I hereby claim:
- I am skippy on github.
- I am adamgreene (https://keybase.io/adamgreene) on keybase.
- I have a public key ASByMY7_fuDQ0XecthPOkCmQIzy_ynIAgfuXqlMWhQjoWQo
To claim this, I am signing this object:
Adam Greene skippy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "listeners": [ | |
| { | |
| "address": "tcp://0.0.0.0:443", | |
| "ssl_context": { | |
| "cert_chain_file": "/etc/envoy/cert/cert.crt", | |
| "private_key_file": "/etc/envoy/cert/cert.key", | |
| "ca_cert_file": "/etc/envoy/cert/cert.ca" | |
| }, | |
| "filters": [ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| you'll want to setup ENVs, such as: | |
| (dockerfile) | |
| ``` | |
| ENV VAULT_ADDR "https://active.vault.service.capsci:8200" | |
| ENV VAULT_CACERT "/vault/config/vault_tls.ca" | |
| ENV CURL_CA_BUNDLE "/vault/config/vault_tls.ca" | |
| ``` | |
| /vault/config/vault_tls.ca is pre-cached from when vault is initally bootstrapped and the PKI instance is initalized. But once it is, and you put it into your container, you are good to go. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| core@ip-10-0-10-31 ~ $ sudo systemctl restart vault | |
| $ docker exec -it vault vault unseal -ca-cert=/tmp/tmp_ca/ca.cer -address=https://127.0.0.1:8200 | |
| Key (will be hidden): | |
| Sealed: true | |
| Key Shares: 5 | |
| Key Threshold: 3 | |
| Unseal Progress: 1 | |
| $ docker exec -it vault vault unseal -ca-cert=/tmp/tmp_ca/ca.cer -address=https://127.0.0.1:8200 | |
| Key (will be hidden): | |
| Sealed: true |
skippy
/ keybase.md
Created
August 4, 2016 21:14
skippy
/ gist:d8e19f3e1e90a9352eb18850dec1623e
Created
August 3, 2016 21:48
consul-template exec failure debug log
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2016/08/03 21:28:05.791986 [DEBUG] ("secret(pki/internal-services/issue/base)") vault returned the secret | |
| 2016/08/03 21:28:05.792014 [INFO] (view) "secret(pki/internal-services/issue/base)" received data | |
| 2016/08/03 21:28:05.792034 [DEBUG] (view) "secret(pki/internal-services/issue/base)" starting fetch | |
| 2016/08/03 21:28:05.792096 [DEBUG] ("secret(pki/internal-services/issue/base)") querying vault with &{AllowStale:true WaitIndex:1470259685 WaitTime:1m0s} | |
| 2016/08/03 21:28:05.792107 [DEBUG] ("secret(pki/internal-services/issue/base)") pretending to long-poll for "59s" | |
| 2016/08/03 21:28:05.792130 [DEBUG] (runner) receiving dependency "secret(pki/internal-services/issue/base)" | |
| 2016/08/03 21:28:05.792137 [INFO] (runner) running | |
| 2016/08/03 21:28:05.792142 [DEBUG] (runner) checking template /consul-template/template.d/internal-proxy.service.consul.pem.tmpl | |
| 2016/08/03 21:28:05.792454 [DEBUG] (runner) checking ctemplate &{Source:/consul-template/template.d/internal-proxy.service.consul.pem.tmpl Destination:/etc/haproxy/ |
skippy
/ 10-0-12-192.log
Last active
September 11, 2015 03:37
vault logs -- 3 servers which got mixed up on who is leader
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Logs begin at Thu 2015-09-10 19:31:27 UTC, end at Fri 2015-09-11 02:58:04 UTC. -- | |
| Sep 10 19:31:58 ip-10-0-12-192.us-west-2.compute.internal systemd[1]: Starting vault service... | |
| Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[843]: Error response from daemon: no such id: vault | |
| Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[843]: time="2015-09-10T19:31:59Z" level=fatal msg="Error: failed to kill one or more containers" | |
| Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[951]: Error response from daemon: no such id: vault | |
| Sep 10 19:31:59 ip-10-0-12-192.us-west-2.compute.internal docker[951]: time="2015-09-10T19:31:59Z" level=fatal msg="Error: failed to remove one or more containers" | |
| Sep 10 19:32:01 ip-10-0-12-192.us-west-2.compute.internal flock[975]: latest: Pulling from skippy/vault.dev | |
| Sep 10 19:32:01 ip-10-0-12-192.us-west-2.compute.internal flock[975]: 31f630c65071: Pulling fs layer | |
| Sep 10 19:32:01 ip-10-0-12-192.us-west-2.compute.internal flock[975]: 084e |
Update the google/protobuf 3.0-alpha library in 2 concrete areas, and 1 opinionated way:
- remove inconsistencies between the c- and java-backed ruby libraries. Most inconsistencies are bugs in one implementation and not the other, but there was at least one helper method which existed in one and not the other.
- Improve the test suite. Since the bulk of the logic exists in lower-level C and java libraries, items which usually aren't tested because they come from the standard lib, like
#push, should be tested as this library uses plenty of low-level handcrafted code - Opinionated changes -- make it feel more ruby-like. This means being able to accept string or symbols in initializers, returning
nilinstead of raising an exception when an array index out-of-bounds occurs, have common names and aliases for methods (e.g.#sizeand#length), and havingRepeatedFieldsquack like an array, andMapquack like a hash. There may be other examples.
First off, I'm ve
skippy
/ benchmark.rb
Last active
August 29, 2015 14:20
hash optimizations (c vs mix ruby/c vs jruby)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'rubygems' | |
| require 'bundler/setup' | |
| require 'benchmark' | |
| require 'google/protobuf' | |
| pool = Google::Protobuf::DescriptorPool.new | |
| pool.build do |
skippy
/ encode_json.rb
Created
May 3, 2015 18:07
google-protobuf under jruby has broken JSON encoding
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # google-protobuf/master | |
| require 'google/protobuf' | |
| pool = Google::Protobuf::DescriptorPool.new | |
| pool.build do | |
| add_message 'ProtoMsg' do | |
| repeated :msg_string, :string, 1 | |
| end | |
| end | |
| ProtoMsg = pool.lookup('ProtoMsg').msgclass |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'benchmark' | |
| require 'google/protobuf' | |
| pool = Google::Protobuf::DescriptorPool.new | |
| pool.build do | |
| add_message "TestMessage" do | |
| optional :optional_int32, :int32, 1 | |
| optional :optional_int64, :int64, 2 | |
| optional :optional_uint32, :uint32, 3 | |
| optional :optional_uint64, :uint64, 4 |
NewerOlder