Skip to content

Instantly share code, notes, and snippets.


Philip Schmid PhilipSchmid

View GitHub Profile

Single-host Minio Setup

Docker-Compose single-host Minio S3 setup using Traefik (Let's Encrypt with DNS-01 challenge via Cloudflare) for TLS offloading.

Tested on Ubuntu 20.04.

Host Prerequisites

Run all commands shown here with root or prepend a sudo to the regarding commands which require higher privileges.

Install Docker

PhilipSchmid /
Created Mar 9, 2022
Quick & dirty (copy & paste, single-host) Kubernetes setup based on RKE2, Cilium, Nginx and Longhorn

Quick & Dirty, Copy & Paste, Single-Host Kubernetes Setup

Tested on a Rocky Linux 8.4 VM on DigitalOcean. Run everything as root. Based on RKE2, Cilium, Nginx and Longhorn.

Disable SELinux & Swap

# SELinux
setenforce 0
sed -i --follow-symlinks 's/^SELINUX=.*/SELINUX=permissive/g' /etc/sysconfig/selinux && cat /etc/sysconfig/selinux
PhilipSchmid /
Last active Feb 17, 2022
RKE2 node cleanup statements to clean up a node after a failed Rancher custom cluster installation try

RKE2 Node Cleanup To reset a RKE2 node, run the following commands:

# rke2-(server|agent) related
# rancher-system-agent related
systemctl stop rancher-system-agent.service
systemctl disable rancher-system-agent.service
rm -f /etc/systemd/system/rancher-system-agent.service
PhilipSchmid / cks-bookmarks.html
Last active Jan 16, 2022
Collection of allowed bookmarks for the Linux Foundation CKS exam (December 2021, K8s 1.22) -
View cks-bookmarks.html
<!DOCTYPE NETSCAPE-Bookmark-file-1>
<!-- This is an automatically generated file.
It will be read and overwritten.
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8">
<DT><H3 ADD_DATE="1639761932" LAST_MODIFIED="1639906307" PERSONAL_TOOLBAR_FOLDER="true">Bookmarks bar</H3>

How to disable Kube-Proxy in RKE2

Example use case: Running the Cilium CNI without any kube-proxy

On all RKE2 servers (master nodes), add the following configuration to your /etc/rancher/rke2/config.yaml file:

disable-kube-proxy: "true"

Now the important step: If you already had stared the RKE2 service before (without this flag and with kube-proxy enabled), ensure to also delete the kube-proxy.yaml static pod manifest:

PhilipSchmid / kuard-http-testing-app.yaml
Created Oct 26, 2021
Deployment, Service and Ingress object for the HTTP testing app kuard -
View kuard-http-testing-app.yaml
apiVersion: apps/v1
kind: Deployment
app: kuard
name: kuard
namespace: kuard
replicas: 1
# NS
kubectl create ns cadvisor-issue-test
# PV
echo "
apiVersion: v1
kind: PersistentVolume
name: pvc-cadvisor-issue-test
PhilipSchmid / prometheus_alert_rules_for_certmanager.yaml
Last active Sep 15, 2021
4 helpful Prometheus alerting rules for Cert-Manager & its Certificate CRs
View prometheus_alert_rules_for_certmanager.yaml
- name: custom_certmanager_monitoring
- alert: CertManagerAbsent
expr: absent(up{job="cert-manager"})
for: 1h
message: "Cert Manager has dissapeared from Prometheus service discovery."
severity: critical
- alert: CertManagerACMEProxyReachability
PhilipSchmid /
Last active Jan 28, 2021
Installing Alacritty, Tmux, Fish, OMF, bobthefish

Alacritty, Tmux, Fish Setup

A short tutorial how to setup a nice terminal environment using Alacritty, Tmux, Fish, OMF and the Fish theme bobthefish.

Tested on Pop_OS 20.04.

Basic Installation

  1. Install the required packages:
sudo apt install alacritty tmux fish fonts-powerline fonts-hack-ttf