Skip to content

Instantly share code, notes, and snippets.

View ihcsim's full-sized avatar

Ivan Sim ihcsim

216 followers · 1 following
  • SUSE
  • BC, Canada
  • 03:26 (UTC -08:00)
View GitHub Profile
@ihcsim
ihcsim / add_cluster_network.md
Last active July 18, 2025 21:02
Add cluster network to Harvester

To create a new cluster network using the Harvester UI, navigate to Networks > Cluster Network Configuration.

Use the Create a Cluster Network option to create the new cluster network. E.g., name it cluznet.

Once the network is created, configure its uplink NIC via the Create Network Configuration option.

To configure the uplink link, a new NIC device must be made available to the Harvester host by performing the following steps using the Linux VMM:

  • create a new virtual network
  • use the new virtual network as the source of the NIC
@ihcsim
ihcsim / harvester-config.yaml
Last active September 29, 2025 17:40
os:
hostname: sand.isim.dev
sshAuthorizedKeys:
- ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNtRt9WeQJNVU9IXsqY8taNCdAeMEP8RRGU1QSFF7SD4aX21f1zQ5KmVTPYRllt95rh2RKpk3uRuiURBBej0d68= isim@pop-os
ntpServers:
- 0.suse.pool.ntp.org
- 1.suse.pool.ntp.org
install:
wipeAllDisks: true
@ihcsim
ihcsim / upgrade_images.md
Last active June 30, 2025 17:25
How to check minimum upgradable versions between Harvester releases
@ihcsim
ihcsim / rke2-prom.yaml
Last active April 15, 2025 16:11
# Port-Forward To RKE2 Prometheus In Harvester
Retrieve the `web.external-url` from the Prometheus pod:
```sh
k -n cattle-monitoring-system get po prometheus-rancher-monitoring-prometheus-0 -ojsonpath='{.spec.containers[?(@.name=="prometheus")].args}' | grep "web.ext
ernal-url"
```
@ihcsim
ihcsim / ssh-guest-cluster.md
Last active March 19, 2025 22:23

How To Retrieve SSH Key To Harvester Guest Cluster From Rancher UI

  • Navigate to Cluster Management page on Rancher
  • Find the Machine Pool section of the cluster
  • Right-click to access the Download SSH Key option

image

@ihcsim
ihcsim / etcd_storage.md
Created February 14, 2025 19:19

Changing RKE2 etcd storage size:

echo 'etcd-arg: "quota-backend-bytes=4294967296"' > /etc/rancher/rke2/config.yaml.d/etcd.yaml
@ihcsim
ihcsim / reset-rke2.md
Last active January 24, 2025 22:10

Reset RKE2 on Harvester

The rke2 server --cluster-reset command can be used to reset etcd to a single-node cluster, with its data intact.

See https://docs.rke2.io/datastore/backup_restore

Stop the RKE2 server:

sudo systemctl stop rke2-server
@ihcsim
ihcsim / crd.yaml
Last active October 6, 2025 22:49
validating admission policy
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
name: vnodes.virt.dev
spec:
group: virt.dev
names:
kind: VNode
@ihcsim
ihcsim / config.go
Last active January 18, 2025 20:29
package cel
const (
// PerCallLimit specify the actual cost limit per CEL validation call
// current PerCallLimit gives roughly 0.1 second for each expression validation call
PerCallLimit = 1000000
// RuntimeCELCostBudget is the overall cost budget for runtime CEL validation cost per ValidatingAdmissionPolicyBinding or CustomResource
// current RuntimeCELCostBudget gives roughly 1 seconds for the validation
RuntimeCELCostBudget = 10000000
@ihcsim
ihcsim / activation.go
Last active January 18, 2025 20:30
// Evaluate runs a compiled CEL admission plugin expression using the provided activation and CEL
// runtime cost budget.
func (a *evaluationActivation) Evaluate(ctx context.Context, compositionCtx CompositionContext, compilationResult CompilationResult, remainingBudget int64) (EvaluationResult, int64, error) {
// ...
t1 := time.Now()
evalResult, evalDetails, err := compilationResult.Program.ContextEval(ctx, a)
// budget may be spent due to lazy evaluation of composited variables
if compositionCtx != nil {
compositionCost := compositionCtx.GetAndResetCost()
if compositionCost > remainingBudget {