I hereby claim:
- I am mjudeikis on github.
- I am mjudeikis (https://keybase.io/mjudeikis) on keybase.
- I have a public key ASCqbYzBH2r9nB7W85XsAVZz7pFHh8hiaJJWhP9ozSnBtAo
To claim this, I am signing this object:
mjudeikis
/ gist:627819e6f81338bdc76d00615ec1709f
Created
September 7, 2018 14:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "etcd.database.coreos.com/v1beta2" | |
| kind: "EtcdBackup" | |
| metadata: | |
| name: master-etcd-cluster-backup | |
| namespace: default | |
| spec: | |
| etcdEndpoints: | |
| - "https://master-000000:2379" | |
| - "https://master-000001:2379" | |
| - "https://master-000002:2379" |
mjudeikis
/ gist:4072e107d5f867ac94c949297d1ead41
Created
August 22, 2018 14:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cs.Properties.AuthProfile = &AuthProfile{} | |
| cs.Properties.AuthProfile.IdentityProviders = make([]IdentityProvider, len(oc.Properties.AuthProfile.IdentityProviders)) | |
| for i, ip := range oc.Properties.AuthProfile.IdentityProviders { | |
| cs.Properties.AuthProfile.IdentityProviders[i].Name = ip.Name | |
| switch provider := ip.Provider.(type) { | |
| case (*v1.AADIdentityProvider): | |
| cs.Properties.AuthProfile.IdentityProviders[i].Provider = &AADIdentityProvider{ | |
| ClientID: provider.ClientID, | |
| Secret: provider.Secret, | |
| Kind: provider.Kind, |
mjudeikis
/ gist:8b27aa0448f991acaea19a74a7610bba
Created
August 21, 2018 13:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type AuthProfile struct { | |
| IdentityProviders []IdentityProvider `json:"identityProviders,omitempty"` | |
| } | |
| // IdentityProvider is heavily cut down equivalent to IdentityProvider in the | |
| // OpenShift master config. We can add fields to match as we need to. | |
| type IdentityProvider struct { | |
| Name string `json:"name,omitempty"` | |
| Provider runtime.Object `json:"provider,omityempty"` | |
| } |
mjudeikis
/ tmux config
Created
August 20, 2018 15:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # remap prefix from 'C-b' to 'C-a' | |
| unbind C-b | |
| set-option -g prefix C-a | |
| bind-key C-a send-prefix | |
| # split panes using | and - | |
| bind | split-window -h | |
| bind - split-window -v | |
| unbind '"' |
mjudeikis
/ gist:1123f67e262c0d2559e4cbb2e30e6720
Last active
August 10, 2018 08:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func CheckDNS(ctx context.Context, eipc network.PublicIPAddressesClient, lbc network.LoadBalancerFrontendIPConfigurationsClient, cs *acsapi.ContainerService) error { | |
| // get master fqdn from ip-apiserver loadbalancer | |
| ip, err := eipc.Get(ctx, cs.Properties.AzProfile.ResourceGroup, "ip-apiserver", "") | |
| if err != nil { | |
| return err | |
| } | |
| if *ip.DNSSettings.Fqdn != cs.Properties.MasterProfile.FQDN { | |
| return fmt.Errorf("ip-address fqdn %s do not match configuration %s", ip.DNSSettings.Fqdn, cs.Properties.MasterProfile.FQDN) |
mjudeikis
/ gist:de81946bcbb737837eb29d5ce64913f2
Last active
August 6, 2018 15:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@vm ~]# yum list *origin-docker* --show-duplicates | |
| Loaded plugins: fastestmirror | |
| Loading mirror speeds from cached hostfile | |
| * base: linux.cc.lehigh.edu | |
| * extras: mirror.cs.pitt.edu | |
| * updates: mirror.es.its.nyu.edu | |
| Available Packages | |
| origin-docker-excluder.noarch 3.6.0-1.0.c4dd4cf openshift-origin | |
| origin-docker-excluder.noarch 3.6.1-1.0.008f2d5 openshift-origin | |
| origin-docker-excluder.noarch 3.7.0-1.0.7ed6862 openshift-origin |
mjudeikis
/ gist:cd645c1e08fa3325d784ecf08af01e93
Created
June 25, 2018 15:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: "SCORED | 1.1.1.1 | PATCH | Ensure mounting of cramfs filesystems is disabled" | |
| lineinfile: | |
| dest: /etc/modprobe.d/CIS.conf | |
| regexp: "^(#)?install cramfs(\\s|$)" | |
| line: "install cramfs /bin/true" | |
| create: yes | |
| when: | |
| - rhel7cis_rule_1_1_1_1 | |
| tags: | |
| - level1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Chain PREROUTING (policy ACCEPT) | |
| target prot opt source destination | |
| KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */ | |
| KUBE-PORTALS-CONTAINER all -- anywhere anywhere /* handle ClusterIPs; NOTE: this must be before the NodePort rules */ | |
| DOCKER all -- anywhere anywhere ADDRTYPE match dst-type LOCAL | |
| KUBE-NODEPORT-CONTAINER all -- anywhere anywhere ADDRTYPE match dst-type LOCAL /* handle service NodePorts; NOTE: this must be the last rule in the chain */ | |
| KUBE-HOSTPORTS all -- anywhere anywhere /* kube hostport portals */ ADDRTYPE match dst-type LOCAL | |
| Chain INPUT (policy ACCEPT) | |
| target prot opt source destination |
mjudeikis
/ gist:b47558817620dac7f39e818c8da2a306
Last active
June 5, 2018 13:39
check pod status and waits openshift
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sleep 30 | |
| #we can start deploying only when SDN is converged and ready | |
| finished=false | |
| while [ ${finished} == false ] ; do | |
| PODS=$(oc get pod -o name) | |
| echo $finished | |
| finished=true | |
| while read -r po; do | |
| ready=$(oc get $po -o jsonpath='{.status.containerStatuses[0].ready}') | |
| echo $ready |
mjudeikis
/ keybase.md
Created
May 20, 2018 08:33