Install kubectl crossplane plugin
curl -sL https://raw.githubusercontent.com/crossplane/crossplane/master/install.sh | sh
sudo mv kubectl-crossplane /usr/local/bin
kubectl crossplane --helpInstall Crossplane
Frank Kloeker eumel8
๐
eumel8
/ migrate-keycloak-user.sh
Last active
May 23, 2023 13:20
migrate Rancher Keycloak saml to oidc user
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # keycloak saml user object: | |
| # principalIds: | |
| # - keycloak_user://[email protected] | |
| # - local://u-pxxxxxxx | |
| # | |
| # keycloak oidc user object: | |
| # principalIds: | |
| # - keycloakoidc_user://[email protected] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2017 The Kubernetes Authors. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, |
eumel8
/ gist:60a2d96aad4d6938625f0d535578fd3f
Last active
April 21, 2023 07:55
prometheus-auth fix token
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This behaviour comes in Kubernetes 1.21 with a change of Serviceaccount token format. Bound tokens become default, legacy | |
| # token still alive. In prometheus-auth, a middleware | |
| # for bearer token auth in front of prometheus, a SubjectAccessReview will looking for a token, provided by the federated | |
| # prometheus instance via http endpoint. This token is searched in a list of secrets cluster-wide and if there is a match, | |
| # comparing process started for ServiceAccount and Namespace. After success, a hijack federate will provide access to the | |
| # related cluster metrics. Normaly, the token in the federate call and the content of the related secret of the | |
| # ServiceAccount is equal. In newer Kubernetes version this format is rewritten and internally the new format of bound token | |
| # is stored. | |
| รค With this difference, the SubjectAccessReview is denied and no metrics are accessable. Unfortunatelly the related | |
| # ServiceMonitor for federate is UP, no errors are visiable. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: fix-project-monitoring | |
| data: | |
| fix-project-monitoring.sh: | | |
| #!/usr/bin/env bash | |
| set -e |
eumel8
/ project-monitoring-pvc-backup.yaml
Created
February 9, 2023 15:49
Backup Rancher V1 Monitoring
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: grafana-project-monitoring-backup | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global: | |
| cattle: | |
| clusterId: "" | |
| clusterName: "" | |
| rkePathPrefix: "" | |
| rkeWindowsPathPrefix: "" | |
| systemDefaultRegistry: mtr.devops.telekom.de | |
| systemProjectId: "" | |
| url: "" | |
| image: |
eumel8
/ sheets.json
Created
December 13, 2022 01:52
JSON object exported by the 'Sheets to JSON' Google Sheets addon.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {} |
eumel8
/ sheets.json
Created
December 13, 2022 01:51
JSON object exported by the 'Sheets to JSON' Google Sheets addon.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Setup Raspberry PI to monitor CybperPower USV and send alarm SMS | |
| # Connect CyberPower USV and Raspberry with USB cable | |
| # Install Software on Raspberry (Ubuntu): | |
| # apt-get update && apt-get install nut nut-client nut-server | |
| # Adjust config: | |
| ``` | |
| /etc/nut/nut.conf | |
| MODE=netserver |