Skip to content

Instantly share code, notes, and snippets.

View olljanat's full-sized avatar

Olli Janatuinen olljanat

View GitHub Profile
# Create local "WMI Remote Readers" group and grant read only permissions to WMI for it.
# NOTE: "Distributed COM Users" group membership is also needed.
$groupName = "WMI Remote Readers"
$groupDescription = "Members of this group can remotely read WMI"
$group = Get-LocalGroup -Name $groupName -ErrorAction SilentlyContinue
if ($group) {
return
}
New-LocalGroup -Name $groupName -Description $groupDescription
@olljanat
olljanat / k3os-rootless.yaml
Last active January 24, 2021 21:27
Example cloud-init to enable rootless mode on k3OS
run_cmd:
- "echo 0 > /proc/sys/kernel/dmesg_restrict"
- "chmod a+r /dev/kmsg"
- "touch /var/log/k3s-service.log"
- "chown rancher /var/log/k3s-service.log"
- "if [ ! -f /var/lib/rancher/k3s/agent/etc ]; then mkdir -p /var/lib/rancher/k3s/agent/etc; fi"
- "chown -R rancher /var/lib/rancher/k3s/agent/etc"
k3os:
modules:
- overlay
@olljanat
olljanat / overlay-network-and-static-ips-for-docker-containers.md
Last active March 26, 2024 04:51
Overlay network and static IPs for Docker containers

I don't expect moby/moby#24170 to be solved by Docker team on near future so this gist is about looking for least ugly workarounds which are available today and on near future.

What is possible on Docker 19.03

Network

It is possible to create overlay network with use user specified subnet. On this example I create network which is size is two C -class networks ( IP range 10.0.0.0 - 10.0.1.255 ) and force Docker to use IPs from second part of it ( 10.0.1.0 - 10.0.1.255 ).

That way I can make sure that IPs 10.0.0.2 - 10.0.0.254 can be specified to containers and they do not collide with IPs which Docker engine assign for service(s)/container(s).

@olljanat
olljanat / MigrateVmIPsToIPAM.ps1
Last active March 20, 2019 10:56
Nutanix AHV - Migrates specified virtual machines IP addesses to IPAM reservations to avoid two IPs to be reserved per server
<#
.SYNOPSIS
Migrates specified virtual machines IP addesses to IPAM reservations to avoid two IPs to be reserved per server
.DESCRIPTION
Finds servers which have two reserved IP addresses,
removes old NIC and add new NIC with second IP (static IP inside of VM).
Can be run online but causes small network hickup for servers.
@olljanat
olljanat / Find-OrphanDockerLayers.ps1
Last active June 19, 2024 13:03
Find Windows containers orphan layers
param (
[switch]$RenameOrphanLayers
)
If ($RenameOrphanLayers) {
Write-Warning "$($env:COMPUTERNAME) -RenameOrphanLayers option enabled, will rename all orphan layers"
}
# Get known layers on Docker images
[array]$ImageDetails += docker images -q | ForEach { docker inspect $_ | ConvertFrom-Json }