Skip to content

Instantly share code, notes, and snippets.

View aojea's full-sized avatar

Antonio Ojea aojea

466 followers · 0 following
View GitHub Profile
@aojea
aojea / README.md
Last active April 2, 2025 00:09
Navigating Linux Network Namespaces and Interfaces

Navigating Linux Network Namespaces and Interfaces

Network namespaces create isolated network stacks, including network devices, IP addresses, routing tables, rules , ... This separation is crucial for containerization.

Network namespaces also contain network devices that can live exactly on one network namespace:

physical network device can live in exactly one network namespace. When a network namespace is freed (i.e., when the last

@aojea
aojea / kube-api-reviews-comments.py
Created February 17, 2025 15:56
Download kubernetes PR api-review with code and comments
import requests
from pprint import pprint
# Replace with your GitHub personal access token
GITHUB_TOKEN = "----------------------"
def search_pull_requests_with_label(repo, label):
url = f"https://api.github.com/search/issues"
query = f"repo:{repo} is:pr label:{label}"
params = {
@aojea
aojea / README.md
Last active January 9, 2025 18:25
Expose cluster domain to pods
@aojea
aojea / kindnet-gke.yaml
Last active January 14, 2025 17:47
Use kindnet in GKE
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kindnet
rules:
- apiGroups:
- ""
resources:
- nodes
@aojea
aojea / dump.go
Last active January 4, 2025 22:05
golang nftables dump go objects
package main
import (
"fmt"
"log"
"os"
"github.com/google/nftables"
)
@aojea
aojea / 1.20--1.21.txt
Last active November 28, 2024 15:23
Kubernetes client-go apidiff
- ./kubernetes/typed/certificates/v1.CertificateSigningRequestInterface.Apply: added
- ./kubernetes/typed/certificates/v1.CertificateSigningRequestInterface.ApplyStatus: added
- ./kubernetes/typed/rbac/v1.ClusterRoleBindingInterface.Apply: added
- ./kubernetes/typed/rbac/v1.ClusterRoleInterface.Apply: added
- ./kubernetes/typed/rbac/v1.RoleBindingInterface.Apply: added
- ./kubernetes/typed/rbac/v1.RoleInterface.Apply: added
- ./kubernetes/typed/apiserverinternal/v1alpha1.StorageVersionInterface.Apply: added
- ./kubernetes/typed/apiserverinternal/v1alpha1.StorageVersionInterface.ApplyStatus: added
- ./informers/storage/v1beta1.Interface.CSIStorageCapacities: added
- ./informers/policy.Interface.V1: added
@aojea
aojea / resolve_conflict_accept_current.sh
Last active October 11, 2024 18:02
for i in $(grep -rl '<<<<<<<' path/to/go/module/); do sed -i '/=======/,/>>>>>>>/d' $i ; sed -i '/<<<<<<</d' $i; done
@aojea
aojea / .config
Last active September 18, 2024 09:11
kernel config networking tests
#
# Automatically generated file; DO NOT EDIT.
# Linux/x86 6.11.0 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (Debian 13.2.0-13) 13.2.0"
CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=130200
CONFIG_CLANG_VERSION=0
CONFIG_AS_IS_GNU=y
CONFIG_AS_VERSION=24200
@aojea
aojea / README.md
Created August 29, 2024 17:23
Running a Pod with A Predefined Mac Address

Running a Pod with a predefined MAC address

There are situation that, for reasons, you want your Pod to have a static MAC.

Since the Pod uses a veth pair, the application running inside the Pod sees the side of the veth that is on its network namespace.

Using an initContainer with enough privileges, we can change the MAC address before the application runs.

  initContainers:
@aojea
aojea / https.yaml
Last active July 29, 2024 11:51
agnhost https server
apiVersion: apps/v1
kind: Deployment
metadata:
name: https-server
labels:
app: MyHttpsApp
spec:
replicas: 1
selector:
matchLabels: