- Configure the Network Protocol Profile on the vCenter according to: https://www.virtualthoughts.co.uk/2020/03/29/rancher-vsphere-network-protocol-profiles-and-static-ip-addresses-for-k8s-nodes/
- Ensure to create a service user with the regarding global and folder specific permissions: https://rancher.com/docs/rancher/v2.x/en/cluster-provisioning/rke-clusters/node-pools/vsphere/provisioning-vsphere-clusters/creating-credentials/
- Beside the vCenter role permissions from the official Rancher documentation, the following ones need to be provided in order to configure the Nodes via vApp options:
- Content Library: Read storage
- Extension: Register extension
- Beside the vCenter role permissions from the official Rancher documentation, the following ones need to be provided in order to configure the Nodes via vApp options:
- vSphere Tagging: Assign or Unassign vSphere Tag on Object
Socheat Sok socheatsok78
π
socheatsok78
/ 0-rancher-vsphere-setup.md
Created
May 24, 2023 18:57
— forked from PhilipSchmid/0-rancher-vsphere-setup.md
How to set up a Rancher K8s cluster on VMware (incl. vSphere StorageClass)
socheatsok78
/ golang_job_queue.md
Created
July 7, 2023 09:45
— forked from harlow/golang_job_queue.md
Job queues in Golang
A running example of the code from:
- http://marcio.io/2015/07/handling-1-million-requests-per-minute-with-golang
- http://nesv.github.io/golang/2014/02/25/worker-queues-in-go.html
This gist creates a working example from blog post, and a alternate example using simple worker pool.
TLDR: if you want simple and controlled concurrency use a worker pool.
socheatsok78
/ Generating stronger DH parameters for nginx
Created
July 11, 2023 11:03
— forked from ageis/Generating stronger DH parameters for nginx
Generating stronger DH parameters for nginx's SSL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # run in the terminal, then set as ssl_dhparam in nginx.conf | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096 |
socheatsok78
/ docker-swarm-architecture.md
Created
September 27, 2023 02:02
— forked from scyto/docker-swarm-architecture.md
My Docker Swarm Architecture
This (and related gists) captures how i created my docker swarm architecture. This is intended mostly for my own notes incase i need to re-creeate anything later! As such expect some typos and possibly even an error...
Each major task has its own gist, this is to help with maitainability long term.
socheatsok78
/ Hyperlinks_in_Terminal_Emulators.md
Created
November 3, 2023 02:20
— forked from egmontkob/Hyperlinks_in_Terminal_Emulators.md
Hyperlinks in Terminal Emulators
[ Update 2020-05-31: I won't be maintaining this page or responding to comments anymore (except for perhaps a few exceptional occasions). ]
Most of the terminal emulators auto-detect when a URL appears onscreen and allow to conveniently open them (e.g. via Ctrl+click or Cmd+click, or the right click menu).
It was, however, not possible until now for arbitrary text to point to URLs, just as on webpages.
socheatsok78
/ trusted_certificate_stores_on_linux_os_and_applications.md
Created
November 13, 2023 08:57
— forked from CMCDragonkai/trusted_certificate_stores_on_linux_os_and_applications.md
SSL/TLS: Trusted Certificate Stores on Linux Operating Systems and Applications
The SSL/TLS store location is not standardised across operating systems or even Linux distros. It could be anywhere in:
- /etc/ssl/certs
- /etc/pki/tls/certs/ca-bundle.crt
- /etc/ssl/certs/ca-bundle.crt
- /etc/pki/tls/certs/ca-bundle.trust.crt
socheatsok78
/ KUBERNETES_SETUP.md
Created
March 29, 2024 03:48
— forked from dPacc/KUBERNETES_SETUP.md
Setup Kubernetes Cluster on premise using kubeadm
socheatsok78
/ flush-iptables.sh
Created
November 7, 2024 10:20
— forked from mrclay/flush-iptables.sh
Flush IP tables and restart docker
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script is needed because my default firewall rules are messed up and after | |
| # every restart, docker containers can't make connections to the host, notably | |
| # preventing debuggers like xdebug from attaching. | |
| # If networking fails in your containers but works in others, rm and re-create the | |
| # docker network that container is bound to. | |
| set -euo pipefail |
OlderNewer