Skip to content

Instantly share code, notes, and snippets.

View rogerwelin's full-sized avatar
:shipit:
Gopher

Roger Welin rogerwelin

:shipit:
Gopher
53 followers · 42 following
View GitHub Profile
@rogerwelin
rogerwelin / kube-api-architecture.md
Last active January 13, 2021 19:56

Controllers - execute business logic.
Resources - provide storage and resources.
Webhooks - defaulting, validation, conversion.

Resource stores stuff --> Controller does stuff.

Resources (example Foo resource) are stored in ETCD by the apiserver. Async watch notifications on object create / delete / update from Foo Resource in ETCD to Foo Controller.

  • Request comes in to Request API - apiserver stores it in ETCD
  • after object is stored apiserver sends watch events to clients watching that Resource type
@rogerwelin
rogerwelin / Dockerfile
Created November 25, 2020 22:18
FROM golang:1.14 as build
ARG version
WORKDIR /build
COPY . .
RUN CGO_ENABLED=0 go build -ldflags "-X main.Version=$version"
FROM scratch
WORKDIR /app
EXPOSE 8080
COPY --from=build /build/hello-argocd-app .
@rogerwelin
rogerwelin / argo.sh
Last active November 25, 2020 22:05
$ kind create cluster --config kind-config.yaml
# install the Nginx ingress
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/kind/deploy.yaml
# install ArgoCD
$ kubectl create namespace argocd
$ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# use port-forwarding to access the ArgoCD UI
@rogerwelin
rogerwelin / kindconfig.yaml
Created November 24, 2020 22:19
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
@rogerwelin
rogerwelin / rest.go
Created November 24, 2020 22:09
var Version = "dev"
type Message struct {
Msg string `json:"msg"`
Version string `json:"version"`
}
func pingHandler(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(200)
fmt.Fprintf(w, "pong")
@rogerwelin
rogerwelin / bpf.md
Created November 22, 2020 20:41

eBPF works lite the JVM, running code instructions in an isolated environment in kernel-space. Compile C to BPF. If the code is safe the BPF program will be loaded into the kernel. Sharing data between the kernel and user-space: BPF maps.

BPF Program Types

  • Tracing - help understand what's happening in the system
  • Networking - inspect and manipulate the network traffic in your system. can let you filter packets coming from the network interface, or even reject those packets completely

View possible tracepoints you can attach BPF programs at: /sys/kernel/debug/tracing/events/

@rogerwelin
rogerwelin / kuberesources.md
Last active November 9, 2020 23:07

https://pmcgrath.net/using-pod-security-policies-with-kubeadm

Limits & Resources

2 types of resources: CPU and memory

Resource request: requests is what the container/pod is guaranteed to get. The scheduler will only place the pod on a node that will give it that resource. Defaults are 0.5 CPU and 256 MB RAM

Resource limits: limits ensure the container/pod never goes above a specified value. CPU will be throttled and if more memory will be consumed than the limit the OOM will kick in and the pod will be restarted.

@rogerwelin
rogerwelin / kubeadm.yaml
Created November 9, 2020 11:30
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
kubeadmConfigPatches:
- |
kind: ClusterConfiguration
metadata:
name: config
apiServer:
extraArgs:
enable-admission-plugins: "NodeRestriction,PodSecurityPolicy"
@rogerwelin
rogerwelin / errorhandling.go
Created June 5, 2020 11:56
package main
import (
"fmt"
"log"
"net/http"
"github.com/pkg/errors"
)
@rogerwelin
rogerwelin / channels.go
Created May 2, 2020 00:47
channels
package main
import (
"fmt"
"net/http"
"sync"
)
type HttpResult struct {
Url string