Skip to content

Instantly share code, notes, and snippets.

View bgulla's full-sized avatar
🦃
fast and loose is still fast.

Brandon bgulla

🦃
fast and loose is still fast.
67 followers · 37 following
  • Rancher Federal
  • Virginia
View GitHub Profile
@bgulla
bgulla / rke2_k3s_external_container_runtime.md
Last active February 22, 2024 08:26
Instructions for running RKE2/K3s with an external CRI/container-runtime

k3s/RKE2 with external CRI/containerd support

While k3s and RKE2 ship with their own statically-compiled containerd binary, sometimes you need to be able to utilize a more standard container socket. Especially if your container-scanner expects a more traditional installation path (i.e. Twistlock/PrismaCloud). This quick guide will show you how to get up and running with an external CRI.

Install containerd

There are better ways to do this, but the most common way of installing containerd is via the docker-ce yum repository.

sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
@bgulla
bgulla / banner_harvester.jpg
Last active April 22, 2024 02:45
Proxmox Nested Virtualization Tutorial- Harvester/ESXI
banner_harvester.jpg
@bgulla
bgulla / rke2_kubevip.md
Last active May 9, 2024 06:07
RKE2 api-server HA with Kube-VIP

On-Prem RKE2 api-server HA with Kube-VIP

               ,        ,  _______________________________
   ,-----------|'------'|  |                             |
  /.           '-'    |-'  |_____________________________|
 |/|             |    |    
   |   .________.'----'    _______________________________
   |  ||        |  ||      |                             |
   \__|'        \__|'      |_____________________________|
@bgulla
bgulla / proxmox_rancher_driver
Created January 19, 2021 14:50
How to spin up Rancher
WIP
@bgulla
bgulla / gist:595865a742952a1e8f1ba8d6f92fe497
Last active January 14, 2021 15:38
# _ _ _
# | | _____ _____(_) __| | ___
# | |/ _ \ \ /\ / / __| |/ _` |/ _ \
# | | (_) \ V V /\__ \ | (_| | __/
# |_|\___/ \_/\_/ |___/_|\__,_|\___|
#
# download images
wget https://github.com/rancher/rke2/releases/download/v1.18.13%2Brke2r1/rke2-images.linux-amd64.tar.gz
@bgulla
bgulla / rancher-mcm-svc.yaml
Created January 6, 2021 22:05
apiVersion: v1
kind: Service
metadata:
name: rancher-svc
namespace: kube-system
spec:
type: LoadBalancer
ports:
- port: 443
protocol: TCP
@bgulla
bgulla / rancher-mcm-install-airgap.sh
Created January 6, 2021 22:02
#!/bin/bash
# create the cattle-system namespace
kubectl create ns cattle-system
# Setup the certificate-authority
cp ./certs/ca.crt /tmp/cacerts.pem
kubectl -n cattle-system create secret generic tls-ca \
--from-file=cacerts.pem=/tmp/cacerts.pem
@bgulla
bgulla / rancher-banner.css
Created December 14, 2020 14:31
Rancher UI-Banner CSS
{
"banner": {
"textColor": "#FFFFFF",
"background": "#368024",
"text": "UNCLASSIFIED Rancher Federal Demo Environment UNCLASSIFIED"
},
"showHeader": "true",
"showFooter": "true"
}
@bgulla
bgulla / metal-lb-canary-test.yaml
Created December 9, 2020 03:31
example metal-lb canary test
---
apiVersion: v1
kind: Namespace
metadata:
name: demo
---
apiVersion: apps/v1
kind: Deployment
metadata:
@bgulla
bgulla / tplink-kasa-blocklist.txt
Created November 18, 2020 02:22
TP-Link Kasa host blocklist to prevent firmware updating.