dmc5179

• Create the IAM role for EFS and attach to control plane and worker nodes (can just be worker nodes)
• Deploy the EFS Operator from Operator Hub
• Install the EFS CSI Driver with efs-cluster-csi-driver.yaml
• create the EFS Storage Class with efs-sc.yaml example (Need to change fields here for your EFS)

dmc5179

#!/bin/bash

# Usage: ./extract.sh --catalog=registry.redhat.io/redhat/redhat-operator-index:v4.15 --package=advanced-cluster-management --channel=release-2.11
# Usage with cache: ./extract.sh --catalog=registry.redhat.io/redhat/redhat-operator-index:v4.15 --package=advanced-cluster-management --channel=release-2.11 --cache=true

CACHE="false"
# Default configs directory
CONFIGS_DIR="/configs"

for i in "$@"; do

dmc5179

#!/bin/bash -xe

# This script is indexed to "fix" an operator index image created by the oc-mirror tool where
# the /configs and files under /configs are created with root only read permissions.
# When /configs and the files under that directory can only be read by root, the operator index container
# will crash when running on OpenShift as the non-root users that the index runs as will be unable
# to read the operator index configuration data under /configs

# Change INDEX to the index container image that needs to be fixed
INDEX="ip-10-0-185-96.us-east-2.compute.internal:8443/redhat/redhat-operator-index:v4.15"

dmc5179

variant: openshift
version: 4.15.0
metadata:
  labels:
    machineconfiguration.openshift.io/role: master
  name: 98-lso-partition
storage:
  disks:
  - device: /dev/sda # This can also be written as /dev/sda or /dev/nvme0n1 if you know the name of the disk device itself. It's recommended to use by-id in case the device changes names but not required. Make sure this matches what is in the install-config.yaml device
    partitions:

dmc5179

kind: ValidatingAdmissionPolicy
apiVersion: admissionregistration.k8s.io/v1alpha1
metadata:
  name: pdb
spec:
  matchConstraints:
    resourceRules:
      - operations:
          - CREATE
        apiGroups:

dmc5179

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: httpd-pv-claim
  labels:
    app: httpd-frontend
spec:
  accessModes:
    - ReadWriteMany

dmc5179

#!/bin/bash

DETAILS=$(nginx -V 2>&1)

# 2.1.1 Ensure only required modules are installed (Manual)
#echo $DETAILS

# 2.1.2 Ensure HTTP WebDAV module is not installed (Automated)
echo -n '2.1.2: '
if [[ $DETAILS =~ 'http_dav_module' ]]; then echo 'fail'; else echo 'pass'; fi

dmc5179

FROM registry.access.redhat.com/ubi9
MAINTAINER Dan Clark <[email protected]>
LABEL description="IBM RTC SCM CLI"

COPY EWM-scmTools-Linux64-7.0.3.zip /usr/local

RUN dnf -y update && \
    dnf -y install unzip && \
    dnf clean all && \
    pushd /usr/local && \

dmc5179

apiVersion: mirror.openshift.io/v1alpha2
kind: ImageSetConfiguration
archiveSize: 2
storageConfig:
  local:
    path: /opt/data/mirror
mirror:
  platform:
    channels:
      - name: stable-4.10

dmc5179

global
  log /dev/log  local0
  log /dev/log  local1 notice
  stats socket /var/lib/haproxy/stats level admin
  chroot /var/lib/haproxy
  user haproxy
  group haproxy
  daemon

defaults