Skip to content

Instantly share code, notes, and snippets.

View danehans's full-sized avatar

Daneyon Hansen danehans

75 followers · 29 following
View GitHub Profile
@danehans
danehans / 00_docs.md
Last active March 17, 2020 16:45
service-apis virtual host concept explained

Intro

Service API's provide name-based virtual hosting of objects that reside in a Kubernetes cluster.

Gateway

A Gateway host's one or more names that clients connect to. A Gateway exposes these names on one or more network endpoints called listeners. If applicable, the TLS configuration of the hosted name is used to perform a TLS handshake. The hosted name is used to match a VirtualHost.

Persona: Cluster Ops

VirtualHost

A VirtualHost is an in-cluster object, i.e. Service, exposed by a Gateway. A VirtualHost performs request manipulation (optional) and routing based on match, filter and action rules.

@danehans
danehans / 00-cluster-role.yaml
Last active February 25, 2020 20:42
example service-apis controller rbac
# This is additive to:
# https://github.com/kubernetes-sigs/service-apis/blob/master/config/rbac/role.yaml
# Mean to demonstate permissions model for route selector PR:
# https://github.com/kubernetes-sigs/service-apis/pull/12
#
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: manager-role
@danehans
danehans / gist:88ff936fd1b660c8b5674f9ff68f9691
Created February 24, 2020 17:59
ocp proxy demo
# Demo cmds
oc get cm/user-ca-bundle -n openshift-config -o yaml | head -10
oc get proxy/cluster -o yaml
oc get deploy/ingress-operator -n openshift-ingress-operator -o yaml | grep -A6 HTTP_PROXY
oc exec -it ingress-operator-8457b8fc7f-2r767 -n openshift-ingress-operator -c ingress-operator -- head -10 /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
# Proxy Demo
@danehans
danehans / 01_contour_1.7_ocp_4.6.yaml
Last active August 21, 2020 19:54
contour_1.7_ocp_4.6
# Manifest for running Contour 1.7 on OCP 4.6 based on https://projectcontour.io/quickstart/contour.yaml
#
# This file is generated from the individual YAML files by generate-deployment.sh. Do not
# edit this file directly but instead edit the source files and re-render.
#
# Generated from:
# examples/contour/00-common.yaml
# examples/contour/01-contour-config.yaml
# examples/contour/01-crds.yaml
# examples/contour/02-job-certgen.yaml
@danehans
danehans / gist:9cc346670499bdabca604379fbdcb22a
Created January 15, 2020 00:14
ocp_proxy_ci_pr_5308
# set proxy env vars required by extended test clients.
export HTTP_PROXY="$(oc get proxy/cluster -o jsonpath='{.status.httpProxy}')
export HTTPS_PROXY="$(oc get proxy/cluster -o jsonpath='{.status.httpsProxy}')
export NO_PROXY="$(oc get proxy/cluster -o jsonpath='{.status.noProxy}')
@danehans
danehans / bin_failure.log
Created January 14, 2020 23:43
origin_ext_test_build
$ make WHAT=cmd/openshift-tests
hack/build-go.sh cmd/openshift-tests
++ Building go targets for darwin/amd64: cmd/openshift-tests
# github.com/openshift/origin/pkg/monitor
pkg/monitor/api.go:38:51: cannot use clusterConfig (type *"github.com/openshift/origin/vendor/k8s.io/client-go/rest".Config) as type *"github.com/openshift/origin/vendor/github.com/openshift/client-go/vendor/k8s.io/client-go/rest".Config in argument to versioned.NewForConfig
pkg/monitor/api.go:62:60: cannot use &pollingConfig (type *"github.com/openshift/origin/vendor/k8s.io/client-go/rest".Config) as type *"github.com/openshift/origin/vendor/github.com/openshift/client-go/vendor/k8s.io/client-go/rest".Config in argument to "github.com/openshift/origin/vendor/github.com/openshift/client-go/image/clientset/versioned/typed/image/v1".NewForConfig
pkg/monitor/api.go:94:105: cannot use "github.com/openshift/origin/vendor/k8s.io/apimachinery/pkg/apis/meta/v1".GetOptions literal (type "github.com/openshift/origin/vendor/k8s.io/apimachinery/pkg/ap
@danehans
danehans / Dockerfile
Created January 14, 2020 16:20 — forked from ironcladlou/Dockerfile
Reaper gotcha
FROM golang:1.13.5-buster
COPY main.go /go/reaper.go
RUN go build -o /bin/reaper /go/reaper.go
ENTRYPOINT ["/bin/reaper"]
@danehans
danehans / 01_svc.yaml
Last active January 7, 2020 17:54
test_nodelocal_dns_ocp
apiVersion: v1
kind: Service
metadata:
name: dns-cache-default
namespace: openshift-dns
labels:
dns.operator.openshift.io/owning-dns: default
spec:
ports:
- name: dns
@danehans
danehans / 01_ocp_route_ep_test
Last active June 2, 2020 19:10
ocp_route_ep_test
# A test to see if a route can bind to endpoints w/o a svc.
# Create an endpoints
apiVersion: v1
kind: Endpoints
metadata:
labels:
app: console
name: console-test
namespace: openshift-console
@danehans
danehans / install-with-internal-load-balancer.txt
Created September 26, 2019 22:54 — forked from Miciah/install-with-internal-load-balancer.txt
% openshift-install create manifests --dir=./clusters/gcp-mmasters-6
INFO Consuming "Install Config" from target directory
openshift-install create manifests --dir=./clusters/gcp-mmasters-6 1.78s user 0.06s system 18% cpu 9.806 total
% cat > ./clusters/gcp-mmasters-6/manifests/ingress-controller-01-crd.yaml <<EOF
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingresscontrollers.operator.openshift.io
spec: