Nik Skoufis Niksko
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- openssl s_client -alpn ist | |
| io -connect httpbin:8000/headers -key /etc/certs/key.pem -cert /etc/certs/cert-chain.pem -CAfile /etc/certs/root-cert.pem | |
| depth=1 O = cluster.local | |
| verify return:1 | |
| depth=0 | |
| verify return:1 | |
| DONE | |
| CONNECTED(00000003) | |
| --- | |
| Certificate chain |
Niksko
/ mtls-openssl-http.txt
Last active
June 12, 2019 03:13
Istio mTLS snippets - openssl ALPN http/1.1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ kubectl exec $(kubectl get pod -l app=sleep -o jsonpath={.items..metadata.name}) -c istio-proxy -- openssl s_client -alpn http | |
| /1.1 -connect httpbin:8000/headers -key /etc/certs/key.pem -cert /etc/certs/cert-chain.pem -CAfile /etc/certs/root-cert.pem | |
| 140223038092952:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177: | |
| CONNECTED(00000003) | |
| --- | |
| no peer certificate available | |
| --- | |
| No client certificate CA names sent | |
| --- |
Niksko
/ istio-destination-rule.yaml
Created
June 5, 2019 06:13
Istio mTLS snippets - destination rule
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: DestinationRule | |
| metadata: | |
| name: baz | |
| namespace: bar | |
| spec: | |
| host: baz.bar.svc.cluster.local | |
| trafficPolicy: | |
| tls: | |
| mode: ISTIO_MUTUAL |
Niksko
/ istio-tls-check.txt
Last active
June 5, 2019 05:59
Istio mTLS snippets - istioctl auth tls-check output
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ istioctl authn tls-check somepod-123456-abcdef | |
| HOST:PORT STATUS SERVER CLIENT AUTHN POLICY DESTINATION RULE | |
| foo.bar.svc.cluster.local:8000 CONFLICT mTLS HTTP default/ - |
Niksko
/ istio-policy-targeted.yaml
Created
June 5, 2019 05:50
Istio mTLS snippets - targeted policy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: authentication.istio.io/v1alpha1 | |
| kind: Policy | |
| metadata: | |
| name: foo-policy | |
| namespace: bar | |
| spec: | |
| targets: | |
| - name: foo | |
| peers: | |
| - mtls: |
Niksko
/ default-mesh-policy.yaml
Last active
June 5, 2019 05:28
Istio mTLS snippets - default permissive mesh policy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "authentication.istio.io/v1alpha1" | |
| kind: "MeshPolicy" | |
| metadata: | |
| name: "default" | |
| spec: | |
| peers: | |
| - mtls: | |
| mode: PERMISSIVE |
Niksko
/ twitter-metric-remover.user.js
Last active
August 9, 2018 10:37
A user script to remove metrics from Twitter, as suggested by Joshua Topolsky
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Twitter Metric Remover | |
| // @namespace https://skouf.com/ | |
| // @version 0.2 | |
| // @description Removes all metrics from Twitter | |
| // @author Nik Skoufis | |
| // @match http*://*twitter.com/* | |
| // ==/UserScript== | |
| function addStyle(css) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module "bare-metal-skouf-home" { | |
| source = "git::https://github.com/Niksko/typhoon//bare-metal/container-linux/kubernetes?ref=ca8feb773b2000a68b567e67d29a7c5fb5a672df" | |
| providers = { | |
| local = "local.default" | |
| null = "null.default" | |
| template = "template.default" | |
| tls = "tls.default" | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var numberList = new List<int> { | |
| 10, | |
| 11, | |
| 20, | |
| 21, | |
| 22, | |
| 23 | |
| }; | |
| var numbersFromListGreaterThan21 = numberList.Count(x => x >= 21); |
Niksko
/ web.config.right.xml
Created
April 3, 2017 09:18
Correct method of including a name in a rolling file appender
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Namespace your logs at the file level | |
| <file value="logs\FooAPI" /> | |
| // Put a dot in the date pattern for easy to read filenames | |
| <datePattern value="'.'dd.MM.yyyy'.log'" /> |
NewerOlder