Chuck Douglas chuckersjp
chuckersjp
/ dnsmasq-cluster-setup.yaml
Last active
May 13, 2020 21:06
Create dnsmasq cluster.conf based on OpenShift inventory hostfile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Configure dnsmasq | |
| hosts: all | |
| tasks: | |
| - name: Install dnsmasq | |
| yum: | |
| name: dnsmasq | |
| state: latest |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Setup Docker for all hosts | |
| hosts: all | |
| become: true | |
| tasks: | |
| - name: Install some base packages | |
| yum: | |
| name: "{{ item }}" | |
| state: latest |
chuckersjp
/ partition.yaml
Last active
May 13, 2020 21:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Create partitions on master | |
| hosts: masters | |
| become: yes | |
| tasks: | |
| - name: Create LVEtcd logical volume | |
| lvol: | |
| lv: LVEtcd | |
| size: 10g |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: playbook to install fluentd agent | |
| hosts: all | |
| become: true | |
| vars: | |
| log_server: LOG_SERVER.EXAMPLE.COM | |
| log_port: 10405 # Defaults to 514 if not set | |
| tasks: |
chuckersjp
/ gist:77863ce1d27b12d1da288e589aabf24e
Created
August 9, 2018 02:34
Ansible command to push out keys to all hosts. Requires that the account be present and the password be the same.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ansible -i inventory all -m authorized_key -a "user=ansible key={{ lookup('file', '/home/ansible/.ssh/id_rsa.pub') }}" -k |
chuckersjp
/ key-scan.yaml
Created
August 9, 2018 02:37
gist to scan all inventory nodes and dump them to known_hosts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # copied from https://gist.github.com/shirou/6928012 | |
| - hosts: all | |
| gather_facts: no | |
| sudo: no | |
| tasks: | |
| - name: run ssh-keyscan to add keys to known_hosts | |
| local_action: shell ssh-keyscan {{ ansible_ssh_host }} >> ~/.ssh/known_hosts |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys, json, base64 | |
| file_list = json.load(sys.stdin)['storage']['files'] | |
| for files in file_list: | |
| print files['path'] + "\n" + base64.b64decode(files['contents']['source'].split(',')[1]) |
chuckersjp
/ bootstrap-decoder2.py
Created
April 10, 2020 20:53
Output the expiration dates of the certs in bootstrap
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys, json, base64 | |
| from cryptography import x509 | |
| from cryptography.hazmat.backends import default_backend | |
| file_list = json.load(sys.stdin)['storage']['files'] | |
| #for files in file_list: | |
| # print files['path'] + "\n" + base64.b64decode(files['contents']['source'].split(',')[1]) |
chuckersjp
/ update_secret.yml
Created
April 21, 2020 16:05
Ansible Playbook to update an OpenShift Secret using k8s
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: retrieve pullsecret | |
| # Newer version of Ansible call this module k8s_info | |
| k8s_facts: | |
| api: v1 | |
| kind: Secret | |
| name: pull-secret-chuck | |
| namespace: openshift-config | |
| register: pullsecret | |
| - name: Get the original cred secrets |
chuckersjp
/ user-registry.yml
Created
April 27, 2020 18:20
Create multiple user login registry for OpenShift 4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: Create htpass-secret secret in openshift-config name space for backdoor htpasswd user registry | |
| k8s: | |
| kubeconfig: kubeconfig | |
| state: present | |
| definition: | |
| apiVersion: v1 | |
| data: | |
| htpasswd: "{{ htpasswdtoken }}" | |
| kind: Secret | |
| metadata: |