Skip to content

Instantly share code, notes, and snippets.

Avatar

Philip Schmid PhilipSchmid

View GitHub Profile
View 0-minio-readme.md

Single-host Minio Setup

Docker-Compose single-host Minio S3 setup using Traefik (Let's Encrypt with DNS-01 challenge via Cloudflare) for TLS offloading.

Tested on Ubuntu 20.04.

Host Prerequisites

Run all commands shown here with root or prepend a sudo to the regarding commands which require higher privileges.

Install Docker

@PhilipSchmid
PhilipSchmid / rke2-node-cleanup.md
Last active Jun 15, 2022
RKE2 node cleanup statements to clean up a node after a failed Rancher custom cluster installation try
View rke2-node-cleanup.md

RKE2 Node Cleanup To reset a RKE2 node, run the following commands:

# rke2-(server|agent) related
rke2-killall.sh
rke2-uninstall.sh
# rancher-system-agent related
systemctl stop rancher-system-agent.service
systemctl disable rancher-system-agent.service
rm -f /etc/systemd/system/rancher-system-agent.service
@PhilipSchmid
PhilipSchmid / kvm-windows-10-guest-ultrawide-resolution.md
Created Sep 27, 2020
3440x1440 resolution for Windows 10 KVM VM
View kvm-windows-10-guest-ultrawide-resolution.md

Configure a Windows 10 KVM Guest to use an ultrawide display resolution (3440x1440)

  1. virsh edit Windows10
  2. Navigate to the <video> section and change it to the following one:
    <video>
      <model type='qxl' ram='131072' vram='131072' vgamem='32768' heads='1' primary='yes'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </video>
@PhilipSchmid
PhilipSchmid / 0-rancher-vsphere-setup.md
Last active May 23, 2022
How to set up a Rancher K8s cluster on VMware (incl. vSphere StorageClass)
View 0-rancher-vsphere-setup.md

Rancher K8s Cluster on VMware vSphere

Prerequisites

vCenter Configuration

@PhilipSchmid
PhilipSchmid / rancher-keycloak-idp-configuration.md
Last active May 13, 2022
Rancher v2.X KeyCloak Authentication Backend Configuration
View rancher-keycloak-idp-configuration.md

Rancher v2.X KeyCloak Authentication Backend Configuration

Ranchers official documentation about how to configure the Rancher <> KeyCloak setup is fine but definitely not sufficient to successfully configure it (https://rancher.com/docs/rancher/v2.x/en/admin-settings/authentication/keycloak/). That's the reason why here every single required step is documented down here.

KeyCloak Configuration

I simply use the default master realm for the Rancher client. Nevertheless, it would sometimes absolutely make sense to use a custom KeyCloak realm.

  1. Login as admin on https://keycloak.example.com/. Important: It's crucial that in KeyCloak the same username exists as you use as admin user on Rancher. Since I just use the admin account in this guide, this prerequisite is already achieved.
  2. Create a new client under https://keycloak.example.com/auth/admin/master/console/#/realms/master/clients
  • Client ID: https://rancher.example.com/v1-saml/keycloak/saml/metadata
@PhilipSchmid
PhilipSchmid / multicast-on-linux.md
Last active May 9, 2022
Testing Multicast Traffic on Linux
View multicast-on-linux.md

Testing Multicast Traffic on Linux

Prerequisites

By default Linux ignores Broadcast and Multicast ICMP messages. That's why you need to enable it first:

sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=0

Join and Test Multicast Traffic

To join any mutlicast address (e.g. 224.10.10.10/24) just add it to your active interface (e.g. eth0) and append the keyword autojoin at the end:

@PhilipSchmid
PhilipSchmid / ubuntu-1804-lacp-bonding.md
Last active Apr 17, 2022
Ubuntu 18.04 LACP Network Interface Bonding
View ubuntu-1804-lacp-bonding.md

Interface bonding

Configure a LACP active network interface bonding on Ubuntu 18.04 using netplan:

root@srv01:~# mv /etc/netplan/50-cloud-init.yaml /etc/netplan/01-netcfg.yaml
root@srv01:~# cat /etc/netplan/01-netcfg.yaml 
network:
    version: 2
    renderer: networkd
 ethernets:
@PhilipSchmid
PhilipSchmid / quick-k8s-setup.md
Created Mar 9, 2022
Quick & dirty (copy & paste, single-host) Kubernetes setup based on RKE2, Cilium, Nginx and Longhorn
View quick-k8s-setup.md

Quick & Dirty, Copy & Paste, Single-Host Kubernetes Setup

Tested on a Rocky Linux 8.4 VM on DigitalOcean. Run everything as root. Based on RKE2, Cilium, Nginx and Longhorn.

Disable SELinux & Swap

# SELinux
sestatus
setenforce 0
sed -i --follow-symlinks 's/^SELINUX=.*/SELINUX=permissive/g' /etc/sysconfig/selinux && cat /etc/sysconfig/selinux
sestatus
@PhilipSchmid
PhilipSchmid / bash-template.sh
Last active Mar 7, 2022
Bash script template (incl. logging functions)
View bash-template.sh
#!/bin/bash
#################################
# Constants / global variables
#################################
LOGFILE='example.log'
LOGLEVEL='INFO'
#################################
# Functions
@PhilipSchmid
PhilipSchmid / clientless-linux-remote-access.md
Last active Feb 25, 2022
Using Apache Guacamole in combination with VNC for clientless Linux remote access
View clientless-linux-remote-access.md

Clientless Linux remote access with Apache Guacamole

Quick and dirty guide how to get Apache Guacamole in combination with VNC up and running.

Apache Guacamole

Prerequisites

sudo add-apt-repository -y ppa:remmina-ppa-team/freerdp-daily
sudo apt update
env DEBIAN_FRONTEND=noninteractive sudo apt install -y freerdp2-dev freerdp2-x11