Skip to content

Instantly share code, notes, and snippets.

View rabellamy's full-sized avatar

Robert Anthony Bellamy rabellamy

34 followers · 100 following
  • New York, NY
View GitHub Profile
@rabellamy
rabellamy / berlin.md
Last active October 12, 2019 09:56

topics/go/profiling/memcpu

go test -bench . -benchtime 3s
go test -bench . -benchtime 3s -benchmem
go test -bench . -benchtime 3s -benchmem -memprofile p.out
go test -bench . -benchtime 3s -benchmem -memprofile p.out -gcflags "-newescape=false -m=2"

diff --git a/topics/go/profiling/memcpu/stream.go b/topics/go/profiling/memcpu/stream.go
index d070441f..b9a2a473 100644
@rabellamy
rabellamy / sync.go
Created February 22, 2019 20:15
package main
import (
"fmt"
"sync"
)
func main() {
var wg sync.WaitGroup
sayHello := func() {
@rabellamy
rabellamy / atlantic.yaml
Last active November 25, 2018 20:15
apiVersion: v1
items:
- apiVersion: v1
kind: Pod
metadata:
creationTimestamp: 2018-11-25T20:09:51Z
generateName: atlantic-5f945bbdbf-
labels:
app: atlantic
pod-template-hash: "1950166869"
@rabellamy
rabellamy / PodSecurityPolicy.md
Last active October 15, 2018 01:46

PodSecurityPolicy

You might sometimes want to run untrusted pods and desire to secure your Kubernetes cluster against harmful intent as much as possible. Even if you are running trusted pools, your applications or the software you use might have some security vulnerabilities and might be exploited if they are facing the public networks.

On the other hand, you might have some trusted applications that might need extended privileges, and you would like to grant them new capabilities that generally regular containers do not possess. Containers might want to modify protected kernel variables and features, and would like some advanced system calls.

While you could do the above, You can modify both grants and restrictions in a centralized manner with Kubernetes. This is where PodSecurityPolicy is helpful. You can configure the SELinux and AppArmor rules, drop and add Linux capabilities, modify namespace sharing for PID, network, IPC, enforce the user and group of the containers and even make the container read

@rabellamy
rabellamy / ReplicaSets.md
Last active October 12, 2018 18:49

ReplicaSets

A ReplicaSet behaves exactly like a ReplicationController, but it has more expressive pod selectors. Whereas a ReplicationController’s label selector only allows matching pods that include a certain label, a ReplicaSet’s selector also allows matching pods that lack a certain label or pods that include a certain label key, regardless of its value.

Also, for example, a single ReplicationController can’t match pods with the label env=production and those with the label env=devel at the same time. It can only match either pods with the env=production label or pods with the env=devel label. But a single ReplicaSet can match both sets of pods and treat them as a single group.

Similarly, a ReplicationController can’t match pods based merely on the presence of a label key, regardless of its value, whereas a ReplicaSet can. For example, a ReplicaSet can match all pods that include a label with the key env, whatever its actual value

@rabellamy
rabellamy / staging-errors.md
Created May 24, 2018 21:17

1159 24/May 17:16 notice php Notice: Trying to get property of non-object in mp7_blocks_context_load_alter() (line 1246 of /usr/src/app/sites/all/modules/custom/mp7_blocks/mp7_blocks.module). 1160 24/May 17:16 notice php Notice: Undefined index: node in mp7_entity_aliases_tokens_alter() (line 223 of /usr/src/app/sites/all/modules/custom/mp7_entity_aliases/mp7_entity_aliases.module). 1161 24/May 17:16 notice php Notice: Undefined index: node in mp7_entity_aliases_tokens_alter() (line 223 of /usr/src/app/sites/all/modules/custom/mp7_entity_aliases/mp7_entity_aliases.module). 1162 24/May 17:16 notice php Notice: Undefined index: node in mp7_entity_aliases_tokens_alter() (line 223 of /usr/src/app/sites/all/modules/custom/mp7_entity_aliases/mp7_entity_aliases.module). 1163 24/May 17:16 notice php Notice: Undefined index: node in mp7_entity_aliases_tokens_alter() (line 223 of /usr/src/app/sites/all/modules/custom/mp7_entity_aliases/mp7_entity_aliases.module). 1164 24/May 17

@rabellamy
rabellamy / DEVOPS-295.md
Last active May 26, 2018 03:11

*.mlsdigital.net

Image Server - img.mlsdigital.net

  • imginternal.mlsdigital.net

MP7 - *-mp7static.mlsdigital.net

  • atlanta-mp7static.mlsdigital.net.
  • chicago-mp7static.mlsdigital.net.
  • colorado-mp7static.mlsdigital.net.
  • columbus-mp7static.mlsdigital.net.
  • dallas-mp7static.mlsdigital.net.
@rabellamy
rabellamy / update-branch.md
Created January 26, 2018 19:45 
$ git fetch --all
$ git rebase -p origin/master master
$ git rebase -p origin/master [YOUR-FEATURE-BRANCH]
$ git push -f origin [YOUR-FEATURE-BRANCH]
@rabellamy
rabellamy / wiki-100k.txt
Created July 31, 2017 14:56 — forked from h3xx/wiki-100k.txt
Wictionary top 100,000 most frequently-used English words [for john the ripper]
#!comment: This is a list of the top 100,000 most frequently-used English words
#!comment: according to Wiktionary.
#!comment:
#!comment: It was compiled in August 2005 and coalesced into a handy list for
#!comment: use in John the Ripper.
#!comment:
#!comment:
#!comment: Pull date: Sun Jan 15 22:03:54 2012 GMT
#!comment:
#!comment: Sources:
@rabellamy
rabellamy / 311.Sun-Jul-9-22:49:10-EDT-2017
Created July 10, 2017 02:49
c1-1-1431128441