Skip to content

Instantly share code, notes, and snippets.

Natale Vinto blues-man

Block or report user

Report or block blues-man

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View ignition
{
"ignition":{
"config":{
"append":[
{
"source":"https://api-int.test.net:22623/config/master",
"verification":{
}
}
View kcli
parameters:
pool: default
domain: mine.domain.tld
template: ''
iso: /var/lib/libvirt/images/rhcos-4.1.0-x86_64-installer.iso
controller: 3
worker: 3
reservedns: true
reserveip: false
View haproxy-ocp4
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
View iptables-save-libvirt
# Generated by iptables-save v1.4.21 on Fri Aug 9 11:37:31 2019
*filter
:INPUT ACCEPT [92033804:78962211183]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [100931247:79608484195]
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
@blues-man
blues-man / selinux_policy_timedated.txt
Last active Feb 8, 2019
SELinux blocks timedatectl to update timezone, SELinux script to unblock it
View selinux_policy_timedated.txt
# timedatectl set-timezone Europe/Berlin
Failed to set time zone: Access denied
# grep denied /var/log/audit/audit.log
type=AVC msg=audit(1530808024.058:35494): avc: denied { unlink } for pid=32035 comm="systemd-timedat" name="localtime" dev="vda1" ino=74 scontext=system_u:system_r:systemd_timedated_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=lnk_file
# cat /var/log/audit/audit.log | audit2allow -M timezone
#============= systemd_timedated_t ==============
View functions
#################################################################
# Functions for Managing Sonatype Nexus #
# #
# Authors: #
# - Jorge Morales https://github.com/jorgemoralespou #
# - Siamak Sadeghianfar https://github.com/siamaksade #
# #
#################################################################
#
View nexus-proxy.yaml
apiVersion: v1
kind: Template
labels:
template: nexus3-persistent-template
metadata:
name: nexus3-persistent
annotations:
description: Sonatype Nexus 3 persistent template
tags: ci,nexus
objects:
View gist:c7486d62e4675fc9cfc39ad6020d5a3e
Mar 14 16:16:31 ocapp2 atomic-openshift-node[101388]: W0314 16:16:31.933319 101388 docker_sandbox.go:337] failed to read pod IP from plugin/docker: NetworkPlugin cni failed on the status hook for pod "registry-console-1-ss9pw_default": CNI failed to retrieve network namespace path: Cannot find network namespace for the terminated container "26f0243dd8960f4d06a1f13e0936b6162a69751ff8b61b4543449ad883d25438"
Mar 14 16:16:31 ocapp2 atomic-openshift-node[101388]: E0314 16:16:31.938814 101388 remote_runtime.go:277] ContainerStatus "7dacf91b83b70957310e1fd9f1423945d4b10dcd397996606947af276f4ed929" from runtime service failed: rpc error: code = 2 desc = unable to inspect docker image "sha256:58f504111c7f53def2308d0069591ffb9f285dec49f87be8b5132e036a3bf673" while inspecting docker container "7dacf91b83b70957310e1fd9f1423945d4b10dcd397996606947af276f4ed929": no such image: "sha256:58f504111c7f53def2308d0069591ffb9f285dec49f87be8b5132e036a3bf673"
Mar 14 16:16:31 ocapp2 atomic-openshift-node[101388]: E0314 16:16:31.938
View prometheus ocp nfs
# Prometheus
openshift_hosted_prometheus_deploy=true
openshift_prometheus_namespace=openshift-metrics
openshift_prometheus_node_selector={"mission":"infra"}
openshift_prometheus_storage_kind=nfs
openshift_prometheus_storage_access_modes=['ReadWriteOnce']
openshift_prometheus_storage_host=IP
openshift_prometheus_storage_nfs_directory=/exports
openshift_prometheus_storage_volume_name=prometheus
openshift_prometheus_storage_volume_size=10Gi
@blues-man
blues-man / install_logging.yaml
Created Mar 13, 2018
Fix for OCP 3.7 with ES on NFS
View install_logging.yaml
---
- name: Gather OpenShift Logging Facts
openshift_logging_facts:
oc_bin: "{{openshift.common.client_binary}}"
openshift_logging_namespace: "{{openshift_logging_namespace}}"
- name: Set logging project
oc_project:
state: present
name: "{{ openshift_logging_namespace }}"
You can’t perform that action at this time.