Skip to content

Instantly share code, notes, and snippets.

View darkwise's full-sized avatar

Zied ABID darkwise

22 followers · 18 following
View GitHub Profile
@mhausenblas
mhausenblas / README.md
Created August 27, 2017 08:36
Doing Kubernetes The Hard Way, A Walkthrough
@cantbewong
cantbewong / Install-Kubernetes-baremetal.md
Last active April 29, 2018 08:03

How to install Kubernetes on bare metal

This was written for Kubernetes 1.6

Assume 4 physical nodes, or VMs, that will be used with ScaleIO storage

  • All nodes have 2 CPU cores, 2GB memory, 64GB of disk storage. Hardware or VM type needs to support CentOS 7.3.
    • this is a marginal memory allocation for the master, so go up to 4GB on the master if you can.
  • Assume a single NIC each, All on a common subnet - though other configurations
@mgoodness
mgoodness / helm-rbac.md
Last active October 30, 2021 17:04
Helm RBAC setup for K8s v1.6+ (tested on minikube) 
kubectl -n kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller
@nknapp
nknapp / Dockerfile
Created October 30, 2016 20:15
Traefik setup as reverse-proxy with docker and letsencrypt
FROM traefik:camembert
ADD traefik.toml .
EXPOSE 80
EXPOSE 8080
EXPOSE 443
@xrstf
xrstf / letsencrypt.md
Last active October 30, 2024 07:03
Let's Encrypt on Ubuntu 14.04, nginx with webroot auth

Let's Encrypt on Ubuntu 14.04, nginx with webroot auth

This document details how I setup LE on my server. Firstly, install the client as described on http://letsencrypt.readthedocs.org/en/latest/using.html and make sure you can execute it. I put it in /root/letsencrypt.

As it is not possible to change the ports used for the standalone authenticator and I already have a nginx running on port 80/443, I opted to use the webroot method for each of my domains (note that LE does not issue wildcard certificates by design, so you probably want to get a cert for www.example.com and example.com).

Configuration

For this, I placed config files into etc/letsencrypt/configs, named after <domain>.conf. The files are simple:

@julianlam
julianlam / provisioning-unprivileged-lxc-containers-via-login-or-script.md
Last active September 7, 2023 12:45
Provisioning and usage of unprivileged LXC containers via indirect login or script #blog

Provisioning and usage of unprivileged LXC containers via indirect login or script

As I've discovered, managing LXC containers is fairly straightforward, but when building out a system for provisioning out user maintained instances of NodeBB, it was imperative that unprivileged LXC containers were used, so that in the event of shell breakout from NodeBB followed by privilege escalation of the saas user, the root user in the LXC container would only be an unprivileged user on the host machine.

During the course of development, I ran into numerous blockers when it came to managing LXC containers in unexpected circumstances. Namely:

  • Using LXC in a subshell is not directly supported. This usually happens under one of the following two circumstances:
    • After switching users via su or executing lxc-* commands as another user via sudo
    • Executing lxc-* commands via a program, application, or script. In my case, a Node.js application.
@theprogrammerin
theprogrammerin / slowquery_logger.sh
Created November 26, 2014 09:31
Bash script to fetch the log for that hour from Amazon RDS and push it to ElasticSearch / Kibana
#!/bin/bash
#
# Ashutosh Agrawal
# http://blog.theprogrammer.in
#
#
# This bash script simply fetches the log for that hour from Amazon RDS,
# parse and genarlise it using mysql_slow_log_parser (https://gist.github.com/theprogrammerin/e3206a4ec7a7a4086ac2)
# and then push the parsed log to elastic search using logstash (slowquery.conf)(https://gist.github.com/theprogrammerin/034a3efd849112d166ea)
# For analysis on analytic tool like kibana.
@theprogrammerin
theprogrammerin / mysql_slow_log_parser
Last active May 2, 2019 14:37
Mysql slow query [file] log parser. It combines multi line log into a single line. Also adds a generalised query be replacing query data with 'XXX' which can then be used to identify the slow query pattern.
#!/usr/bin/perl
#
# Ashutosh Agrawal
# http://blog.theprogrammer.in
#
# 2014-11-20 v1.0
#
# This script is modified version of SQL parser written by
#
# Nathanial Hendler
@ashrithr
ashrithr / elk_puppet.md
Created September 15, 2014 08:59
Installing & Configuring logstash, elasticsearch, logstash-forwarder using Puppet

Install puppet server and clients

Puppet Server

curl -s https://raw.githubusercontent.com/cloudwicklabs/scripts/master/puppet_install.sh | bash /dev/stdin -s -a -v

Puppet Client

@dcalacci
dcalacci / README.md
Created November 7, 2012 07:15 — forked from agnoster/README.md
My ZSH Theme

agnoster-light.zsh-theme

My own fork of agnoster, optimized for a terminal that uses the solarized-light colorscheme.

A ZSH theme optimized for people who use:

  • Solarized
  • Git
  • Unicode-compatible fonts and terminals (I use iTerm2 + Menlo)