- Create a postgres instance on GCP
- Create a debian machine instance
- Install Docker
apt-get update
apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
Sandro Mello sandromello
sandromello
/ istio-google-proxy.yaml
Created
April 24, 2020 17:53
Example Terminating TLS and proxying to an TLS external address
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: VirtualService | |
| metadata: | |
| name: google-proxy-test | |
| spec: | |
| hosts: | |
| - google-proxy-test.mydomain.tld | |
| gateways: | |
| - istio-gateway | |
| http: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: extensions/v1beta1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: nginx-ig | |
| name: nginx-ig | |
| spec: | |
| replicas: 2 | |
| selector: | |
| matchLabels: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM gcr.io/kaniko-project/executor:debug-v0.13.0 | |
| FROM node:8.9.4-alpine | |
| COPY --from=0 /kaniko/* /kaniko/ | |
| COPY --from=0 /kaniko/.docker/config.json /kaniko/.docker/config.json | |
| COPY --from=0 /busybox/ /busybox/ | |
| VOLUME /busybox | |
| COPY --from=0 /kaniko/ssl/certs/ /kaniko/ssl/certs/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: extensions/v1beta1 | |
| kind: Deployment | |
| metadata: | |
| name: payout | |
| annotations: | |
| description: |- | |
| TBD. | |
| labels: | |
| dependencies: wallet | |
| spec: |
- Logar no painel da digicert
- Selecionar a aba "Buy Certificates"
- Selecionar o produto wildcard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eo pipefail | |
| : "${AWS_DEFAULT_REGION:?Need to set AWS_DEFAULT_REGION}" | |
| : "${AWS_ACCESS_KEY_ID:?Need to set AWS_ACCESS_KEY_ID}" | |
| : "${AWS_SECRET_ACCESS_KEY:?Need to set AWS_SECRET_ACCESS_KEY}" | |
| TF_ACTION=$1 | |
| TF_VOLUMES="-v ${PWD}/terraform:/root -v ${PWD}/.terraform:/.terraform" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Groups | |
| kind: GroupList | |
| items: | |
| - name: 'opscenter:taf:admin' | |
| description: Cluster Admin for Taf clusters | |
| namespaces: | |
| - c5e493 | |
| - c635ed | |
| - cbcb57 | |
| - kong |
sandromello
/ config-coredump.sh
Last active
January 9, 2019 18:57
Configure Container Linux core dump on the fly
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| while true; do | |
| for node in $(kubectl get nodes --no-headers |grep -v master |awk {'print $1'}); do | |
| echo "=====> Configuring $node" | |
| ssh -l core -o StrictHostKeyChecking=no -i /root/id_rsa $node "sudo sed -i 's/#ProcessSizeMax.*/ProcessSizeMax=900G/g;s/#ExternalSizeMax.*/ExternalSizeMax=900G/g' /etc/systemd/coredump.conf" | |
| ssh -l core -o StrictHostKeyChecking=no -i /root/id_rsa $node "sudo systemctl daemon-reload" | |
| done | |
| echo "Done! sleeping for 60 minutes ..." | |
| sleep 3600 | |
| done |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package nodeinit | |
| import "strings" | |
| // https://coredns.io/plugins/kubernetes/ | |
| type CoreDNSOptions struct { | |
| // the URL for a remote k8s API endpoint | |
| KubernetesEndpoint string | |
| // exposes the k8s namespaces listed | |
| Namespaces string |