Brett Tofel bentito
bentito
/ java_kubernetes_operators_report.md
Last active
September 26, 2023 14:28
Creating Java-Based Kubernetes Operators: A Comparative Report with Code Examples
cd ~/workspace/sa-key-rotation
cd jwks
go run jwks.go ../../aws-pod-identity-webhook/sa-signer-pkcs8.pub ../../cloud-credential-operator/new/serviceaccount-signer.public
cat keys.json
S3_BUCKET_NAME=btofel-sts-test && aws s3 cp keys.json s3://${S3_BUCKET_NAME} --profile redhat-openshift-dev --acl public-read
PRIVKEY=`base64 -i ../cloud-credential-operator/new/serviceaccount-signer.private`
PUBKEY=`base64 -i ../cloud-credential-operator/new/serviceaccount-signer.public`
oc patch secret next-bound-service-account-signing-key -n openshift-kube-apiserver-operator --type=json -p '[{"op":"replace","path":"/data/service-account.key","value":"'"$PRIVKEY"'"},{"op":"replace","path":"/data/service-account.pub","value":"'"$PUBKEY"'"}]'
bentito
/ steps-to-crc-dev.md
Last active
March 20, 2023 16:51
Steps to be able to do local dev on OpenShift Local (CRC)
To enable faster dev process with OpenShift Local (CRC) where you can push dev images to the local internal registry included with OpenShift and pull those same images internally in the cluster you need to follow these steps:
Push images to OpenShift Local's image registry, must be labeled like:
REGISTRY=$(oc get route/default-route -n openshift-image-registry -o=jsonpath='{.spec.host}'); \
IMAGE_PUSH=$($REGISTRY/openshift/pod-identity-webhook:0.4) \or simpler and actually working:
bentito
/ aws_sts_pod_id_webhook_steps.md
Last active
March 16, 2023 19:33
AWS STS pod Identity webhook Steps
oc login -u kubeadmin -p zXqDV-wqxpa-YTV7N-hNpgV https://api.crc.testing:6443
oc get -n openshift-kube-apiserver cm -o json bound-sa-token-signing-certs | jq -r '.data["service-account-001.pub"]' > sa-signer-pkcs8.pub
bin/self-hosted-darwin -key "sa-signer-pkcs8.pub" | jq '.keys += [.keys[0]] | .keys[1].kid = ""' > "keys.json"
aws s3 mb s3://btofel-sts-test --profile redhat-openshift-dev
aws s3 cp keys.json s3://btofel-sts-test --profile redhat-openshift-dev --acl public-read
cp ~/hold_code/discovery.json .
vi discovery.json (verify it has bucket URL params to match above)
aws s3 cp discovery.json s3://btofel-sts-test/.well-known/openid-configuration --profile redhat-openshift-dev --acl public-read
bentito
/ opm-render-fbc-how-to.md
Last active
June 29, 2022 15:47
Working with PR#748 operator-registry opm render output
From PR operator-framework/operator-registry#748 build this version of OPM then :
opm index prune --from-index registry.redhat.io/redhat/redhat-operator-index:v4.10 -c docker --packages cluster-logging(will need to docker login redhat registry)
then:
docker push the pared down index, for ex:
bentito
/ gist:c72db53bc01a5f394d3dd4cfdc1220cd
Last active
May 13, 2022 20:02
Building kind node-image for a given k8s tag
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| See comments to this gist for how to build a kind node-image for a given k8s tag |
bentito
/ gist:1b852d20e8d8c17b3406be240e536b78
Last active
August 27, 2021 15:40
Build Code Ready Containers - With OKD (commentable version)
bentito
/ check_comma_sep_versions.py
Created
July 14, 2021 21:10
Script for Python 3.z to check indexes for problematic comma-separated values
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Requires | |
| # OPM, operator-sdk v1.8.0 or higher | |
| # grpcurl, podman or docker, skopeo | |
| import os | |
| import json | |
| import sqlite3 | |
| import subprocess | |
| CONTAINER_TOOL = "docker" |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Servicemeshoperator Graph from 4.7 RH Index | |
| <svg id="mermaid-1619812178224" width="15456" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="11691.75" viewBox="0 0 15456 11691.75"><style>#mermaid-1619812178224{font-family:"trebuchet ms",verdana,arial,sans-serif;font-size:16px;fill:#333;}#mermaid-1619812178224 .error-icon{fill:#552222;}#mermaid-1619812178224 .error-text{fill:#552222;stroke:#552222;}#mermaid-1619812178224 .edge-thickness-normal{stroke-width:2px;}#mermaid-1619812178224 .edge-thickness-thick{stroke-width:3.5px;}#mermaid-1619812178224 .edge-pattern-solid{stroke-dasharray:0;}#mermaid-1619812178224 .edge-pattern-dashed{stroke-dasharray:3;}#mermaid-1619812178224 .edge-pattern-dotted{stroke-dasharray:2;}#mermaid-1619812178224 .marker{fill:#333333;stroke:#333333;}#mermaid-1619812178224 .marker.cross{stroke:#333333;}#mermaid-1619812178224 svg{font-family:"trebuchet ms",verdana,arial,sans-serif;font-size:16px;}#mermaid-1619812178224 .label{font-family:"trebuchet ms",ve |
bentito
/ mysql_metering.md
Last active
March 10, 2021 20:37
getting metering 4.6 running on 4.7 cluster with MySQL 5.7 backing store for Hive
where the namespace I will run metering in is btofel:
oc new-app -n btofel -e MYSQL_USER=mysql -e MYSQL_PASSWORD=password -e MYSQL_DATABASE=hive_metastore -e MYSQL_ROOT_PASSWORD=password mysql:5.7