ericbisme

https://github.com/k3s-io/k3s/issues/2732#issuecomment-749181797

Run pod with etcdctl:
kubectl run --rm --tty --stdin --image docker.io/bitnami/etcd:latest etcdctl --overrides='{"apiVersion":"v1","kind":"Pod","spec":{"hostNetwork":true,"restartPolicy":"Never","securityContext":{"runAsUser":0,"runAsGroup":0},"containers":[{"command":["/bin/bash"],"image":"docker.io/bitnami/etcd:latest","name":"etcdctl","stdin":true,"stdinOnce":true,"tty":true,"volumeMounts":[{"mountPath":"/var/lib/rancher","name":"var-lib-rancher"}]}],"volumes":[{"name":"var-lib-rancher","hostPath":{"path":"/var/lib/rancher","type":"Directory"}}]}}'


Remove member (must use hex ID):
./bin/etcdctl --key /var/lib/rancher/k3s/server/tls/etcd/client.key --cert /var/lib/rancher/k3s/server/tls/etcd/client.crt --cacert /var/lib/rancher/k3s/server/tls/etcd/server-ca.crt member remove 327051268c526155

List Members:

ericbisme

awk -v t=2592000 '$1 < t { exit 0 ; } $1 >= t { exit 1 ; }' /proc/uptime

ericbisme

# Cordon nodes of a particular version
k cordon $(k get nodes --no-headers | awk 'BEGIN { ORS=" " }; $5 == "v1.15.11-eks-14f01f" {print $1}' )

# Cordon nodes older than 10 days
kubectl cordon $(kubectl get no --no-headers -o go-template --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk 'BEGIN { ORS=" " }; $2 <= "'$(date -u -v -10d +%Y-%m-%dT%H:%M:%SZ)'" { print $1 }')

# View of autoscaling groups in a table
aws autoscaling describe-auto-scaling-groups --output table --query "AutoScalingGroups[? Tags[? (Key=='k8s.io/cluster/XXXX') && Value=='owned']]".'[AutoScalingGroupName,DesiredCapacity]'

ericbisme

# Initialize a gitlab-runner in a utility namespace dedicated to customer namespace
# Designed to faciliate customer self-service to their namespace(s) via GitLab
---
apiVersion: batch/v1
kind: Job
metadata:
  name: deploy-gitlab-runner-<customer>-<namespace>
spec:
  ttlSecondsAfterFinished: 100
  template:

ericbisme

#!/bin/bash
# https://discuss.elastic.co/t/how-to-set-passwords-for-built-in-users-in-batch-mode/119655/7

# Passwords:
BOOTSTRAP="$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)"
ELASTIC=""
KIBANA=""
LOGSTASH_SYSTEM=""
BEATS_SYSTEM=""

ericbisme

echo 'address=/ericbisme.net/192.168.10.128 # K8s Ingress'         > /etc/dnsmasq.d/10-thepit.conf && \
echo 'address=/pi.hole/192.168.10.128       # pi-hole address'    >> /etc/dnsmasq.d/10-thepit.conf && \
echo 'server=/thepit.ericbisme.net/1.1.1.1  # Resolve externally' >> /etc/dnsmasq.d/10-thepit.conf && \
service dnsmasq restart

address=/ericbisme.net/192.168.10.128 # K8s Ingress
address=/pi.hole/192.168.10.128 # pi-hole address
server=/thepit.ericbisme.net/1.1.1.1

{

ericbisme

# Install Grey Heller ERP Firewall Web files
class greyheller::erpfirewall::web (
  $archive_location       = hiera('erp_firewall_basedir'),
  $psft_install_user_name = hiera('psft_install_user_name'),
  $psft_runtime_user_name = hiera('psft_runtime_user_name'),
  $ps_home_location       = hiera('ps_home_location'),
  $ps_config_home         = hiera('ps_config_home'),
  $pia_domain_name        = hiera('pia_domain_name'),
  $failopen               = false,
  $enabled                = true,

ericbisme

#Set Heapsize in WebLogic setEnv.sh
class cu_ps_weblogic::ps_weblogic_setenv (
  $ps_config_home  = hiera('ps_config_home'),
  $pia_domain_name = hiera('pia_domain_name'),
  $wl_heapsize     = hiera('wl_heapsize'),
  $wl_threadpool   = hiera('wl_threadpool'),
){

  Ini_Subsetting {
    path       => "${ps_config_home}/webserv/${pia_domain_name}/bin/setEnv.sh",

ericbisme

bashrc template. hardcodes different Tuxedo version.

ericbisme

# managed by puppet
---
:backends:
  - eyaml
  - yaml

:logger: console

:hierarchy:
  - "nodes/%{::clientcert}"