I hereby claim:
- I am ams0 on github.
- I am avozza (https://keybase.io/avozza) on keybase.
- I have a public key whose fingerprint is B10E C607 72E9 459D 6B5A 7D84 BEE1 E1EE 7CE6 4FD5
To claim this, I am signing this object:
ams0
/ Pod and node metadata AKS.txt
Created
March 3, 2020 14:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Every pod can do (https://github.com/cloudbooster/Azure-Instance-Metadata/blob/master/Instance-Metadata.md): | |
| curl -H Metadata:true http://169.254.169.254/metadata/instance?api-version=2017-03-01 | |
| and get info on the node etc, even identity | |
| az vmss identity assign -g MC_K8S_NFS_WESTEUROPE -n aks-base-11322803-vmss | |
| curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F' -H Metadata:true -s |
ams0
/ fluentd-es.yaml
Created
February 8, 2020 12:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: apps/v1 | |
| kind: DaemonSet | |
| metadata: | |
| name: fluentd-elasticsearch | |
| namespace: kube-system | |
| labels: | |
| k8s-app: fluentd-logging | |
| version: v1 | |
| spec: | |
| selector: |
ams0
/ es-kibana.yaml
Created
February 8, 2020 11:38
Install Kibana+ES (first, run `kubectl apply -f https://download.elastic.co/downloads/eck/1.0.0/all-in-one.yaml`
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: elasticsearch.k8s.elastic.co/v1 | |
| kind: Elasticsearch | |
| metadata: | |
| name: es | |
| spec: | |
| version: 7.5.2 | |
| nodeSets: | |
| - name: default | |
| count: 3 | |
| volumeClaimTemplates: |
ams0
/ keybase.md
Created
December 25, 2019 09:51
Welcome to my landing page for my Gistlog; I've been experimenting with blogging platforms for a while but I think I found my Nirvana. Stay tuned!
ams0
/ aks_privatecluster_dns.sh
Created
December 12, 2019 09:07
A simple script to extract the private DNS IP for an AKS private cluster
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| βββ#/bin/bash | |
| #AKS private clusters | |
| #Setup VPN gw with OpenVPN | |
| rg=k8s | |
| clustername=private | |
| az aks get-credentials -g $rg -n $clustername |
ams0
/ azuredevops_agents_in_aks
Created
November 25, 2019 21:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/Hyperfish/vsts-build.git | |
| vsts: | |
| enabled: true | |
| repository: microsoft/vsts-agent | |
| tag: "ubuntu-16.04-docker-18.06.1-ce-standard" | |
| replicaCount: 2 | |
| pullPolicy: IfNotPresent | |
| nodeSelector: {} |
ams0
/ AKS_MSI_CSI.sh
Created
November 18, 2019 00:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #to make this instruction work: https://github.com/kubernetes-sigs/azuredisk-csi-driver | |
| RG=k8s | |
| AKS=csi | |
| SUB=12c7e9d6-967e-40c8-8b3e-4659a4ada3ef | |
| #Create the AKS cluster - NOTE! you can't use AZ until https://github.com/kubernetes-sigs/azuredisk-csi-driver/issues/183 | |
| az aks create -k 1.15.5 --enable-managed-identity --load-balancer-sku Standard --network-plugin kubenet --network-policy calico -x -c 2 -s Standard_B4ms --nodepool-name base -g $RG -n $AKS |
ams0
/ remove_terminating_namespace.sh
Last active
November 13, 2019 08:13
How to terminate a namespae stuck in "Terminating" state by removing the Kubernetes finalizer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| NS=linkerd | |
| kubectl get ns $NS -o json > tmp.json | |
| sed -i '' '/kubernetes/d' tmp.json | |
| kubectl proxy & | |
| curl -k -H "Content-Type: application/json" -X PUT --data-binary @tmp.json http://127.0.0.1:8001/api/v1/namespaces/$NS/finalize | |
| bg | |
| <ctrl-c> |
ams0
/ linkerd2_helm3.sh
Last active
July 21, 2020 10:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Deploy Linkerd2 with helm3 and certificates | |
| kubectl create ns linkerd | |
| kubectl label ns linkerd config.linkerd.io/admission-webhooks=disabled | |
| #brew install step | |
| step certificate create identity.linkerd.cluster.local ca.crt ca.key --profile root-ca --no-password --insecure | |
| step certificate create identity.linkerd.cluster.local issuer.crt issuer.key --ca ca.crt --ca-key ca.key --profile intermediate-ca --not-after 8760h --no-password --insecure | |
| #install helm3-rc from https://github.com/helm/helm/releases |