- Allow unsafesysctls to be run on node:
https://docs.openshift.com/container-platform/4.12/nodes/containers/nodes-containers-sysctls.html#nodes-containers-sysctls-unsafe_nodes-containers-using
- If setting for all workers the workers, set label on worker mcp
# oc label mcp worker custom-kubelet=sysctl- Create a kubeletconfig
apiVersion: machineconfiguration.openshift.io/v1 kind: KubeletConfig
Ryan Howe rjhowe
rjhowe
/ backingfsblockdev.yaml
Last active
May 30, 2023 14:35
MachineConfig for https://access.redhat.com/solutions/6844091
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: machineconfiguration.openshift.io/v1 | |
| kind: MachineConfig | |
| metadata: | |
| labels: | |
| machineconfiguration.openshift.io/role: worker | |
| name: recreate-backingfsblockdev | |
| spec: | |
| config: | |
| ignition: | |
| version: 3.2.0 |
rjhowe
/ gist:414883db726f1396bf54d1c858f846f8
Created
February 7, 2023 21:44
kubectl-dev_tool example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # kubectl-dev_tool audit --subresource="*" --verb=list -o top --by=user -f audit-2023-02-07T15-02-18.917.log | |
| count: 9201, first: 2023-02-07T09:46:41-05:00, last: 2023-02-07T10:02:18-05:00, duration: 15m37.691882s | |
| 4071x system:serviceaccount:sysdig-agent:sysdig-agent | |
| 574x system:serviceaccount:openshift-machine-config-operator:machine-config-daemon | |
| 543x system:serviceaccount:openshift-dns:dns | |
| 456x system:apiserver | |
| 360x system:serviceaccount:openshift-cluster-node-tuning-operator:tuned | |
| 286x system:serviceaccount:openshift-monitoring:prometheus-k8s | |
| 275x system:serviceaccount:openshift-operator-lifecycle-manager:olm-operator-serviceaccount | |
| 177x system:serviceaccount:openshift-operators:jaeger-operator |
rjhowe
/ gist:cdcc91a32a3f7066d8a5d9a9e7f214e2
Created
January 12, 2023 21:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| oc get nodes -o template --template='{{ range .items }}{{ $desired := index .metadata.annotations "machineconfiguration.openshift.io/desiredConfig" }}{{ $current := index .metadata.annotations "machineconfiguration.openshift.io/currentConfig" }} {{ if $current }} {{ if eq $current $desired }} Node Name: {{ .metadata.name }} {{"\t"}}Machine Config: {{ index .metadata.annotations "machineconfiguration.openshift.io/currentConfig" }} {{ println }}{{ end }}{{ if ne $current $desired }} Current != Desired {{"\t"}} Node Name: {{ .metadata.name }} {{"\t"}} Current: {{ index .metadata.annotations "machineconfiguration.openshift.io/currentConfig" }} {{"\t"}} Desired: {{ index .metadata.annotations "machineconfiguration.openshift.io/desiredConfig" }}{{ println }}{{ end }}{{ end }}{{ end }}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM quay.io/fedora/fedora | |
| RUN dnf -y update && dnf clean all && \ | |
| INSTALL_PKGS="\ | |
| ncat \ | |
| openssl \ | |
| && \ | |
| dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ |
rjhowe
/ ocp-osp-etcd-volume.md
Last active
August 31, 2022 21:06
rjhowe
/ ingress_override.md
Last active
August 25, 2022 18:37
4.8 +
# oc patch ingresscontroller default -n openshift-ingress-operator -p '[{"op": "add", "path": "/spec/tuningOptions/threadCount", "value" : 8}]' --type=json
4.7 and below
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/bin/bash | |
| #USAGE | |
| # `ocpkg 4.8.34`` or with out y release and latest will be chosen `ocpkg 4.8`` | |
| DEPENDENCIES=("oc" "jq" "skopeo") | |
| IFS=. read -r Ver4 VerX VerY <<< ${1} | |
| STREAM=fast | |
| CHANNEL="${STREAM}-4.${VerX}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kind: List | |
| apiVersion: v1 | |
| items: | |
| - apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| name: hello-openshift | |
| app: hello-openshift | |
| name: hello-openshift |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: operator.openshift.io/v1 | |
| kind: IngressController | |
| metadata: | |
| name: default | |
| namespace: openshift-ingress-operator | |
| spec: | |
| replicas: 3 | |
| endpointPublishingStrategy: | |
| type: HostNetwork | |
| nodePlacement: |
NewerOlder