Categories
docker

Docker: PostgreSQL

https://hub.docker.com/_/postgres Download docker pull postgres Create Option 1 – docker run docker run -d \ –name postgres-itsmetommy \ -e POSTGRES_PASSWORD=12345 \ -p 5432:5432 \ postgres Option 2 – docker-compose cat <<EOF > docker-compose.yml version: ‘3’services: postgres: image: postgres environment: POSTGRES_PASSWORD: “12345” ports: – “5432:5432” container_name: postgres-itsmetommy EOF Create. docker-compose up -d Logs. docker-compose logs -f […]

Categories
gcp Kubernetes

Install Halyard & Spinnaker on GKE

Create IAM Service Account https://www.spinnaker.io/setup/quickstart/halyard-gke-deploy-rbac/#part-2-add-service-account-to-gcp Spinnaker will use this IAM Service Account to access Google Cloud Storage (GCS) (storage.admin). export SERVICE_ACCOUNT_NAME=spinnaker-itsmetommy-saexport SERVICE_ACCOUNT_FILE=spinnaker-itsmetommy-sa.json export SERVICE_ACCOUNT_DISPLAY_NAME=”Spinnaker Account”export PROJECT=$(gcloud info –format=’value(config.project)’)gcloud –project ${PROJECT} iam service-accounts create \ ${SERVICE_ACCOUNT_NAME} \ –display-name ${SERVICE_ACCOUNT_DISPLAY_NAME} sleep 10 SA_EMAIL=$(gcloud iam service-accounts list \ –project=${PROJECT} \ –filter=”email ~ ${SERVICE_ACCOUNT_NAME}” \ –format=’value(email)’)gcloud –project ${PROJECT} projects […]

Categories
AWS

Using multi-factor authentication (MFA) in AWS

https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/ I will go over setting up multiple AWS profiles using MFA. Create your Access key. Add account(s) This will update ~/.aws/credentials. It will create 3 profiles. aws configure –profile account1-default aws configure –profile account2-default aws configure –profile account3-default Example aws configure –profile account1-default AWS Access Key ID [None]: XXXXX # Updates ~/.aws/credentials AWS Secret Access Key [None]: […]

Categories
gcp General Kubernetes

Kubernetes: Using GKE Workload Identity

https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity https://cloud.google.com/blog/products/containers-kubernetes/introducing-workload-identity-better-authentication-for-your-gke-applications For this example, I will be setting up access to Google Secrets Manager. Setup Environment Variables PROJECT_ID = Google Project ID GSA_NAME = Google IAM Service Account K8S_NAMESPACE = Kubernetes namespace KSA_NAME = Kubernetes Service Account export PROJECT_ID=[YOUR_PROJECT_ID] export GSA_NAME=sonic-itsmetommy export K8S_NAMESPACE=itsmetommy export KSA_NAME=sonic Create Kubernetes Service Account kubectl create serviceaccount ${KSA_NAME} -n ${K8S_NAMESPACE} […]

Categories
gcp JFrog Kubernetes

Kubernetes: Migrate Local Storage to Google Cloud Storage Bucket

I ran into an issue where having a local disk wasn’t the best solution and decided it was time to migrate to a Google Cloud Storage Bucket. This particular situation has to do with Artifactory where I was using a PersistentVolume (gcePersistentDisk) and now wanted to use a storage bucket (the right way). I had […]