Create cluster on GCP
$ gcloud container clusters create multi-cluster-demo --preemptible
Viacheslav Vasilyev avoidik
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import "sockaddr" | |
| import "strings" | |
| # | |
| # allow update secrets under secret/ path only to clients coming from 10.0.0.0/8 CIDR range | |
| # | |
| precond = rule { | |
| request.operation in ["update"] and | |
| strings.has_prefix(request.path, "secret/") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| conky.config = { | |
| alignment = 'top_right', | |
| background = false, | |
| border_width = 1, | |
| cpu_avg_samples = 2, | |
| default_color = 'white', | |
| default_outline_color = 'white', | |
| default_shade_color = 'white', | |
| draw_borders = false, | |
| draw_graph_borders = true, |
$ sudo curl -fsSL https://amazon-ecr-credential-helper-releases.s3.us-east-2.amazonaws.com/0.5.0/linux-amd64/docker-credential-ecr-login -o /usr/local/bin/docker-credential-ecr-login
$ sudo chmod +x /usr/local/bin/docker-credential-ecr-login
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DEFAULT_BOX = 'ubuntu/focal64' | |
| WORKER_NODES = 2 | |
| Vagrant.configure(2) do |config| | |
| config.vm.define 'master' do |master| | |
| master.vm.box = DEFAULT_BOX | |
| master.vm.hostname = 'master' | |
| master.vm.synced_folder '.', '/vagrant', type: 'virtualbox' | |
| master.vm.network 'private_network', ip: '192.168.0.200' | |
| master.vm.provider 'virtualbox' do |v| |
avoidik
/ 1_ecs_note.md
Created
November 9, 2021 01:40
— forked from ejlp12/1_ecs_note.md
ECS Best Practices Notes
- Understand and check Service Quota of ECS/Fargate and other related services
- Cluster
- CDK for ECS: blog
avoidik
/ eks_best_practice.md
Created
November 9, 2021 01:39
— forked from ejlp12/eks_best_practice.md
EKS Best Practice
Please check https://aws.github.io/aws-eks-best-practices/ for more comprehensive EKS best practice!
- Think about multi-tenancy, isolation for different environment or different workload
- Isolation at account level using AWS organization
- Isolation at the network layer ie. different VPC & different cluster
- Use different Nodes Group (Node pool) for different purpose/category e.g. create dedicated node groups for Operational tools such as CI/CD tool, Monitoring tool, Centralize logging system.
- Separate namespace for different workload
Reliability | Principles
These notes are supplementing my another guide about Minimal Elastic monitoring stack
We need session-manager plugin and AWS CLI packages installed:
avoidik
/ telegraf.conf
Created
September 29, 2021 15:52
— forked from pacohope/telegraf.conf
Telegraf config for FreeBSD on EC2 using CloudWatch on AWS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generic, basic /usr/local/etc/telegraf.conf file for FreeBSD | |
| # Gathers some basic metrics and transmits them to cloudwatch | |
| # Be sure to set the region below | |
| [agent] | |
| interval = "10s" | |
| round_interval = true | |
| metric_batch_size = 1000 | |
| metric_buffer_limit = 10000 | |
| collection_jitter = "0s" |