ikurni ikurni
ikurni
/ velero-openshift-migration
Last active
July 7, 2020 15:59
Use Velero for Openshift 3 to Openshift 4 Migration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##Download Velero from Source repo : | |
| wget https://github.com/vmware-tanzu/velero/releases/download/v1.4.0/velero-v1.4.0-linux-amd64.tar.gz | |
| ##Pull required image from docker.io | |
| podman pull docker.io/minio/mc | |
| podman pull docker.io/minio/minio | |
| podman pull docker.io/velero/velero:v1.4.0 | |
| podman pull docker.io/velero/velero-plugin-for-aws:v1.0.0 | |
| ##Push all images to docker-registry.default.svc:5000 (internal docker registry) |
ikurni
/ ntp-local-server
Last active
July 7, 2020 15:41
Configure NTP server without access to internet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##Edit /etc/ntp.conf | |
| vi /etc/ntp.conf | |
| ##Add below line to set local server as the NTP server in the server section | |
| --- | |
| restrict 10.10.10.0 mask 255.255.255.0 nomodify notrap | |
| server 127.127.1.0 | |
| fudge 127.127.1.0 stratum 10 | |
| --- |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##Environment variable | |
| export GOVC_URL=vcenter01.example.com | |
| export [email protected] | |
| export GOVC_PASSWORD=password | |
| export GOVC_INSECURE=true | |
| ##Govc command to create vmdk file in datastore | |
| govc datastore.disk.create -size 1G -ds=DatastoreName folder/disk1.vmdk |
ikurni
/ Openshift-LDAP-User-login-filtered-by-Group
Last active
June 11, 2020 13:18
Openshift LDAP User login filtered by Group
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Filter Syntax Example: | |
| https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx | |
| ------------------------------------------------------------------------------------------------------------- | |
| https://access.redhat.com/solutions/3510401 | |
| Can be done in 4.X version by editing OAuth resource definition, like in the following example: | |
| apiVersion: config.openshift.io/v1 | |
| kind: OAuth |
ikurni
/ Working-with-Json-Patch
Last active
November 9, 2022 21:36
Working with JSON Patch for Openshift OC Patch command
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##Openshift OC Command using json type : | |
| oc patch <object> <object> --type=json -p (sample) | |
| ##The original document : | |
| { | |
| "baz": "qux", | |
| "foo": "bar" | |
| } | |
| The patch : | |
| [ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| srv-host=_etcd-server-ssl._tcp.prdocp.example.com,etcd-0.prdocp.example.com,2380,0,10 | |
| srv-host=_etcd-server-ssl._tcp.prdocp.example.com,etcd-1.prdocp.example.com,2380,0,10 | |
| srv-host=_etcd-server-ssl._tcp.prdocp.example.com,etcd-2.prdocp.example.com,2380,0,10 | |
| ###disable DHCP | |
| no-dhcp-interface= | |
| ###add for dns | |
| no-hosts | |
| addn-hosts=/etc/dnsmasq.hosts |
ikurni
/ OCP4-Add-Worker-Node-after-24Hours-
Last active
July 7, 2020 15:47
Openshift 4 Add worker nodes after 24 hours
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##Replace api-int.clusterDomain with your FQDN only and run the below commands: | |
| export MCS=api-int.clusterDomain:22623 | |
| ##Run below command to update worker.ign file | |
| echo "q" | openssl s_client -connect $MCS -showcerts | awk '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/' | base64 --wrap=0 | tee ./api-int.base64 && \ | |
| sed --regexp-extended --in-place=.backup "s%base64,[^,]+%base64,$(cat ./api-int.base64)\"%" ./worker.ign |
ikurni
/ NGINX-HTTP-Redirect-with-Header-Changes
Last active
May 28, 2020 15:24
NGINX Config to do HTTPS redirect with Header change
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| edit file : /etc/nginx/nginx.conf | |
| -------- | |
| error_log /var/log/nginx/error.log warn; | |
| pid /var/run/nginx.pid; | |
| events { | |
| worker_connections 1024; |
ikurni
/ Openshift-Deploy-from-External-Registry
Created
May 27, 2020 07:05
Openshift Deploy an Apps pulling from External Registry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| To deploy apps in openshift using private image registry with password, need to : | |
| 1) Create secret to the private registry : | |
| oc create secret docker-registry <pull_secret_name> \ | |
| --docker-server=<registry_server> \ | |
| --docker-username=<user_name> \ | |
| --docker-password=<password> \ | |
| --docker-email=<email> | |
| 2) Put pull secret to default ServiceAccount (assume deployment using SA default) : | |
| oc secrets link default <pull_secret_name> --for=pull |
ikurni
/ Bash-auto-completion-not-working
Created
May 19, 2020 13:14
Bash auto completion is not working
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Check /etc/profile.d/bash_completion.sh, make sure below line are there : | |
| --------------------------------------------------------------------------- | |
| # Check for interactive bash and that we haven't already been sourced. | |
| [ -z "$BASH_VERSION" -o -z "$PS1" -o -n "$BASH_COMPLETION_COMPAT_DIR" ] && return | |
| # Check for recent enough version of bash. | |
| bash=${BASH_VERSION%.*}; bmajor=${bash%.*}; bminor=${bash#*.} | |
| if [ $bmajor -gt 4 ] || [ $bmajor -eq 4 -a $bminor -ge 1 ]; then | |
| [ -r "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" ] && \ | |
| . "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" |