How to follow good practices, even with Bash!

Source: Shell Scripts Matter

Source: Google Cloud Platform Blog: A simple approach to PCI DSS compliance for Google Cloud Platform

Source: importing an existing x509 certificate and private key in Java keystore to use in ssl – Stack Overflow

Source: go – How to specify positional arguments with the flag package in Golang? – Stack Overflow

Source: ssh – Why does my OpenSSH key fingerprint not match the AWS EC2 console keypair fingerprint? – Server Fault

This page shows you how you can create a Nagios plugin to check how much bandwidth the server is currently using. In order to do this, we will use the tool vnstat. This tools offers the functionality to check how much bandwidth you use over the last 5 seconds.

Source: Nagios plugin to check the currently used bandwidth | Vanstechelman.eu

Source: proxy: cluster file overrides environment settings · Issue #4015 · coreos/etcd · GitHub

Mit Google Groups können Sie Online-Foren und E-Mail-basierte Gruppen erstellen, sich daran beteiligen und interessante Diskussionen mit anderen Mitgliedern führen.

Source: Getting started guide for using CERT authentication in scripts–Google Groups

This post will go over how to use HashiCorp’s Vault with HashiCorp’s Consul as a backendin a multiple datacenter arrangement. This post …

Source: Replicating Hashicorp Vault in a Multi-DataCenter Setup – SysAdmin’s Journey

Mit Google Groups können Sie Online-Foren und E-Mail-basierte Gruppen erstellen, sich daran beteiligen und interessante Diskussionen mit anderen Mitgliedern führen.

Source: Multi-DC vault architecture–Google Groups

Source: Smart-card logon for OS X (part I) | Random Oracle

Für WordPress gibt es verschiedene Plugins, über die sich ein Blog mit dem Yubikey absichern lässt. Eine Möglichkeit ist, die Authentifizierung via Yubikey OTP, die Yubico Server und dieses WordPress Plugin abzuwickeln. Der Vorteil: Yubikey OTPs funktionieren auf jedem Rechner, der eine USB-Schnittstelle hat, weil der Yubikey in diesem Fall nur eine Tastatur simuliert. Nach …

Source: WordPress mit FIDO U2F / Yubikey absichern

Source: YubiKey PIV introduction

From the previous posts, I have analysed 4 different Docker multi-host network solutions – Calico, Flannel, Weave and Docker Overlay Network. You can see more details on how to install, config and tun

Source: Battlefield: Calico, Flannel, Weave and Docker Overlay Network | Arthur Chunqi Li’s Blog

vim-galore – Everything you need to know about Vim.

Source: mhinz/vim-galore

I would like to explore using gpg keys to encrypt the keys but the documentation is fairly vague on how to do this.

Source: Document the procedure to use gpg keys with vault init. · Issue #682 · hashicorp/vault

Source: christoomey/vim-tmux-runner

Source: climagic Matrix Effect

Source: GoogleCloudPlatform/fluentd-catch-all-config

It’s been a while when we announced move of atomic-reactor under Project Atomic.Since the name is so cryptic, one could wonder about the purpose of the tool. Let’s go through a simple example…What problem is atomic-reactor trying to solve?Imagine Bob, a software engineer who would like to ship company’s products as containers. Bob’s company has already pretty complex infrastructure with build system, source code management, product deployment and delivery.So Bob starts the work on integrating docker into company’s infrastructure.Bob knows it’s so easy to build a docker image:$ docker build –tag=product-X .

Source: Introducing Atomic Reactor — Project Atomic

Source: Kubernetes and AWS VPC Peering – Ben Straub

None

Source: The spec Schema – Container Engine — Google Cloud Platform

Source: Fix kubectl for namespaced users by mkulke · Pull Request #13667 · kubernetes/kubernetes

http://mesos.apache.org/documentation/latest/configuration/

Source: Marathon: Running Docker Containers on Marathon

I often get bug reports from users asking why can’t I use docker as a non root user, by default?Docker has the ability to change the group ownership of the /run/docker.socket to have group permission of 660, with the group ownership the docker group. This would allow users added to the docker group to be able to run docker containers without having to execute sudo or su to become root. Sounds great…

Source: Why we don’t let non-root users run Docker in CentOS, Fedora, or RHEL — Project Atomic

https://www.freebsdfoundation.org/journal/articles/vol2_no4_groupon.pdf

Source: F5 LoadBalancer · Issue #12 · kubernetes/contrib

Atari Teenage Riot is a collective of musicians who program their music on an Atari 1040ST computer from the 80ties. Their music is always political, based on the poem “Riotsounds Produce Riots” by William S. Burroughs.

