How the traffic that get to a host is outside the scope of this.
docker service create --name testswarm --replicas 1 --publish 8080:80 nginx /bin/bash -c "hostname > /usr/share/nginx/html/hostname; nginx -g \"daemon off;\""
Manohar Castelino mcastelino
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ssh -f -nNT -L 8080:127.0.0.1:8080 user@node0 [-p port] | |
| The UI should be available at | |
| http://127.0.0.1:8080/api/v1/proxy/namespaces/kube-system/services/kube-ui/#/ dashboard/ on the client machine. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| iptables -I INPUT 1 -p tcp -m tcp --dport 8888 -j ACCEPT | |
| iptables -I INPUT 1 -p 47 -j ACCEPT | |
| iptables -I OUTPUT 1 -p 47 -j ACCEPT | |
| iptables -I INPUT 1 -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT | |
| iptables -I OUTPUT 1 -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT | |
| iptables -I FORWARD 1 -p tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT | |
| iptables -I FORWARD 1 -p tcp --sport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT | |
| iptables -I FORWARD 1 -p udp -m udp --dport 67:68 -j ACCEPT | |
| iptables -I FORWARD 1 -p udp -m udp --dport 53 -j ACCEPT | |
| iptables -I FORWARD 1 -p udp -m udp --dport 123 -j ACCEPT |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ttyrec and ttygif | |
| ttyrec: http://0xcc.net/ttyrec/ | |
| ttygif: https://github.com/sugyan/ttygif or https://github.com/sugyan/ttyrec2gif | |
| Instructions: | |
| % ttyrec | |
| (In the executed shell, do whatever you want and exit) |
mcastelino
/ cc ciao-down
Last active
February 5, 2017 18:09
Clear Container 3.0 test setup using ciao-down
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ciao-down is a small utility for setting up a VM that contains everything you need to run ciao's Single VM. | |
| All you need to have installed on your machine is: | |
| Intall go 1.7 or greater on your host system, then | |
| 1. go get github.com/01org/ciao/testutil/ciao-down | |
| 2. $GOPATH/bin/ciao-down prepare -vmtype clearcontainers | |
| 3. $GOPATH/bin/ciao-down connect | |
| Now you can try clear containers inside the VM. |
mcastelino
/ CC 2.1 with Docker
Created
February 1, 2017 20:22
CC 2.1 with Docker -Dev Setup - Ubuntu 16.04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install Clear Containers from Binary: | |
| https://github.com/01org/cc-oci-runtime/wiki/Installing-Clear-Containers-on-Ubuntu-16.04 | |
| Get the code: | |
| git clone https://github.com/01org/cc-oci-runtime | |
| cd cc-oci-runtime | |
| ./autogen.sh --with-cc-kernel=/usr/share/clear-containers/vmlinux.container --with-cc-image=/usr/share/clear-containers/clear-containers.img --with-cc-image-systemdsystemunitdir=/usr/lib/systemd/system | |
| make | |
| sudo make install | |
| sudo systemctl restart cc-proxy.service |
mcastelino
/ docker_1_13_swarm_trace.md
Last active
August 31, 2021 14:06
docker swarm networking - packet trace
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for table in $(echo filter nat mangle raw security); do echo $table; iptables -L -v -n --line-numbers -t $table; done | |
| tcpdump -elnXXi |
mcastelino
/ Clear Containers 2.1 with ciao-down.txt
Last active
February 15, 2017 18:09
Clear Containers 2.1 with ciao-down
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ciao-down is a small utility for setting up a VM that contains everything you need to run Clear Containers inside a virtual machine. | |
| 0. Install go 1.7 or greater on your host system | |
| 1. go get github.com/01org/ciao/testutil/ciao-down | |
| 2. $GOPATH/bin/ciao-down prepare -vmtype clearcontainers | |
| 3. $GOPATH/bin/ciao-down connect | |
| Now you can try clear containers inside the VM. You can also build and replace any component you choose. | |
| If you want to buld clear containers from sources |
For people in the meetup to try the Clear Containers hands on exercise on their own
You can try the hands on either in a VM using ciao-down or directly on your host system
First setup a clear containers virtual machine on Ubuntu/fedora using the instructions here