Olli Janatuinen

# Create local "WMI Remote Readers" group and grant read only permissions to WMI for it.
# NOTE: "Distributed COM Users" group membership is also needed.
$groupName = "WMI Remote Readers"
$groupDescription = "Members of this group can remotely read WMI"
$group = Get-LocalGroup -Name $groupName -ErrorAction SilentlyContinue
if ($group) {
New-LocalGroup -Name $groupName -Description $groupDescription
k3os-rootless.yaml
Last active January 24, 2021
Example cloud-init to enable rootless mode on k3OS
- "echo 0 > /proc/sys/kernel/dmesg_restrict"
- "chmod a+r /dev/kmsg"
- "touch /var/log/k3s-service.log"
- "chown rancher /var/log/k3s-service.log"
- "if [ ! -f /var/lib/rancher/k3s/agent/etc ]; then mkdir -p /var/lib/rancher/k3s/agent/etc; fi"
- "chown -R rancher /var/lib/rancher/k3s/agent/etc"
- overlay
olljanat /
Last active February 24, 2025
Overlay network and static IPs for Docker containers

I don't expect moby/moby#24170 to be solved by Docker team on near future so this gist is about looking for least ugly workarounds which are available today and on near future.

What is possible on Docker 19.03


It is possible to create overlay network with use user specified subnet. On this example I create network which is size is two C -class networks ( IP range - ) and force Docker to use IPs from second part of it ( - ).

That way I can make sure that IPs - can be specified to containers and they do not collide with IPs which Docker engine assign for service(s)/container(s).

MigrateVmIPsToIPAM.ps1
Last active March 20, 2019
Nutanix AHV - Migrates specified virtual machines IP addesses to IPAM reservations to avoid two IPs to be reserved per server
Migrates specified virtual machines IP addesses to IPAM reservations to avoid two IPs to be reserved per server
Finds servers which have two reserved IP addresses,
removes old NIC and add new NIC with second IP (static IP inside of VM).
Can be run online but causes small network hickup for servers.
Find-OrphanDockerLayers.ps1
Last active February 20, 2025
Find Windows containers orphan layers
param (
If ($RenameOrphanLayers) {
Write-Warning "$($env:COMPUTERNAME) -RenameOrphanLayers option enabled, will rename all orphan layers"
# Get known layers on Docker images
[array]$ImageDetails += docker images -q | ForEach { docker inspect $_ | ConvertFrom-Json }