graph TD;
kubectl --> lb-b-mgmt[kube-1-eastus2-azure-cloud-dev.k8s-api.corp.mongodb.com];
lb-b-mgmt[kube-1-eastus2-azure-cloud-dev.k8s-api.corp.mongodb.com] --> proxy-headless.kubectl.eastus2.azure.cloud-dev.svc.cluster.local:8080;
proxy-headless.kubectl.eastus2.azure.cloud-dev.svc.cluster.local:8080 --> proxy_pods[socat pods running in namespace kubectl]
proxy_pods[socat pods running in namespace kubectl] --> kubernetes.default.svc.cluster.local:443
qudongfang
/ clean-up-2.sh
Last active
April 29, 2024 14:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for c in $(kubectx | grep -v gov | grep -v dev); do | |
| echo $c; | |
| kubectx $c | |
| kubectl delete deployments istiod -n istio-system | |
| kubectl delete hpa istiod -n istio-system | |
| kubectl delete pdb istiod -n istio-system | |
| kubectl delete svc istiod -n istio-system --wait=false | |
| kubectl delete cm -n istio-system istio | |
| done |
qudongfang
/ clean-up-part-1.sh
Last active
April 29, 2024 14:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for c in $(kubectx | grep -v gov | grep -v dev); do | |
| echo $c; | |
| kubectx $c | |
| kubectl -n istio-system patch iop istio-control-plane --type=json --patch='[ { "op": "remove", "path": "/metadata/finalizers" } ]' | |
| istioctl tag set default --revision 1-20-5 --overwrite | |
| kubectl -n flux-system --wait=false delete kustomization/istio-operator-bootstrap |
qudongfang
/ gist:54963faf424a395abecbfa19ae15d1d3
Created
January 31, 2024 14:54
compile istio-proxy for linux/amd64 on Mac M1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RELEASE=1.19 | |
| git clone https://github.com/istio/proxy.git | |
| cd proxy | |
| git checkout ${RELEASE} | |
| # make your changes to the source code |
qudongfang
/ istio_proxy_build.sh
Last active
August 7, 2024 09:03
how to build istio-proxy images locally
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RELEASE=1.19 | |
| git clone https://github.com/istio/proxy.git | |
| cd proxy | |
| git checkout ${RELEASE} | |
| # make your changes to the source code |
qudongfang
/ istio-proxy.dockerfile
Last active
August 29, 2024 22:18
istio-proxy docker image with customised envoy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ARG RELEASE=1.19.6 | |
| ARG SIDECAR=envoy | |
| FROM gcr.io/istio-release/proxyv2:${RELEASE} | |
| # Install Envoy. | |
| COPY ./${SIDECAR} /usr/local/bin/${SIDECAR} | |
| RUN chmod 0755 /usr/local/bin/${SIDECAR} |
qudongfang
/ add-x-cluster-client-ip-header.yaml
Created
August 17, 2022 15:14
add headers via EnvoyFilter to all hosts and routes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: EnvoyFilter | |
| metadata: | |
| name: add-x-cluster-client-ip-header | |
| namespace: istio-system | |
| spec: | |
| configPatches: | |
| - applyTo: ROUTE_CONFIGURATION | |
| match: | |
| context: SIDECAR_INBOUND |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am qudongfang on github. | |
| * I am dongfang (https://keybase.io/dongfang) on keybase. | |
| * I have a public key ASCIfbaHj0EKcHrmiqSGB73Gqyvht1fuIy71ES9_YD_b0Qo | |
| To claim this, I am signing this object: |
qudongfang
/ Foo.java
Last active
February 12, 2024 14:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sun.misc.Unsafe; | |
| import java.lang.reflect.Constructor; | |
| import java.lang.reflect.Field; | |
| import java.lang.reflect.InvocationTargetException; | |
| public class Foo { | |
| private boolean flag = true; | |
| public boolean getFlag() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| # 详细配置项请参考http://logstash.net/docs/1.3.3/inputs/file | |
| path => "/home/work/local/imas.log" | |
| # 附加自定义字段 | |
| # add_field => { "input_a" => "input_a" | |
| # "input_b" => "input_b" | |
| # } | |
| } |
NewerOlder