Posts by Brent Cetinich
Native K8s Sidecar Containers with gluetun
- 18 June 2024
I tried to use the new Kubernetes native
Sidecar Containers
introduced since v1.29. The initContainers
and pod were stuck in
PodInitializing
state and the other containers were not starting up.
External-DNS Policy flag
- 18 June 2024
The behavior of the external-dns --policy
flag is not documented in the
external-dns docs. After looking at the code and experimentation the flags work
like this:
Cert-manager can’t find route53 secret
- 18 June 2024
It seems I did something to delete the original cert-manager Route53 secret, renewals and new certs failed with this error:
Opensearch failed to obtain node locks error
- 02 January 2024
My cluster would not start up after killing the containers using the force
,
which means elasticsearch / opensearch did not get a chance to cleanly shutdown
and remove the lock files. The error looks like this:
Comso Synaptic Theory
- 02 January 2024
I sometimes think of humanity and myself as creatures floating in space, trying to understand our physical cage with science, math and physics. Then I begin to compare our struggle to unravel the mystery of the universe to an ant who has been asked to prove the earth is round, struggling to perceive the true nature of its own physical cage (does the ant even need be asked, perhaps they are thinking about this all the time).
Make Search Great Again!
- 10 June 2023
Internet search is basically useless now, I heard it described as “no longer a search engine, but an add serving platform”. The search results have deteriorated to the point where it is even worse than an add platform it is now just a market place.
Chilli Crab Recipe 🌶️🦀
- 18 November 2022
It is more complicated to eat chilli crab than to cook it. This is an easy recipe. Prepare the chilli paste earlier (take about 30 mins). When you are ready to eat, it only takes 10 minutes to cook.
Philips HF3520
- 16 October 2022
My HF3520 had a mainboard failure and my attempts to repair it also failed. I have salvaged some of the components. Trying to save the environment by keeping them out of landfill in the hope someone else needs the parts
Dell WD19TB screen flashing with M1 Mac
- 10 July 2022
New 2022 M1 Macbook external display flickers when plugged into the Dell WD19TB docking station.
Download page including assets loaded at runtime
- 06 February 2022
curl and wget can be used to archive a site but even with the most exotic command line switches they will omit dynamically loaded assets pulled via javascript during run time. curl and wget will not follow them and the site will not work for later offline viewing. To download all the assets including dynamically loaded data we can generate a HAR file from the developer tools view in chrome.
Arch Linux on X1 Carbon 6th Gen
- 10 January 2022
This is a bunch of random notes on installing Arch Linux on a ThinkPad X1 Carbon 6th Gen.
Pagerduty Cloudwatch integration
- 09 January 2022
It is possible to send your own custom payload to the Pagerduty Cloudwatch integration from a Lambda (instead of via a Cloudwatch alarm). Pagerduty does not document the internals but if you publish a custom message to the SNS topic that you have a HTTPS subscription to Pager duty following these simple rules you will see the event in Pagerduty.
Send payload to AWS Lambda from Cloudwatch scheduled event
- 01 January 2022
How to send payload to AWS Lambda from Cloudwatch scheduled event.
The Foolproof Scones
- 15 December 2021
These scones take max 30 mins to prep and cook and are very simple and enjoyable.
M5 Paper e-ink Calculator
- 27 November 2021
I added an M5 Paper to my collection of dev boards and decided to make a basic calculator to teach my son to count. Since he is only a few months old he mostly uses it as an expensive teething device.
Demystifying AWS IAM Policies: Unraveling De Morgan’s Laws and S3 Buckets Policy
- 12 September 2021
As of September 2021 You will now get error messages that detail the source of a IAM access block for the following policy types:
Trust on Cloud AWS S3 Threat Model
- 29 August 2021
Trust on Cloud have open sourced their AWS S3 threat model, this release is a great tool to make sense of the “shared responsibility model” and what “responsibility” means for AWS customers.
Monitoring VPN / Direct Connect Connectivity
- 18 July 2021
In an on premise network it is typical to do some type of topology discovery via the MIB-II SNMP tables of all your network gear and then use ICMP to ping each of the discovered routers or switches respective management interfaces to validate connectivity and contribute to intelligence when parts of the network go dark and speed up root cause analysis.
TLS/SSL Certificate Authority (CA) Trust store verification
- 31 January 2021
The CA trust store is how a TLS client establish trust with the servers offered certificates. Curl uses openssl and Python uses its own store (like Java). The store on my system is located here:
Running Amazon Linux 2 on prem on VMware
- 10 January 2021
There is no default ec2-user or root password set for the Amazon Linux 2 ova. You must use cloud-init via it’s nocloud datasource
Error: The maximum number of rules per security group has been reached
- 06 January 2021
How to deal with the error: “The maximum number of rules per security group has been reached.”
AWS API Gateway notes
- 01 January 2021
How to make a private REST API using AWS API Gateway that is only accessible from inside a VPC.
Stringer Self Hosted RSS Reader
- 27 December 2020
My setup is using the docker compose file and a local build of the docker image
(since docker hub image is years old). Here is a dark theme (solarized) for the
CSS. Just paste this over your stringer/app/assets/stylesheets/application.css
file. I did not spend much time on it but it looks good enough for my taste.
The Perfect Neapolitan Pizza
- 13 December 2020
In Italy a society; Associazione Verace Pizza Napoletana makes the rules when it comes to every aspect of the Naples pizza and they describe the rules of a Naples pizza in extreme technical detail here this is a great read if you are a pizza nerd and it details the exact procedure to cook a perfect Napoletana pizza.
AWS Sagegemaker Jupyter Notebook
- 06 December 2020
I wanted to upgrade the version of pandas that comes with AWS Sagemaker Notebook to > 1.1 because this simplify handling of group by with null or NaN values.
