import (
_ "net/http/pprof"
"net/http"
)
# Apply this file | |
# Get a bash prompt in the container with: kubectl exec -it pod/ubuntu-test-nfs -- /bin/bash | |
# Navigate to /nfs directory | |
# Create some files and confirm everything is as expected on the NFS Server | |
# | |
apiVersion: v1 | |
kind: PersistentVolumeClaim | |
metadata: | |
name: test-nfs-provisioner | |
namespace: default |
Create file /etc/systemd/system/docker-compose@.service
. SystemD calling binaries using an absolute path. In my case is prefixed by /usr/local/bin
, you should use paths specific for your environment.
[Unit]
Description=%i service with docker compose
PartOf=docker.service
After=docker.service
Although not explicitly stated, DNS resolution appears to be taken into consideration as part of the overall http.Client.Timeout
setting. If you need to set your own DNS timeout, then it seems https://github.com/miekg/dns is a popular solution.
Additionally, it's important to realise how golang resolves hostnames to IPs (i.e. DNS resolution):
https://golang.org/pkg/net/#hdr-Name_Resolution
When cross-compiling binaries you'll find that CGO is typically disabled in favour of the native Go resolver. You can enforce CGO or native like so:
# download this file to your project folder and excute | |
# chmod +x generate-ios.sh | |
# then run using | |
# ./generate-ios.sh | |
# flutter build defaults to --release | |
flutter build ios | |
# make folder, add .app then zip it and rename it to .ipa | |
mkdir -p Payload |
oc patch clusterversion/version --type='merge' -p "$(cat <<- EOF | |
spec: | |
overrides: | |
- group: apps/v1 | |
kind: Deployment | |
name: cluster-monitoring-operator | |
namespace: openshift-monitoring | |
unmanaged: true | |
EOF | |
)" |
#!/bin/sh | |
#=================================================================================== | |
# | |
# FILE: dump.sh | |
# USAGE: dump.sh [-i interface] [tcpdump-parameters] | |
# DESCRIPTION: tcpdump on any interface and add the prefix [Interace:xy] in front of the dump data. | |
# OPTIONS: same as tcpdump | |
# REQUIREMENTS: tcpdump, sed, ifconfig, kill, awk, grep, posix regex matching | |
# BUGS: --- | |
# FIXED: - In 1.0 The parameter -w would not work without -i parameter as multiple tcpdumps are started. |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: trusted-ca | |
namespace: kube-system | |
data: | |
ca.crt: |+ | |
-----BEGIN CERTIFICATE----- | |
MIIFkTCCA3mgAwIBAgIUCXaMcLg8teiGZ7o0dIQRIOdHEA8wDQYJKoZIhvcNAQEL | |
BQAweDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA04vQTEMMAoGA1UEBwwDTi9BMSAw |
Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).
This works for http upstream servers, but also for other protocols, that can be secured with TLS.
- at least nginx 1.15.9 to use variables in ssl_certificate and ssl_certificate_key.
- check
nginx -V
for the following:... TLS SNI support enabled
(Assuming a Debian 8-like system)
-
Install
prometheus-node-exporter
$ sudo apt update && sudo apt install prometheus-node-exporter
-
Configure
prometheus-node-exporter
to expose metrics only tolocalhost
, not on to all networks. Modify file/etc/default/prometheus-node-exporter
:# Set the command-line arguments to pass to the server.