- Clone kubernetes and cd to the repo
git clone kubernetes
cd kubernetes- Checkout to your target version, in this case we will check from
v1.35.0
Antonio Ojea aojea
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ref https://tailscale.com/kb/1207/small-tailscale | |
| git clone https://github.com/tailscale/tailscale.git | |
| # obtain the tags from the build_dist.sh --extra-small script | |
| # check the existing ones with go run ./cmd/featuretags --list | |
| TAGS=$(go run ./cmd/featuretags --min --add=osrouter,unixsocketidentity,useexitnode,clientupdate) | |
| # Use the corresponding architecture https://go.dev/wiki/GoMips |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # adb shell with root privileges to configure the android routing tables | |
| # In this case wlan1 is the hotspot interface and tun0 the vpn interface | |
| # use the vpn routing table for hotspot traffic | |
| ip rule add from all iif wlan1 lookup tun0 pref 17999 | |
| # allow traffic between VPN and hotspot | |
| iptables -I tetherctrl_FORWARD -i tun0 -o wlan1 -j RETURN | |
| iptables -I tetherctrl_FORWARD -i wlan1 -o tun0 -j RETURN |
aojea
/ zero_downtime_app.yaml
Created
November 2, 2025 22:05
KCD Porto 2025 - Achieving Zero-Downtime Deployments in Kubernetes"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: server-deployment | |
| labels: | |
| app: MyApp | |
| spec: | |
| replicas: 2 | |
| selector: | |
| matchLabels: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bpftrace | |
| #define AF_INET 2 | |
| #define AF_INET6 10 | |
| iter:tcp | |
| { | |
| $sk_common = ctx->sk_common; | |
| if ($sk_common == 0) { |
aojea
/ monitoring.yaml
Created
June 28, 2025 08:42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: monitoring | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: prometheus |
This document provides a hands-on guide to understanding how runtimes interacts with network devices and namespaces, focusing on the new "Network Devices" feature described in the OCI (Open Container Initiative) runtime specification. The feature is expected to be released in the version 1.3.0 of the OCI specification.
In high-level container orchestration systems like Kubernetes, the management of network namespaces and interfaces is handled by the [Container Runtime Interface
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # based on https://taozhi.medium.com/the-amazing-chroot-making-simply-ssh-to-each-nodes-in-kubernetes-a3448a665c95 | |
| # kubectl exec -it ssh-pod -- chroot /host /bin/bash | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: ssh-pod | |
| labels: | |
| app: ssh-pod | |
| spec: | |
| hostNetwork: true |
Network namespaces create isolated network stacks, including network devices, IP addresses, routing tables, rules , ... This separation is crucial for containerization.
Network namespaces also contain network devices that can live exactly on one network namespace:
physical network device can live in exactly one network namespace. When a network namespace is freed (i.e., when the last
aojea
/ kube-api-reviews-comments.py
Created
February 17, 2025 15:56
Download kubernetes PR api-review with code and comments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from pprint import pprint | |
| # Replace with your GitHub personal access token | |
| GITHUB_TOKEN = "----------------------" | |
| def search_pull_requests_with_label(repo, label): | |
| url = f"https://api.github.com/search/issues" | |
| query = f"repo:{repo} is:pr label:{label}" | |
| params = { |
NewerOlder