Skip to content

Instantly share code, notes, and snippets.

View timlnx's full-sized avatar
💭
bitmath!

Tim Case timlnx

💭
bitmath!
74 followers · 48 following
View GitHub Profile
@timlnx
timlnx / fixup_cert_parsing_tests.patch
Created February 28, 2017 19:20
RE: https://github.com/openshift/openshift-ansible/pull/3449 cert parsing tests
From 21713422e20dd80e24a758ff4c700da2e4c1c3b8 Mon Sep 17 00:00:00 2001
From: Tim Bielawa <tbielawa@redhat.com>
Date: Tue, 28 Feb 2017 11:19:48 -0800
Subject: [PATCH] Add another cert parsing test
---
.../test/test_fakeopensslclasses.py | 55 +++++++++++++++++++++-
1 file changed, 53 insertions(+), 2 deletions(-)
diff --git a/roles/openshift_certificate_expiry/test/test_fakeopensslclasses.py b/roles/openshift_certificate_expiry/test/test_fakeopensslclasses.py
@timlnx
timlnx / NamedCertificates.md
Last active February 27, 2017 21:00 — forked from abutcher/NamedCertificates.md

OpenShift Named Certificates

This is a short guide explaining how to deploy and manage custom certificates via openshift-ansible. These custom certificates will be served for public facing UI/API.

1. Set up

NOTE: I'm running ansible from the first master so I'm creating the certificates in /root/ on my first master. The certificates will be copied to the masters (within /etc/origin/master/named_certificates/) by ansible. I could create them on my local system and run ansible from my local system instead.

1.1 Create CA Certificate

@timlnx
timlnx / NamedCertificates.md
Created February 27, 2017 20:42 — forked from abutcher/NamedCertificates.md

OpenShift Named Certificates

This is a short guide explaining how to deploy and manage custom certificates via openshift-ansible. These custom certificates will be served for public facing UI/API.

1. Set up

NOTE: I'm running ansible from the first master so I'm creating the certificates in /root/ on my first master. The certificates will be copied to the masters (within /etc/origin/master/named_certificates/) by ansible. I could create them on my local system and run ansible from my local system instead.

1.1 Create CA Certificate

@timlnx
timlnx / NamedCertificates.md
Created February 27, 2017 20:42 — forked from abutcher/NamedCertificates.md

OpenShift Named Certificates

This is a short guide explaining how to deploy and manage custom certificates via openshift-ansible. These custom certificates will be served for public facing UI/API.

1. Set up

NOTE: I'm running ansible from the first master so I'm creating the certificates in /root/ on my first master. The certificates will be copied to the masters (within /etc/origin/master/named_certificates/) by ansible. I could create them on my local system and run ansible from my local system instead.

1.1 Create CA Certificate

@timlnx
timlnx / how2duggie.md
Created February 23, 2017 18:24 — forked from abutcher/how2duggie.md

Teach me

@timlnx
timlnx / 0001-Hacky-work-around-for-rhel-subscribe.patch
Last active February 23, 2017 18:02
Test rhel sub
From 656a25ed8a290b6634927de000455aab0956198e Mon Sep 17 00:00:00 2001
From: Tim Bielawa <tbielawa@redhat.com>
Date: Tue, 7 Feb 2017 08:28:13 -0800
Subject: [PATCH] Hacky work-around for rhel-subscribe
---
playbooks/byo/rhel_subscribe.yml | 28 +++++++++++++++++++++++++++-
roles/rhel_subscribe/meta/main.yml | 2 +-
roles/rhel_subscribe/tasks/main.yml | 4 ++--
3 files changed, 30 insertions(+), 4 deletions(-)
@timlnx
timlnx / test_yedit.yaml-results.log
Created February 10, 2017 18:46
Using /home/tbielawa/rhat/os/openshift-ansible/ansible.cfg as config file
PLAY [masters] *****************************************************************
...
TASK [Do a 'yedit' for YAML files with 'servingInfo' in them] ******************
Friday 10 February 2017 10:43:35 -0800 (0:00:01.617) 0:00:02.383 *******
ok: [m01.example.com] => {
@timlnx
timlnx / hosts-local.ini
Last active February 7, 2017 16:21
[OSEv3:children]
masters
[OSEv3:vars]
ansible_ssh_user=root
deployment_type=openshift-enterprise
openshift_release=v3.4
openshift_uninstall_images=False
rhsub_pool="Employee SKU*"
@timlnx
timlnx / lint-with-excludes
Created January 10, 2017 16:56
. oo-installenv/bin/activate && tox
py27-flake8 develop-inst-noop: /home/tbielawa/rhat/os/openshift-ansible/utils
py27-flake8 runtests: commands[0] | flake8 --config=setup.cfg ../ --exclude=../utils,.tox,../inventory,../roles/lib_utils/src/class,../roles/lib_utils/src/test/
../roles/lib_utils/library/yedit.py:155:1: E402 module level import not at top of file
../roles/lib_utils/library/yedit.py:156:1: E402 module level import not at top of file
../roles/lib_utils/library/yedit.py:157:1: E402 module level import not at top of file
../roles/lib_utils/library/yedit.py:158:1: E402 module level import not at top of file
../roles/lib_utils/library/yedit.py:162:1: E265 block comment should start with '# '
../roles/lib_utils/library/yedit.py:165:1: E265 block comment should start with '# '
../roles/lib_utils/library/yedit.py:169:1: E303 too many blank lines (3)
@timlnx
timlnx / check-certs.yaml
Last active January 9, 2017 17:27
BZ1389264 - Check embedded
---
- name: Check cert expirys
hosts: nodes:masters:etcd
become: yes
gather_facts: no
vars:
openshift_certificate_expiry_show_all: yes
openshift_certificate_expiry_generate_html_report: yes
openshift_certificate_expiry_warning_days: 1500
openshift_certificate_expiry_save_json_results: yes