Skip to content

Instantly share code, notes, and snippets.

View dweomer's full-sized avatar
🤠
/nerdface

Jacob Blain Christen dweomer

🤠
/nerdface
92 followers · 64 following
View GitHub Profile
@dweomer
dweomer / helm-boringcrypto-alpine.sh
Last active September 11, 2023 22:21
helm + boringcrypto
git clone https://github.com/helm/helm.git && cd helm
# alpine (success)
make clean; \
docker run --rm -it --volume $PWD:$PWD -w $PWD library/golang:1.19-alpine sh -c " \
cat /etc/os-release; apk add file gcc g++ make bash; \
make GOEXPERIMENT=boringcrypto \
GOFLAGS='-buildvcs=false' \
CGO_ENABLED=1 \
TAGS=netgo,osusergo \
@dweomer
dweomer / README.md
Created December 21, 2021 19:37 — forked from kosyfrances/README.md
KVM in runc

KVM in runc

Running a KVM virtual machine inside a runc contianer.

Requirements

  • A host which can run KVM virtual machines using Vagrant.

Setting up a test VM

@dweomer
dweomer / README.md
Created December 21, 2021 19:37 — forked from johananl/README.md
KVM in runc

KVM in runc

Running a KVM virtual machine inside a runc contianer.

Requirements

  • A host which can run KVM virtual machines using Vagrant.

Setting up a test VM

@dweomer
dweomer / enforcing-critest.log
Created July 27, 2020 16:51
containerd-1.3.0-k3s-dev
🇩 binaries
🇩 test-cri
/go/bin/critest
'/go/src/github.com/containerd/cri/hack/../_output/containerd' -> '/usr/local/bin/containerd-test'
changing security context of '/usr/local/bin/containerd-test'
make[1]: Entering directory '/go/src/github.com/containerd/cri/test/selinux/policy'
rm -fR tmp
rm -f *.pp
/usr/share/selinux/devel/include/services/container.if:13: Error: duplicate definition of container_runtime_domtrans(). Original definition on 13.
/usr/share/selinux/devel/include/services/container.if:40: Error: duplicate definition of container_runtime_run(). Original definition on 40.
@dweomer
dweomer / enforcing-critest.log
Created July 27, 2020 16:50
containerd-1.3.3-k3s2
critest version: 1.18.0-89-gbaca4a1
Running Suite: CRI validation
=============================
Random Seed: 123456789 - Will randomize all specs
Will run 90 of 97 specs
[k8s.io] Container runtime should support basic operations on container
runtime should support removing stopped container [Conformance]
/usr/src/github.com/kubernetes-sigs/cri-tools/pkg/validate/container.go:134
[BeforeEach] [k8s.io] Container
@dweomer
dweomer / enforcing-critest.log
Last active July 27, 2020 16:53
containerd-v1.4.0-beta.0-test-selinux
🇩 binaries
🇩 test-cri
/go/bin/critest
'/go/src/github.com/containerd/cri/hack/../_output/containerd' -> '/usr/local/bin/containerd-test'
changing security context of '/usr/local/bin/containerd-test'
make[1]: Entering directory '/go/src/github.com/containerd/cri/test/selinux/policy'
rm -fR tmp
rm -f *.pp
/usr/share/selinux/devel/include/services/container.if:13: Error: duplicate definition of container_runtime_domtrans(). Original definition on 13.
/usr/share/selinux/devel/include/services/container.if:40: Error: duplicate definition of container_runtime_run(). Original definition on 40.
@dweomer
dweomer / containerd-cri-test-selinux.md
Last active July 27, 2020 17:32
@dweomer
dweomer / centos-8-results.txt
Last active July 24, 2020 00:19
containerd-selinux-testing
[vagrant@localhost cri]$ make test-cri
🇩 binaries
🇩 test-cri
/go/bin/critest
'/go/src/github.com/containerd/cri/hack/../_output/containerd' -> '/usr/local/bin/containerd-test'
changing security context of '/usr/local/bin/containerd-test'
make[1]: Entering directory '/go/src/github.com/containerd/cri/test/selinux/policy'
make[1]: 'containerd-test.pp' is up to date.
make[1]: Leaving directory '/go/src/github.com/containerd/cri/test/selinux/policy'
mkdir: created directory '/var/lib/containerd-test'
@dweomer
dweomer / reference.md
Created July 20, 2020 23:32
containerd-selinux
@dweomer
dweomer / docker-compose.yml
Last active September 19, 2018 00:20
docker registry composition
version: "3"
volumes:
local-data:
mirror-data:
services:
local:
container_name: registry-local
image: registry:2