Neo23x0

# IMPORTANT!
# This gist has been transformed into a github repo 
# You can find the most recent version there:
# https://github.com/Neo23x0/auditd

#      ___             ___ __      __
#     /   | __  ______/ (_) /_____/ /
#    / /| |/ / / / __  / / __/ __  / 
#   / ___ / /_/ / /_/ / / /_/ /_/ /  
#  /_/  |_\__,_/\__,_/_/\__/\__,_/   

coresolve

Start with a simple deployment:

kubectl run simple --image=quay.io/dcooley/simple-app:plain --replicas=3 --port=80 --labels=app=simple

show the yaml for this deployment:

$ kubectl get deployment simple -o yaml --export
apiVersion: extensions/v1beta1
kind: Deployment

eduardcloud

import boto3
import time
region = 'eu-west-1'
user_data_script  = """#!/bin/bash 
instanceid=$(curl http://169.254.169.254/latest/meta-data/instance-id) 
cd /
mkdir moodledata
mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 fs-xxxxxxxxxxc.efs.eu-west-1.amazonaws.com:/ moodledata
tar czf mooodledata-backup-$(date +%d-%m-%Y_%H-%M).tar.gz /moodledata
aws s3 mv mooodledata-backup-*.tar.gz s3://xxxxxxxxx/

innovia

#!/bin/bash
set -e
set -o pipefail

# Add user to k8s using service account, no RBAC (must create RBAC after this script)
if [[ -z "$1" ]] || [[ -z "$2" ]]; then
 echo "usage: $0 <service_account_name> <namespace>"
 exit 1
fi

xueshanf

#!/bin/bash
# Input:  ./extract_kubecfg_cert.sh my-cluster-name username
# Output: ./my-cluster-name-ca.crt ./username.crt ./username.key

# Exit on error
abort(){
  echo $1 && exit 1
}

# Prerequistes

ramboldio

#!/bin/bash

# this folder needs to exist
mkdir ~/certs

# authenticate yourself (requires that nothing runs on ports 443 and 80)
docker run --rm -it -v ~/certs:/etc/letsencrypt -p 443:443 certbot/certbot certonly --authenticator standalone

# renewal
docker run --rm -it -v ~/certs:/etc/letsencrypt certbot/certbot renew

trajakovic

yum install wget
wget https://yum.dockerproject.org/repo/main/centos/7/Packages/docker-engine-1.13.1-1.el7.centos.x86_64.rpm
wget https://yum.dockerproject.org/repo/main/centos/7/Packages/docker-engine-selinux-1.13.1-1.el7.centos.noarch.rpm

#nice site with pckgs: https://pkgs.org/

#package for docker-engine-selinux
yum install -y policycoreutils-python
rpm -i docker-engine-selinux-1.13.1-1.el7.centos.noarch.rpm 

miry

require 'optparse'
require 'yaml'
require 'base64'

options = {
  config_path: File.join(ENV['HOME'], '.kube', 'config'),
  write_dir: File.join(ENV['HOME'], '.kube')
}

OptionParser.new do |opts|

alkrauss48

# By default, Docker containers run as the root user. This is bad because:
#   1) You're more likely to modify up settings that you shouldn't be
#   2) If an attacker gets access to your container - well, that's bad if they're root.
# Here's how you can run change a Docker container to run as a non-root user

## CREATE APP USER ##

# Create the home directory for the new app user.
RUN mkdir -p /home/app

ozbillwang

In redhat, if you need build container from base image, for example, registry.access.redhat.com/rhel7/rhel:7.3-53 (free download from https://access.redhat.com/containers) You have to build this image on a red hat server with subscription managed registered.

Here is the way to bypass the check and you can build docker image on any redhat 7 server.

make sure the package has been installed

yum install rh-amazon-rhui-client

list the package files