Skip to content

Instantly share code, notes, and snippets.

View williamcaban's full-sized avatar

William Caban Babilonia williamcaban

68 followers · 41 following
View GitHub Profile
@williamcaban
williamcaban / 00-README.md
Last active September 14, 2021 23:08
podman-based systemd container registry

Stand-alone Container Registry

  • Complete 01-prerequisites.md
  • Copy pod-registry.service to /etc/systemd/system/poc-registry.service
  • chmod 664 to /etc/systemd/system/poc-registry.service
  • systemctl daemon-reload
  • podman pull docker.io/library/registry:2
  • systemctl enable --now poc-registry
  • systemctl status poc-registry
  • Update pull-secret to have access to local registry 02-create-pull-secret.md
@williamcaban
williamcaban / downwards-api-pod.yaml
Created September 5, 2021 21:50
Example of Pod using downwards API
---
# Example of Pod using downwards API
apiVersion: v1
kind: Pod
metadata:
name: dapi-envars-fieldref
spec:
containers:
- name: test-container
image: registry.access.redhat.com/ubi8/ubi:latest
@williamcaban
williamcaban / 00-lab.conf
Last active September 5, 2021 22:03
Example of dnsmasq for OpenShift lab
# /etc/dnsmasq.d/lab.conf
###############################################################################
# DNS Server (simple)
###############################################################################
#log-facility=-
log-facility=/opt/dnsmasq/dnsmasq.log
log-async=25
# default to 150
dns-forward-max=500
@williamcaban
williamcaban / 00-README.md
Last active August 19, 2021 18:20

Example (Privileged deployment with privileges to modify network)

  1. Create namespace & ServiceAccount (see 01-create-ns.yaml)

  2. Assign privileges to ServiceAccount

# Move to the project
oc project net-pod-sa
# assign privileged SCC to SA
@williamcaban
williamcaban / OVN IPSec East-West.md
Last active June 11, 2021 19:36

OVN IPSec for east-west traffic

With OCP 4.7 IPSec for east-west traffic is a day-1 configuraiton. With OCP 4.8 this can also be applied as a day-2 configuration.

  • Setup install-config.yaml to use IPSec
networking:
  networkType: OVNKubernetes
@williamcaban
williamcaban / Sushy Tools - Redfish Libvirt.md
Last active March 26, 2025 17:02

Using Sushy Tools with Libvirt

  • Add linux user to libvirt group
sudo usermod -a -G libvirt <your-user>
sudo -y install libvirt-devel gcc python3-devel
  • Login and validate user can execute virsh commands
@williamcaban
williamcaban / 15-generate-big-iso.sh
Created January 27, 2021 14:24
#!/bin/bash
source ~/set-environment
ADDING_NODES=${1:-"add-nodes"}
USE_RENDERED=${2:-"true"}
# path to rhcos-live iso
export RHCOS_LIVE=~/images/rhcos-live.x86_64.iso
if [ ! -f rhcos-live.x86_64.iso ]; then
@williamcaban
williamcaban / redfish-commands.sh
Last active March 31, 2025 01:14
#!/bin/bash
set -euoE pipefail
# Redfish commands related to Virtual Media.
# Redfish doc reference: https://www.supermicro.com/manuals/other/RedfishRefGuide.pdf
export BMC_ADDRESS=''
export ISO_IMAGE=http://192.168.117.9:8080/ocp4-rwn-1-small.iso
export username_password='Administrator:superuser'
@williamcaban
williamcaban / mh-sriov-network-policy.yaml
Last active December 29, 2020 20:53
---
apiVersion: sriovnetwork.openshift.io/v1
kind: SriovNetworkNodePolicy
metadata:
name: mh-vfio-ens2f0
namespace: openshift-sriov-network-operator
spec:
# name of Midhaul it connects to
resourceName: mh_vfio_ens2f0
nodeSelector:
@williamcaban
williamcaban / OCP Telco Notes.md
Last active October 10, 2023 23:05

Troubleshooting CPU isolation

  • Identifying cores assigned to a particular container
ID=$(crictl ps --label io.kubernetes.container.name=<name-of-container> -o json | jq -r '.containers[0].id')
PID=$(crictl inspect $ID | jq -r '.info.pid')
taskset -pc $PID

Troubleshooting