Skip to content

Instantly share code, notes, and snippets.

View AlexisDucastel's full-sized avatar

Alexis Ducastel AlexisDucastel

15 followers · 2 following
View GitHub Profile
@AlexisDucastel
AlexisDucastel / test-pleg.md
Created September 20, 2019 11:50 — forked from superseb/test-pleg.md
PLEG tester

PLEG tester

A few commands to run to test what triggers PLEG.

Docker response time

When using Docker, all container statuses are compared and it needs to happen within 3 minutes. Else the following log will be shown:

@AlexisDucastel
AlexisDucastel / restore-rkestate-file.md
Created November 19, 2019 16:27 — forked from superseb/restore-rkestate-file.md
Recover cluster.rkestate file from controlplane node

Recover cluster.rkestate file from controlplane node

RKE

Run on controlplane node, uses any found hyperkube image

docker run --rm --net=host -v $(docker inspect kubelet --format '{{ range .Mounts }}{{ if eq .Destination "/etc/kubernetes" }}{{ .Source }}{{ end }}{{ end }}')/ssl:/etc/kubernetes/ssl:ro --entrypoint bash $(docker inspect $(docker images -q --filter=label=org.label-schema.vcs-url=https://github.com/rancher/hyperkube.git) --format='{{index .RepoTags 0}}' | tail -1) -c 'kubectl --kubeconfig /etc/kubernetes/ssl/kubecfg-kube-node.yaml -n kube-system get configmap full-cluster-state -o json | jq -r .data.\"full-cluster-state\" | jq -r .' > cluster.rkestate
@AlexisDucastel
AlexisDucastel / 00-docker-shorewall.md
Created October 24, 2020 22:00 — forked from lukasnellen/00-docker-shorewall.md
setup shorewall for docker networking beyond the default bridge network, e.g., for docker-compose

Docker(-compose) with shorewall

The shorewall documentation explains in http://shorewall.org/Docker.html how to configure shorewall for use with docker. The problem with the configuration is that it only allows connections from the host to the main bridge docker0. Connections to other networks on dynamically created bridges, with names starting by default with br-, is blocked. Instead of the recommended contents of /etc/shorewall/interfaces, use wild-card interface names as follows:

#ZONE	INTERFACE	OPTIONS
#dock	docker0		bridge     # disabled default recommendation
dock 	docker0		physical=docker+,routeback=1
dock 	br		physical=br-+,routeback=1
@AlexisDucastel
AlexisDucastel / rke2-commands.md
Created September 23, 2021 22:10 — forked from superseb/rke2-commands.md
RKE2 / rancherd commands

RKE2 commands

Install

curl -sL https://get.rke2.io | sh
systemctl daemon-reload
systemctl start rke2-server
@AlexisDucastel
AlexisDucastel / rancher-argocd.md
Created May 3, 2023 22:35 — forked from janeczku/rancher-argocd.md
How to register Rancher managed Kubernetes clusters in Argo CD

How to register Rancher managed Kubernetes clusters in Argo CD

Registering Rancher managed clusters in Argo CD doesn't work out of the box unless the Authorized Cluster Endpoint is used. Many users will prefer an integration of Argo CD via the central Rancher authentication proxy (which shares the network endpoint of the Rancher API/GUI). So let's find out why registering clusters via Rancher auth proxy fails and how to make it work.

Hint: If you are just looking for the solution scroll to the bottom of this page.

Why do i get an error when running argocd cluster add?

Service Account tokens and the Rancher authentication proxy