
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| labels: | |
| run: nginx | |
| name: nginx | |
| namespace: default | |
| spec: | |
| containers: | |
| - image: nginx |
ams0
/ GlobalNetworkPolicy-blockmetadata.yaml
Last active
December 11, 2020 11:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: crd.projectcalico.org/v1 | |
| kind: GlobalNetworkPolicy | |
| metadata: | |
| name: default-deny | |
| spec: | |
| selector: all() | |
| types: | |
| - Egress | |
| egress: | |
| - action: Deny |