27 Feb 2018
Depending on how you deployed a Kubernetes cluster, you may or may not have a service account with cluster-admin rights. These steps will create one. (Note: this is not necessarily what you should do in a production deployment)
Create the service account
kubectl create serviceaccount myroot
output
serviceaccount "myroot" created
Create the role binding
kubectl create clusterrolebinding myroot-cluster-admin --clusterrole=cluster-admin --serviceaccount=default:myroot
output
clusterrolebinding "myroot-cluster-admin" created
Describe the service account to find the token ID
kubectl describe serviceaccount myroot
output
Name: myroot
Namespace: default
Labels: <none>
Annotations: <none>
Image pull secrets: <none>
Mountable secrets: myroot-token-dzqvn
Tokens: myroot-token-dzqvn
Events: <none>
Get the token secret
kubectl describe secret myroot-token-dzqvn
output
Name: myroot-token-dzqvn
Namespace: default
Labels: <none>
Annotations: kubernetes.io/service-account.name=myroot
kubernetes.io/service-account.uid=37bd952c-1b8e-11e8-9faa-005056bf340f
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 7 bytes
token: <TOKEN>
04 Feb 2018
Pipenv is a great new way to manage virtual environments without needing to use pip and virtualenv seperately.
To start a new pipenv in the current directory (using python 3.x):
To install packages within the new virtual environment:
To activate the virtual environment:
01 Feb 2018
For years I have been manually adding my SSH public keys to the ~/.ssh/authorized_keys file (like an animal) on systems that I SSH into.
It turns out that there’s an automated way to do this - ssh-copy-id.
In the simplest case, just running:
will install either the newest public key in your ~/.ssh/ directory or (if you are using the ssh-agent) it will install all of the keys returned by ssh-add -L.
So, if you want to be picky about which key(s) get installed you can either touch the public key file you want to use, or only have in ssh-agent the key(s) you want to install - e.g.:
# Delete any existing keys in the ssh-agent
ssh-add -D
# Add the key we want to use to the ssh-agent
ssh-add ~/.ssh/id_ed25519
# Copy the public keys to the remote host
ssh-copy-id <host>
(A pleasant side effect of using this is that I should never need to type the American spelling of “authorised” again)
25 Jan 2018
There are many ways to format strings in Python but as of version 3.6, f-strings offer a very simple and clean method for interpolating string literals:
>>> pi=3.14159
>>> print(f'pi is {pi}')
pi is 3.14159
Just as with str.format(), format specifiers may be used. For example:
>>> print(f'pi is {pi:.2f}')
pi is 3.14
Expressions between braces are evaluated too:
>>> print(f'pi squared is {pi ** 2}')
pi squared is 9.869587728099999
For more information and examples, see PEP 498
16 Jan 2018
An easy (and much nicer than using ProxyCommand and/or ForwardAgent) way to “proxy” or “jump” through a bastion host to a private host. In ~/.ssh/config:
Host private_host
ProxyJump bastion_host
Or on the command line:
ssh -J bastion_host private_host