Source: Atari Teenage Riot

Source: I have a bash-tab-completion script. Is there a simple way to use it from zsh? – Stack Overflow

Making Debian Docker Images Smaller

Source: Making Debian Docker Images Smaller : Dave Beckett’s blog

Source: Creating Docker Images for REMnux – REMnux Docs

Source: Guidance for Docker Image Authors — Project Atomic

With the advent of the ‘micro-services’ architecture and the evolving trend for using Docker, monolithic applications are being broken up into smaller and independent services. The idea is to keep the services small so that small groups of developers can work on them, upgrade or patch them quickly, and build & release them continuously. Although …

Source: Monitoring Docker services with Prometheus

https://github.com/openshift/origin/pull/2940

http://redsymbol.net/articles/unofficial-bash-strict-mode/

Source: Getting errors when attempting token authentication from kubelet · Issue #10297 · GoogleCloudPlatform/kubernetes

kubernetes – Container Cluster Manager from Google

Source: kubernetes/server.go at master · GoogleCloudPlatform/kubernetes

I deployed apiserver on master node (core01) with following conf:core01> /opt/bin/kube-apiserver \ –insecure_bind_address=127.0.0.1 \ –insecure_port=8080 \ –kubelet_port=10250 \

Source: kubernetes – How to let kubelet communicate with apiserver by using HTTPS? v0.19 – Stack Overflow

http://www.elastic.io/blog/VazmASkAACkDxZBU/log-agregation-for-docker-containers-in-mesos–marathon-cluster

Boston, Massachusetts (July 23, 2015) – Logentries, the leading provider of log management and analytics built for the cloud, today launched a comprehensive logging container for Docker, providing complete visibility across containerized environments, including container logs, container-level stats, Docker API events and host-level activity. Docker customers can now collect and correlate a comprehensive set of… Read more »

Source: Logentries Launches All-inclusive Monitoring of Docker Environments Using Advanced Logging Container – Log Management Made Easy | Logentries

https://github.com/GoogleCloudPlatform/kubernetes/pull/11679

https://botbot.me/freenode/google-containers/

Documentation and guides for using etcd for service discovery, distributed locking, cluster consensus, and more.

Source: Documentation

CoreOS creates and maintains open source projects for Linux Containers.

Source: Clustering Guide

Source: Setting up a secure etcd cluster | LordElph’s Ramblings

Source: Running Kubernetes on Debian

Hi, I’m just starting to covert from using CSV files and extlookup to Hiera and ran into a small snag. In my manifest I have two lookups for a regular string and an array. $cassandrasvr = hiera(“cassandrasvr”), $cassandraport = hiera(“cassandraport”), And my YAML file contains: cassandraport: ‘9160’ cassandrasvr: – cass1.abc.com – cass2.abc.com – cass3.abc.com – cass4.abc.com – cass1.xyz.com – cass2.xyz.com In my ERB template, I have the following which will print out the contents of the array, separated by a comma (except the last value). cassandrasvr= And the output is this … (more)

Source: Joining array from Hiera+concat other value in erb? – Ask PuppetLabs: Puppet DevOps Q&A Community

Source: Scaling To Infinity with Docker Swarm, Docker Compose and Consul (Part 4/4) – Scaling Individual Services | Technology

Hi, I need to be able to generate following content of the file (for zookeeper installation): server.1=$zk.server1.full.hostname:2888:3888 server.2=$zk.server2.full.hostname:2888:3888 server.3=$zk.server3.full.hostname:2888:3888 when I have an array of server hostnames (example shows # of servers = 3). I tried something like following: server. =:2888:3888 That seems not correct as and I am struggling with getting an array index (need to start from 1). The point here is that the list of servers will be variable so I … (more)

Source: How to get an array index in erb template – Ask PuppetLabs: Puppet DevOps Q&A Community

Source: A Wealth Of Ruby Loops And Iterators

this works also:

a bit over securing consul

Source: Olivier Mauras

Source: Vault by HashiCorp

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!