Skip to content

Instantly share code, notes, and snippets.

@gabibeyer
gabibeyer / fed_rootless_kata_podman.sh
Last active August 6, 2019 21:27
Running rootless kata and podman on fedora 29 or 30
#!/bin/bash -x
# Needs reboot after modify selinux/config file to disable selinux
# this is bring ran on a fedora29 ccloudvm instance
# ccloudvm create --cpus 4 --mem 4096 --disk 64 --name KataPodmanDemo fedora29
# The main difference between fed28 and fed29 is that the go and conmon packages are up to date
# install dependencies (tmux/vim optional)
@gabibeyer
gabibeyer / setup_rootless.sh
Last active August 12, 2019 17:54
Set up machine to run podman with rootless kata
#!/bin/bash -x
# Needs reboot after modify selinux/config file to disable selinux
# this is bring ran on a fedora28 ccloudvm instance
# ccloudvm create --cpus 4 --mem 4096 --disk 64 --name KataPodmanDemo fedora28
# install dependencies (tmux/vim optional)
sudo yum update -y
sudo yum install -y \
@gabibeyer
gabibeyer / kata_podman_rootless.md
Last active April 8, 2019 18:04
running kata and podman without sudo

ROOTLESS

Organize user workspace in place of / Should look similar to:

├── run
│   └── kata-containers
├── usr
│   └── share
│       └── kata-containers
@gabibeyer
gabibeyer / podman_kata.sh
Last active September 6, 2020 21:10
podman with kata-runtime
#!/bin/bash
# running kata-runtime with podman on Fedora 28
# I used ccloudvm for my dev system (this is not required)
ccloudvm create --name podman --mem 4096 --cpus 2 fedora28
ccloudvm connect podman
# update system and install podman
sudo yum update
sudo yum install podman

lvm-snapshotter

Getting Started

This document sets up an lvm-snapshotter that listens on a specified socket. It assumes that you already have a volume group, and thin logical volume set up, if not some example commands are provided below.

A very beginner guide to setting up a ccloudvm instance with sparse files in replace of disks can be found here: <>

Prerequisites

@gabibeyer
gabibeyer / containerd_setup.sh
Last active February 27, 2019 20:27
Installing containerd with release binary. May need to be root `sudo -E`
#!/bin/bash -e
# some steps require root, so run $sudo -E
# https://github.com/containerd/cri/blob/master/docs/installation.md
export VERSION="1.2.4"
# install libseccomp2
apt-get update
apt-get install libseccomp2
package main
import (
"fmt"
"math/rand"
"sync"
"time"
)
func doTask(fileName string) (string, error) {
@gabibeyer
gabibeyer / bug_fix1.go
Last active February 18, 2019 19:52
A fix that uses a third channel
package main
import (
"fmt"
"math/rand"
"sync"
"time"
)
func getStrings(fileName string) (string, error) {
@gabibeyer
gabibeyer / concurrency_bug.go
Created February 18, 2019 19:23
Example concurrency bug found in project
package main
import (
"fmt"
"math/rand"
"sync"
"time"
)
func doTask(fileName string) (string, error) {
@gabibeyer
gabibeyer / iptables-cheatsheet.md
Created February 13, 2019 22:34 — forked from mcastelino/iptables-cheatsheet.md
iptables-cheatsheet

The netfilter hooks in the kernel and where they hook in the packet flow

The figure below calls out

  • The netfilter hooks
  • The order of table traversal