ikurni ikurni
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Openshift Day 2 guidance : | |
| ----------------------------------------------------------------------------------------------- | |
| Configure Openshift ingress operator to use node label “infra: true” and run router pods only in infra node | |
| Edit openshift-ingress config : | |
| # oc edit ingresscontrollers.operator.openshift.io/default -n openshift-ingress-operator | |
| In the spec: section add below comment : | |
| --- | |
| nodePlacement: | |
| nodeSelector: | |
| matchLabels: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pods rollout stuck in waiting for condition, unable mount volume, unable mount secret. Pods are using PVC from vSphere Volume | |
| --> Check VM's advanced config, make sure "disk.EnableUUID = true" is available |
ikurni
/ ssh-config-ignore-knownhosts
Last active
May 17, 2020 06:35
SSH config file to ignore known hosts registration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Put this config on /root/.ssh/config (if ssh as root) ### | |
| UserKnownHostsFile=/dev/null | |
| StrictHostKeyChecking=no |
ikurni
/ ssh-config-ignore-knownhosts
Created
February 11, 2020 15:45
SSH config file to ignore known hosts registration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| UserKnownHostsFile=/dev/null | |
| StrictHostKeyChecking=no |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| srv-host=_etcd-server-ssl._tcp.prodocp.dc.example.com,etcd-0.prodocp.dc.example.com,2380,0,10 | |
| srv-host=_etcd-server-ssl._tcp.prodocp.dc.example.com,etcd-1.prodocp.dc.example.com,2380,0,10 | |
| srv-host=_etcd-server-ssl._tcp.prodocp.dc.example.com,etcd-2.prodocp.dc.example.com,2380,0,10 | |
| ###disable DHCP | |
| no-dhcp-interface= | |
| ###add for dns | |
| no-hosts | |
| addn-hosts=/etc/dnsmasq.hosts |
ikurni
/ OCP-4.2-ProxySetup
Last active
October 15, 2020 04:41
Oc command to apply cluster wide proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| oc -n openshift-cluster-version set env deploy cluster-version-operator HTTP_PROXY=http://proxy-server:port HTTPS_PROXY=http://proxy-server:port NO_PROXY=".cluster.local,.company.com,.svc,10.0.0.0/16,10.32.0.0/14,10.36.0.0/16,127.0.0.1,api-int.dc.company.com,etcd-0.dc.company.com,etcd-1.dc.company.com,etcd-2.dc.company.com,localhost" | |
| apiVersion: config.openshift.io/v1 | |
| kind: Proxy | |
| metadata: | |
| name: cluster | |
| spec: | |
| httpProxy: http://proxy-server:port | |
| httpsProxy: http://proxy-server:port | |
| noProxy: .company.com,mirror.openshift.com |
ikurni
/ ingresscontroller-operator.yaml
Last active
February 9, 2020 11:41
OCP4-change-default-nodeselector-by-operator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #[root@prodcluster-bastion ~]# oc edit ingresscontrollers.operator.openshift.io/default -n openshift-ingress-operator | |
| apiVersion: operator.openshift.io/v1 | |
| kind: IngressController | |
| metadata: | |
| creationTimestamp: "2020-02-08T08:29:55Z" | |
| finalizers: | |
| - ingresscontroller.operator.openshift.io/finalizer-ingresscontroller | |
| generation: 2 | |
| name: default | |
| namespace: openshift-ingress-operator |
ikurni
/ kube-advanced-audit.yaml
Created
October 10, 2019 06:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: audit.k8s.io/v1 | |
| kind: Policy | |
| rules: | |
| # The following requests were manually identified as high-volume and low-risk, | |
| # so drop them. | |
| - level: None | |
| users: ["system:kube-proxy"] | |
| verbs: ["watch"] | |
| resources: | |
| - group: "" # core |
ikurni
/ Satellite-6.3-Capsule-as-Docker
Last active
January 25, 2019 06:30
Satellite 6.3+ - Use capsule as Docker Repository
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### To configure Satellite as Docker Repository, it will be depend on how it's set to published at which URL. But for Capsule will use different URL compare to Satellite. To check correct URL for Capsule, so we can pull docker images from Capsule URL directly, do this : | |
| #Go to Directory /var/lib/pulp/published/docker/v2/web/1-xxx-xxx-xxx (xxx represent random name dir generated by Pulp based on content view configuration) | |
| cd /var/lib/pulp/published/docker/v2/web/1-openshift-cv-dr-7a234-12312-1231-3434-3243-4534-2342398704/tags | |
| #Inside the dir, we can find few files in there, but just simply print the tags list | |
| cat list | |
| # {"name": "abc-dr-openshift-cv-docker-registry-openshift:3_ose-deployer", "tags": "["v3.11.51"... output omitted | |
| # |
ikurni
/ OCP-3.11-AIO-hosts
Created
January 4, 2019 04:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # ansible inventory for OpenShift Container Platform 3.11.16 | |
| # AgnosticD ansible-config: ocp-ha-lab | |
| [OSEv3:vars] | |
| ########################################################################### | |
| ### Ansible Vars | |
| ########################################################################### | |
| timeout=60 |