pyaillet
/ ubuntu-docker-install.sh
Created
April 13, 2018 20:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| sudo apt-get update | |
| sudo apt-get install \ | |
| apt-transport-https \ | |
| ca-certificates \ | |
| curl \ | |
| software-properties-common |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| VM_NAME=nested-vm | |
| VM_IMAGE_NAME=ubuntu-1604-nested | |
| SOURCE_DISK=ubuntu-1604-xenial-v20180424 | |
| SOURCE_PROJECT=ubuntu-os-cloud | |
| ZONE=europe-west1-d | |
| MIN_CPU_MODEL="Intel Haswell" | |
| #gcloud compute images create $VM_IMAGE_NAME \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # install docker | |
| sudo -E apt-get -y install apt-transport-https ca-certificates wget software-properties-common | |
| wget -qO - https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - | |
| sudo -E add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | |
| sudo -E apt-get update | |
| sudo -E apt-get -y install docker-ce | |
| # install clear containers |
pyaillet
/ GCP-Architect.md
Last active
October 30, 2022 08:41
pyaillet
/ cfssl-example.json
Created
January 19, 2019 08:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "CN": "Kubernetes", | |
| "key": { | |
| "algo": "rsa", | |
| "size": 2048 | |
| }, | |
| "names": [ | |
| { | |
| "C": "FR", | |
| "L": "Nantes", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env sh | |
| # Install | |
| apt update | |
| apt install -y python3 python3-pip neovim docker.io golang | |
| USER="pyaillet" | |
| USER_HOME="/home/$USER" | |
| groupadd $USER | |
| useradd -d $USER_HOME -m -g $USER -G adm,dialout,cdrom,floppy,audio,dip,video,plugdev,netdev,lxd,ubuntu,google-sudoers $USER |
- Check certificates
- /etc/kubernetes/pki
- openssl x509 -in <certificate.crt> -noout -text
- kubeadm certs renew all
- Check PID Namespace isolation
- v1.PodSpec.shareProcessNamespace: true
- Use Network policies
- Default deny ingress
- Default deny egress
- frontend to backend
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: "3" | |
| services: | |
| blue: | |
| image: containous/whoami | |
| labels: | |
| - traefik.http.routers.blue.rule=PathPrefix("/") | |
| - color=blue | |
| proxy: | |
| image: traefik:v2.5.4 | |
| # Enables the web UI and tells Traefik to listen to docker |
OlderNewer