Skip to content

Instantly share code, notes, and snippets.

View egernst's full-sized avatar

Eric Ernst egernst

48 followers · 8 following
View GitHub Profile
@egernst
egernst / cor-sriov-with-cnm-plugin.md
Last active December 8, 2017 23:04
COR edition: SRIO-V with Docker CNM plugin

Using a Docker CNM plugin to play with SRIO-V

This gist describes the setup necessary for testing SRIO-V based connectivity between two physical boxes which are each setup as described here, and directly connected via their respective SRIO-V enabled NICs.

Setup host system's packages

For this scenario, I'm setting up two Ubuntu 16.04 systems which have a SRIO-V enabled interface as well as a second port for accessing the SUT. To setup:

@egernst
egernst / cmds
Last active February 14, 2018 19:41
kata-agent work
sudo crictl runs ./sandbox_config.json
sudo crictl create db1409f8ef944cd2a2cb07 container_bad.json sandbox_config.json
sudo crictl sandboxes
sudo crictl ps
@egernst
egernst / config.md
Last active March 28, 2018 22:03
mlx play kernel config changes 

161c161
< CONFIG_CGROUP_RDMA=y
---
> # CONFIG_CGROUP_RDMA is not set
356d355
< CONFIG_BLK_MQ_RDMA=y
736d734
< # CONFIG_SMC is not set
@egernst
egernst / compose-fail.md
Last active April 24, 2018 14:29
docker dns failure for kata

root@eernstworkstation:/var/run/docker/netns# iptables-save

Generated by iptables-save v1.6.0 on Fri Mar 2 14:08:00 2018

*nat :PREROUTING ACCEPT [1:60] :INPUT ACCEPT [1:60] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :DOCKER_OUTPUT - [0:0] :DOCKER_POSTROUTING - [0:0] -A OUTPUT -d 127.0.0.11/32 -j DOCKER_OUTPUT

@egernst
egernst / sequence-diagram.txt
Created April 24, 2018 17:36
Kata sequence diagram
Title: Kata Flow
participant CRI
participant CRIO
participant Kata Runtime
participant virtcontainers
participant hypervisor
participant agent
participant shim
participant proxy
#
@egernst
egernst / journal-hack.md
Created April 25, 2018 14:42
clear the journal 
sudo journalctl --rotate && sudo journalctl --vacuum-time=1seconds
@egernst
egernst / ubuntu-untrusted.yaml
Created May 10, 2018 23:46
test yaml - untrusted
apiVersion: v1
kind: Pod
metadata:
annotations:
io.kubernetes.cri-o.TrustedSandbox: "false"
name: ubuntu-pod-untrusted
spec:
containers:
- name: ubuntu
image: "ubuntu:14.04"
@egernst
egernst / gettingdashboardworking.md
Created May 15, 2018 04:37
azure + dashboard
  1. Allow port input on 443 fo the azure instance
  2. Grab the cluster conf (.kube/config) to the local machine
  3. Install kubectl on the local machine
  4. Make sure you can access the cluster
  5. On local, run kubectl proxy (this is specific to do port forwarding for the dashboard itself)
  6. Connect to URL:
  7. Get the token to use for logging in: kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
@egernst
egernst / dockerbehindproxy.md
Created March 26, 2018 18:56
Popular ways I fail with docker behind proxy

Getting Docker working well behind Proxy on Ubuntu

Docker's runtime config setup:

$ cat ~/.docker/config.json 
{
	"proxies":
	{
 "default":
@egernst
egernst / kata-cleanup.yaml
Created June 12, 2018 23:01
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kubelet-cri-o-kata-cleanup
namespace: kube-system
spec:
selector:
matchLabels:
name: kubelet-cri-o-kata-cleanup