Ryan Drew learnitall
nyrahul
/ idspoof.py
Created
December 31, 2020 11:51
Spoofing Cilium identity value in vxlan tunneled mode
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python | |
| # Aim of this script is to send a vxlan tunneled HTTP request with spoofed | |
| # identity and pass through the authz checks implemented in cilium-ebpf. | |
| # Configuration you need to set correct: | |
| # 1. The target pod address (dip, dport) to which you want to make unauthorized access | |
| # 2. The source identity (identity = 8849 below) to spoof. Use `cilium identity | |
| # list` to check valid identity values. | |
| # 3. The target node's vxlan IP address (vxlan_ip) and port (vxlan_port = 8472 |
tennix
/ dashbord-to-jsonnet.py
Last active
April 7, 2024 08:35
Convert Grafana dashboard json to jsonnet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import json | |
| from jinja2 import Template | |
| # git clone https://github.com/pingcap/tidb-docker-compose | |
| # cd tidb-docker-compose | |
| # git clone https://github.com/tennix/grafonnet-lib -b table | |
| # python dashboard-to-jsonnet.py > pd.jsonnet | |
| # jsonnet -J grafonnet-lib pd.jsonnet > config/dashboards/generated-pd.json | |
| with open('config/dashboards/pd.json', 'r') as f: | |
| data = json.load(f) |