bookmark_border[mysql] reference

delete from network_flow; delete from discovered_policy;

select count(*) from discovered_policy where rule like '%CIDR%';
select count(*) from discovered_policy where status="latest";
select count(*) from discovered_policy where status="outdated";
select * from discovered_policy where status="outdated"\G
select * from discovered_policy where name="autopol-egress-vxitcdpetakyjtx"\G
select count(*) from discovered_policy where (rule not like '%FQDN%' and rule not like '%CIDR%');
select count(*) from network_flow;

desc network_flow;

select * from network_flow limit 1\G
select * from discovered_policy WHERE name="autopol-egress-mvoiglopbuopedk"\G
select * from discovered_policy WHERE name="autopol-egress-hgcmdflittqwlue"\G
select * from network_flow WHERE name=autopol-egress-hgcmdflittqwlue\G
select * from discovered_policy limit 1\G

SELECT * FROM network_flow ORDER BY id DESC LIMIT 1\G
SELECT time FROM network_flow ORDER BY id DESC\G
SELECT count(*) FROM network_flow where time >= 0 and time < 1607601663\G

bookmark_border[k8s] kubectl port-forward

The port-forward command, Forwards one (or more) local ports to a pod.

This command is very useful for example in blue/green deployments where you would want to troubleshoot a misbehaving pod.

To take things even further, you could even execute some preliminary tests to the pods you feel could be more error-prone right inside your CI/CD pipeline in Jenkins by using multiple conditions, declarative pipeline.

Usage examples:

Listen on port 8888 locally, forwarding to 5000 in the pod

kubectl port-forward pod/mypod 8888:5000

Listen on port 8888 on all addresses, forwarding to 5000 in the pod

kubectl port-forward --address 0.0.0.0 pod/mypod 8888:5000

Listen on a random port locally, forwarding to 5000 in the pod

kubectl port-forward pod/mypod :5000

Listen on port 8888 on localhost and selected IP, forwarding to 5000 in the pod

kubectl port-forward --address localhost,10.19.21.23 pod/mypod 8888:5000

Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in the pod

kubectl port-forward pod/mypod 5000 6000

Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in a pod selected by the deployment

kubectl port-forward deployment/mydeployment 5000 6000

Listen on ports 5000 and 6000 locally, forwarding data to/from ports 5000 and 6000 in a pod selected by the service

kubectl port-forward service/myservice 5000 6000

bookmark_border[cilium] dev setup on Ubuntu 18.04.5

! Power off vmware vitrual machine.
Go to “edit virtual machine settings”
Go to processors. There are three checkboxes there.
Check second checkbox (enable VT-x/AMD-V)
Power on machine.

1. bare metal vm

$ sudo apt-get update
$ sudo apt-get -y upgrade
$ sudo apt-get -y autoremove
$ sudo apt-get autoclean
$ sudo apt-get install -y build-essential

2. install virtualbox

$ wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
$ wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | sudo apt-key add -
$ sudo add-apt-repository "deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib"
$ sudo apt-get update
$ sudo apt-get install virtualbox-6.0

3. install vagrant

$ wget https://releases.hashicorp.com/vagrant/2.2.9/vagrant_2.2.9_x86_64.deb
$ sudo dpkg -i vagrant_2.2.9_x86_64.deb
$ sudo apt install nfs-kernel-server

4. git clone

$ git clone https://github.com/cilium/cilium.git

5. start vagrant

$ contrib/vagrant/start.sh
or
$ RUNTIME=containerd K8S=1 NWORKERS=1 contrib/vagrant/start.sh

if you see the error as below,

 "github.com/cilium/cilium/pkg/envoy.RequiredEnvoyVersionSHA=1177896bebde79915fe5f9092409bf0254084b4e" -X "github.com/cilium/cilium/pkg/datapath/loader.DatapathSHA=9a5b6a084b4265a833469d70b09adcdf055c3b0c" -extldflags -Wl,-soname,libcilium.so.1' -tags=osusergo,lockdebug  -o libcilium.so.1 -buildmode=c-shared
    runtime1: go: RLock /home/vagrant/go/src/github.com/cilium/cilium/go.mod: no locks available
    runtime1: Makefile:15: recipe for target 'libcilium.so' failed
    runtime1: make[1]: Leaving directory '/home/vagrant/go/src/github.com/cilium/cilium/proxylib'
    runtime1: make[1]: *** [libcilium.so] Error 1
    runtime1: Makefile:135: recipe for target 'proxylib' failed
    runtime1: make: *** [proxylib] Error 2
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
$ sudo systemctl enable rpc-statd  # Enable statd on boot
$ sudo systemctl start rpc-statd  # Start statd for the current session