The Best Garlic Chilli Prawns 🌶🍤
- 24 November 2020
These are mediterranean style garlic chilli prawns, normally I double the garlic and chilli for this recipe and the oil is so good to dip with warm fresh crusty bread.
OSS logstash with AWS Opendistro for Elasticsearch
- 22 November 2020
To get logstash talking to the Open Distro Elasticsearch the first thing that should be understood is that open distro only works with the OSS (Apache 2.0 Licensed) edition of the Elastic tools and not the Elastic licensed edition (Xpack).
Intercept HTTP/HTTPS TLS traffic
- 22 November 2020
Use open source project mitmproxy and have visibility into what iOS apps (or anything else) are sending back to their mother ship.
Moved blog to alabaster with Sphinx
- 21 November 2020
Mostly notes to self on how to deploy and architecture / setup. Inspired by https://github.com/vincentbernat/vincent.bernat.ch
SES Email client for S3
- 19 November 2020
You can conveniently browse the SES mail in S3 using this tool
Logstash ingestion of AWS billing customer usage reports
- 15 November 2020
To get the CUR reports into elastic search:
Kubernetes tips
- 08 November 2020
The problem is solved by removing the leading slash after the podname colon separator:
IAM resource based policy implicit allow
- 28 January 2020
Resource policy are typically used to allow cross account access for resources where it is supported some of which include:
AWS Boto KeyError endpoint_resolver in session.py when using multithreading
- 14 January 2020
When using multithreading in Python with AWS boto to get a session I was randomly hitting this error:
Route 53 Associate multiple private hosted zones with same name
- 10 January 2020
Can I associate multiple private hosted zones with the same domain name to the same VPC?
CloudTrail and VPC Endpoints Logging
- 10 January 2020
Today I learnt that AWS CloudTrail does not log requests that are denied by VPC endpoint policy. The reason for this is that it would allow an attacker to exfiltrate data via CloudTrail and the VPC endpoint outside of the VPC! (For example by sending lots of requests with data you want to extract in the request fields)
Expose WSL2 To LAN
- 30 November 2019
I need to connect to my WSL2 container from other machines on the
network over SSH: My container is assigned 172.24.208.2
and I will map
5022 to 22 on the host.
Cloudformation: Provided Load Balancers may not be valid. Please ensure they exist and try again
- 17 April 2018
Spent too much time troubleshooting the following error but I happy to find the solution for this error:
Empty the clipboard as keystrokes with AutoHotKey (Windows)
- 01 January 2018
This is an AutoHotKey script for pasting the clipboard contents by simulating hardware keystrokes. It also fixes stuck keys such as control and shift keys after the shortcut runs which are useful when pasting into a KVM, VMware console, RDP or Citrix session where latency is high or clipboard support doesn’t exist.
postfix/smtp[5600]: fatal: valid hostname or network address required in server description
- 25 October 2017
Getting the error:
Introducing X-ENI or Cross Account ENI
- 24 October 2017
Stumbled on an interesting new feature based on a commit in the AWS .net SDK which may have been released early.
TQFP-48 Breakout AKA NO. SA248 XELTEK Pinout
- 21 October 2017
I am working on a project with the STM32F103C8 and I not using a dev board but rather a breakout board called SMT Test Socket TQFP-48 Breakout AKA NO. SA248 XELTEK
Tomu Send Keyboard on capacitive sense touch
- 03 June 2017
Tomu is a USB chip with capacitive sense buttons that fits inside a USB port and has a ARM EFM32HG309 MCU and a few LEDs inside.
Python quick dirty ping scan subnet
- 05 March 2017
This script will automatically ping scan the subnet your host is connected to. To do this it does the following:
Tourists went off road, stranded overnight in Kruger park encounter Leopards
- 29 August 2016
Here is a true story about our safari trip in South Africa and our harrowing encounter with leopards and hyenas, as we narrowly escaped death in the long grass.
Proxyify application that does not support proxy
- 01 February 2016
I have a legacy application that needs to connect over a proxy such as
squid or HAProxy to a service on the internet. In other words I want to
use netcat
(nc) or something similar to proxy traffic through a proxy
using the proxy protocol (or CONNECT method).
Error when checking or applying host profile compliance “coredump partition”
- 13 May 2015
The following error message occurs when you either
EMC VNX CLARiiON hacking MLUCLI
- 20 February 2015
I stumbled upon on an Ebay bargain I could not resist, thankfully my old boss and good friend Wilhelm kindly allowed me to purchase a VNX 7600 with all the drives, and run the monster in a closet in our office! W.W also let me spend some time exploring the internals of the VNX. The original owner shuffled all the drives around including the sacred first 5 drives that contain the FLARE OS rendering it useless.
LiPo Charging Hack
- 01 October 2013
When trying to charge a LiPo that had been drained to 0 voltage I was getting an error:
Make an 8 bit adder out of relays
- 27 April 2013
I want to build a relay based 8 bit adder for fun, kind of like a puzzle or playing chess to exercise a different way of thinking. Also the clacking of the relay is quite soothing.
How to check MTU with ping on ESX (or any OS)
- 14 February 2012
Just keep decreasing the packet size with -s
flag on the ping
command:
2147943712 Task Scheduler
- 20 September 2011
When trying to get the Task Scheduler to run regardless of if a user is logged on or not.
Make any Windows window transparent
- 13 March 2011
Everything displayed in the Windows user session is ultimately controlled by the Windows GDI Any everything displayed in a users session must run as that user (without modifying kernel or display drivers). Python provides a convenient API to control GDI.
Failover Cluster add disk fails on Windows
- 30 April 2010
When trying to add a new cluster disk in a Failover Cluster the following error comes up in the report.