minikube start --extra-config='apiserver.authorization-mode=Node,RBAC' --memory 4096
kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default
kubectl -n kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller --upgrade
helm repo add coreos https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
helm install coreos/prometheus-operator --name prometheus-operator --namespace monitoring
helm install coreos/kube-prometheus --name kube-prometheus --namespace monitoring
Viacheslav Vasilyev avoidik
avoidik
/ create_kubernetes_cluster.sh
Created
March 22, 2018 23:00
— forked from ruzickap/create_kubernetes_cluster.sh
Create Kubernetes Cluster using Kubespray
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create Virtual env for Kubespray and make it active | |
| virtualenv --system-site-packages kubespray_virtenv | |
| source kubespray_virtenv/bin/activate | |
| # Install Ansible and Kubespray to virtualenv | |
| pip install kubespray | |
| # Create kubespray config file | |
| cat > ~/.kubespray.yml << EOF | |
| kubespray_git_repo: "https://github.com/kubespray/kubespray.git" |
avoidik
/ README.helm2.md
Last active
February 4, 2020 20:47
k8s on minikube with RBAC and monitoring
avoidik
/ gist:8623595ad95065bbd7066f96bf768269
Last active
April 9, 2018 08:32
Vagrant - access internal methods
a = Vagrant.plugin("2").manager.provisioners[:ansible_local].new(machine, config)
puts a.send(:generate_inventory_machines)
avoidik
/ aws-cfn.sh
Created
May 3, 2018 06:08
— forked from cgswong/aws-cfn.sh
Setup CentOS server with AWS CFN bootstrap
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Setup CentOS 7 host as AMI | |
| # Update base OS update, and install EPEL repo and Python Pip | |
| sudo yum -y update | |
| sudo yum –y install epel-release | |
| sudo yum -y install python-pip | |
| # Install Python add-ons: | |
| sudo pip install pystache |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cmd.exe | |
| cd git-for-windows | |
| usr\bin\dash.exe -c '/usr/bin/dash usr/bin/rebaseall -p' |
avoidik
/ console.py
Created
May 10, 2018 15:23
— forked from weavenet/console.py
Python script to assume STS role and generate AWS console URL.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import getpass | |
| import json | |
| import requests | |
| import sys | |
| import urllib | |
| import boto3 |
avoidik
/ vault-ec2-auth.sh
Created
May 11, 2018 09:07
— forked from daveadams/vault-ec2-auth.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # vault-ec2-auth.sh | |
| # Authenticates an EC2 instance to Hashicorp Vault | |
| # | |
| # configuration stored in environment variables in /etc/vault/client.conf | |
| # expected configuration (defaults are selected below if none is specified): | |
| # VAULT_ADDR = url of vault server | |
| # VAULT_ROLE = role name to authenticate as |
avoidik
/ approle-poc.bash
Created
May 14, 2018 08:24
— forked from awilliams/approle-poc.bash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eu | |
| # Proof-of-concept script to demonstrate using an AppRole | |
| # generated token for the kubernetes-vault controller. | |
| # https://github.com/Boostport/kubernetes-vault | |
| # Expects vault local development server to be running. | |
| # Launch with: | |
| # vault server -dev |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name _; | |
| return 301 http://$http_host$request_uri; | |
| } | |
| server { | |
| listen 443 ssl; | |
| server_name api.newerserver.com; | |
| ssl_certificate "/etc/nginx/domain.crt"; |