September 12, 2025
-
8 mins read
CKA Preparation
1. CKA Practice: ConfigMaps and Secrets
Create a ConfigMap and Secret
Your application needs a database configuration and a password stored securely.
Create a ConfigMap named app-config with:
DB_HOST=localhost
DB_PORT=3306
Create a Secret named db-secret with:
DB_PASSWORD=supersecret (base64 encoded automatically by kubectl)
#configmap
apiVersion : v1
kind : ConfigMap
metadata :
name : app-config
data :
DB_HOST : "localhost"
DB_PORT : "3306"
#secret
apiVersion : v1
kind : Secret
metadata :
name : db-secret
data :
DB_PASSWORD : "c3VwZXJzZWNyZXQK" #base64 encoded value 'supersecret'
Use ConfigMap and Secret in a Pod
Create a Pod named app-pod using the nginx image.
Inject the ConfigMap values as environment variables.
Inject the Secret value as an environment variable.
apiVersion : v1
kind : Pod
metadata :
name : app-pod
spec :
containers :
- name : app-pod
image : nginx
env :
- name : DB_HOST
valueFrom :
configMapKeyRef :
name : app-config
key : DB_HOST
- name : DB_PORT
valueFrom :
configMapKeyRef :
name : app-config
key : DB_PORT
- name : DB_SECRET
valueFrom :
secretKeyRef :
name : db-secret
key : DB_PASSWORD
- Lesson learned
controlplane:/var/log$ k get pods
NAME READY STATUS RESTARTS AGE
app-pod 0/1 CreateContainerConfigError 0 4m43s
for debugging this error ‘CreateContainerConfigError’ by using k describe pod app-pod
September 12, 2025
-
7 mins read
CKA Preparation
1. Playground
This playground will always have the same version as currently in the Linux Foundation Exam.
2. Vim Setup
Using vim to edit file
3. Apiserver Crash
Configure a wrong argument
knowledge
Check log
/var/log/pods /var/log/containers crictl ps + crictl logs docker ps + docker logs kubelet logs: /var/log/syslog or journalctl
kube api manifest directory
/etc/kubernetes/manifest/*
Solution
December 22, 2023
-
1 min read
Making the Zombie Factory
Event (event & emit) notificaiton trigger for front-end app, gas related that receving information/data without interacting to the contract
Zombies Attack Their Vicitms
mapping (address => uint) public accountBalance; | mapping (key => value) public accountBalance;
storage vs memory | hardisk vs ram
internal vs external vs public vs private
Advanced Solidity Concepts
OpenZeppelin ownable (modifier onlyOwner)
struct{ uint c; uint32 a; uint32 b;) gas < struct{ uint32 a; uint c; uint32 b;) gas
November 9, 2023
-
2 mins read
For me, Freshrss is better.
I plan to test them one by one, but stop at Freshrss as I’m satisfied with it.
Planned testing sequence in order: Miniflux -> Freshrss -> Tiny tiny rss
My requirement:
Subscribe > 100 feeds
Use on PC & mobile
Feeds are manageable (feeds with error, remove feeds)
Comparison:
Miniflux
can suscribe >100 feeds
Easy to use on both PC & mobile
Freshrss
can subscribe >100 feeds
Easy to use on both PC & mobile
Better subscription mangement (e.g. remove number of feeds without click them 1 by 1)
Better GUI
Docker-compose
version : "2.4"
volumes :
db :
data :
extensions :
services :
freshrss :
image : freshrss/freshrss:latest
container_name : freshrss
hostname : freshrss
restart : unless-stopped
logging :
options :
max-size : 10m
volumes :
- data:/var/www/FreshRSS/data
- extensions:/var/www/FreshRSS/extensions
environment :
TZ : Asia/Hong_Kong
CRON_MIN : '3'
TRUSTED_PROXY : 0
ports :
- "8080:80"
freshrss-db :
image : postgres:16
container_name : freshrss-db
hostname : freshrss-db
restart : unless-stopped
logging :
options :
max-size : 10m
volumes :
- db:/var/lib/postgresql/data
environment :
POSTGRES_DB : freshrss-db
POSTGRES_USER : freshrssuser
POSTGRES_PASSWORD : freshrsspassword
command :
# Examples of PostgreSQL tuning.
# https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server
# When in doubt, skip and stick to default PostgreSQL settings.
- -c
- shared_buffers=1GB
- -c
- work_mem=32MB
miniflux
version : '3'
services :
miniflux :
image : miniflux/miniflux:latest
ports :
- "8756:8080"
depends_on :
db :
condition : service_healthy
environment :
- DATABASE_URL=postgres://miniflux:miniflux@db/miniflux?sslmode=disable
- RUN_MIGRATIONS=1
- CREATE_ADMIN=1
- ADMIN_USERNAME=admin
- ADMIN_PASSWORD=password
db :
image : postgres:15
environment :
- POSTGRES_USER=miniflux
- POSTGRES_PASSWORD=miniflux
volumes :
- miniflux-db:/var/lib/postgresql/data
healthcheck :
test : ["CMD" , "pg_isready" , "-U" , "miniflux" ]
interval : 10s
start_period : 30s
volumes :
miniflux-db :
August 27, 2023
-
11 mins read
Study Material
Ethernaut, a CTF-like smart contract security challenge writeup
1. Ethernaut0 - Hello Ethernaut
// SPDX-License-Identifier: MIT
pragma solidity ^ 0 .8 .0 ;
contract Instance {
string public password;
uint8 public infoNum = 42 ;
string public theMethodName = 'The method name is method7123949.' ;
bool private cleared = false ;
// constructor
constructor (string memory _password) {
password = _password;
}
function info () public pure returns (string memory ) {
return 'You will find what you need in info1().' ;
}
function info1 () public pure returns (string memory ) {
return 'Try info2(), but with "hello" as a parameter.' ;
}
function info2 (string memory param) public pure returns (string memory ) {
if (keccak256(abi.encodePacked(param)) == keccak256(abi.encodePacked('hello' ))) {
return 'The property infoNum holds the number of the next info method to call.' ;
}
return 'Wrong parameter.' ;
}
function info42 () public pure returns (string memory ) {
return 'theMethodName is the name of the next method.' ;
}
function method7123949 () public pure returns (string memory ) {
return 'If you know the password, submit it to authenticate().' ;
}
function authenticate (string memory passkey) public {
if (keccak256(abi.encodePacked(passkey)) == keccak256(abi.encodePacked(password))) {
cleared = true ;
}
}
function getCleared () public view returns (bool ) {
return cleared;
}
}
1.1 Solution
Starting from contract.info() which redirecting me to a function that change “cleared” to true;