Skip to content

Instantly share code, notes, and snippets.

View rkoster's full-sized avatar

Ruben Koster rkoster

82 followers · 127 following
  • Rabobank
  • Netherlands
View GitHub Profile
@rkoster
rkoster / README.md
Last active February 11, 2026 08:50
Diego: Full mTLS for App-to-App Traffic - Current State and Implementation Plan

Diego: Full mTLS for App-to-App Traffic

Executive Summary

This document describes the current state of Envoy proxy integration in Diego and outlines what would be needed to implement full mutual TLS (mTLS) for container-to-container (C2C) traffic, enabling apps to both authenticate themselves and verify the identity of connecting apps.

The proposed approach introduces a new HTTP-based listener on port 62443 that runs alongside the existing TCP-based C2C port (61443), providing a dual opt-in model for both operators and app authors.

@rkoster
rkoster / .envrc
Created November 6, 2020 18:59
Direnv nix config files for installing specific version on the fly cli when entering project dir.
use nix
@rkoster
rkoster / gist:f5cdab0c5955a149b9b5df669b3437c5
Last active September 15, 2020 13:15
Comparison between ixgbevf shipped with linux-aws and intel: https://sourceforge.net/projects/e1000/files/ixgbevf%20stable/
https://packages.ubuntu.com/xenial/linux-aws-source-4.4.0 ixgbevf 2.12.1-k
❯ diff ubuntu/linux-4.4/drivers/net/ethernet/intel/ixgbevf upstream/ixgbevf-2.12.1/src | wc -l
3424
❯ diff ubuntu/linux-4.4/drivers/net/ethernet/intel/ixgbevf upstream/ixgbevf-4.1.2/src | wc -l
3897
❯ diff ubuntu/linux-4.4/drivers/net/ethernet/intel/ixgbevf upstream/ixgbevf-4.6.3/src | wc -l
5348
❯ diff ubuntu/linux-4.4/drivers/net/ethernet/intel/ixgbevf upstream/ixgbevf-4.8.1/src | wc -l
5475
@rkoster
rkoster / gist:75aebfd9ab82f6378b82154c6a3f5dbc
Last active June 26, 2018 08:09
Verifying my Blockstack ID is secured with the address 1NVzvRRTvvoQ6UgngVVarthwGkpqLNy3uM https://explorer.blockstack.org/address/1NVzvRRTvvoQ6UgngVVarthwGkpqLNy3uM
@rkoster
rkoster / gist:82635b2ee5aef044a9dfe6d5cae65b40
Last active April 16, 2018 19:16
Verifying my Blockstack ID is secured with the address 1NVzvRRTvvoQ6UgngVVarthwGkpqLNy3uM https://explorer.blockstack.org/address/1NVzvRRTvvoQ6UgngVVarthwGkpqLNy3uM
@rkoster
rkoster / grouped_alerts.json
Created May 16, 2017 17:28
{
"receiver": "default-receiver",
"status": "resolved",
"alerts": [
{
"status": "resolved",
"labels": {
"alertname": "BOSHJobProcessUnhealthy",
"bosh_deployment": "cf",
"bosh_job_index": "0",
@rkoster
rkoster / README.md
Created April 25, 2017 13:47
Cloud Foundry docker broker concousre pipeline

Usage:

fly -t ${target} set-pipeline -n -p docker-broker \
  -c <(bosh int docker-broker-pipeline.yml --vars-file vars.yml)
@rkoster
rkoster / keybase.md
Created August 12, 2015 18:52

Keybase proof

I hereby claim:

  • I am rkoster on github.
  • I am rkoster (https://keybase.io/rkoster) on keybase.
  • I have a public key whose fingerprint is 5865 815F 7085 2981 6343 DCC1 F6A8 BA05 268F 177D

To claim this, I am signing this object:

@rkoster
rkoster / bosh_jobs_dependencies.rb
Created August 11, 2015 09:47
A script for displaying the job dependencies of the cf-relase in a markdown table.
#! /usr/bin/env ruby
# coding: utf-8
require 'yaml'
jobs = Dir['jobs/*'].map { |j| File.basename(j) }
print "∑ | Job | Property | Description\n --- | --- | --- | ---\n"
jobs.map! do |job|
spec = YAML.load_file(File.join("jobs", job, "spec"))
@rkoster
rkoster / rugged-0.22.2-mkmf.log
Created May 18, 2015 09:09
find_executable: checking for gmake... -------------------- no
--------------------
find_executable: checking for make... -------------------- yes
--------------------
find_executable: checking for cmake... -------------------- yes