euank

[vm_0] *** Error in `/usr/bin/python2.7': double free or corruption (out): 0x00007f43ec00eb10 ***
[vm_0] ======= Backtrace: =========
[vm_0] /lib64/libc.so.6(+0x6f1b3)[0x7f43fb6a31b3]
[vm_0] /lib64/libc.so.6(+0x74816)[0x7f43fb6a8816]
[vm_0] /lib64/libc.so.6(+0x7501e)[0x7f43fb6a901e]
[vm_0] /usr/lib64/libpython2.7.so.1.0(PyThread_ReInitTLS+0x49)[0x7f43fbcfe829]
[vm_0] /usr/lib64/libpython2.7.so.1.0(PyOS_AfterFork+0x44)[0x7f43fbd04554]
[vm_0] /usr/lib64/libpython2.7.so.1.0(+0x118a46)[0x7f43fbd08a46]
[vm_0] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalFrameEx+0x7023)[0x7f43fbcd21f3]
[vm_0] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalCodeEx+0x820)[0x7f43fbcd48a0]

euank

storage:
  files:
  - filesystem: root
    mode: 420
    path: /etc/ssh/sshd_config
    contents:
      inline: |-
        # From: https://wiki.mozilla.org/Security/Guidelines/OpenSSH#Modern_.28OpenSSH_6.7.2B.29
        # Supported HostKey algorithms by order of preference.
        HostKey /etc/ssh/ssh_host_ed25519_key

euank

#!/bin/bash

set -x
set -e

source /etc/environment
MY_IP=${COREOS_PRIVATE_IPV4}

openssl genrsa -out ca-key.pem 2048
openssl req -x509 -new -nodes -key ca-key.pem -days 10000 -out ca.pem -subj "/CN=kube-ca"

euank

function libvirt::domain::add_ignition() {
  file=${1:?must set domain xml file}
  ignition=${2:?must set ignition file path}

  xmlstarlet ed -P -L -i "//domain" -t attr -n "xmlns:qemu" --value "http://libvirt.org/schemas/domain/qemu/1.0" "${file}"
  xmlstarlet ed -P -L -s "//domain" -t elem -n "qemu:commandline" "${file}"
  xmlstarlet ed -P -L -s "//domain/qemu:commandline" -t elem -n "qemu:arg" "${file}"
  xmlstarlet ed -P -L -s "(//domain/qemu:commandline/qemu:arg)[1]" -t attr -n "value" -v "-fw_cfg" "${file}"
  xmlstarlet ed -P -L -s "//domain/qemu:commandline" -t elem -n "qemu:arg" "${file}"
  xmlstarlet ed -P -L -s "(//domain/qemu:commandline/qemu:arg)[2]" -t attr -n "value" -v "name=opt/com.coreos/config,file=${ignition}" "${file}"

euank

#!/bin/bash

while true; do
  instance_id=$(aws ec2 run-instances --key-name euank --instance-type m1.small --region=us-east-1 --image-id ami-8b7b759c | jq '.Instances[].InstanceId' -r)

  sleep 20
  while true; do
    console=$(aws ec2 --region=us-east-1 get-console-output --instance-id $instance_id | jq '.Output' -r)
    if [[ "$console" == "null" ]]; then
      sleep 30

euank

printf "$(sudo journalctl -u docker -o cat | awk 'BEGIN { instack=0; stack=""; } /BEGIN goroutine stack dump/ { instack=1; stack=$0 } /.*/ { if(instack==1) { stack=stack $0; } } /END goroutine stack dump/ { instack=0; } END { print stack }')"

euank

pid=${1:?must provide pid argument}

function getMntns() {
  ls -ali /proc/$1/ns/mnt | sed 's/.*mnt:\[\([0-9]\+\)\].*/\1/'
}

targetns=$(getMntns $pid)

for container in $(docker inspect --format '{{.State.Pid }}-{{ .Id }}' $(docker ps -q)); do 
  cpid=$(echo $container | awk -F- '{print $1}')

euank

+		// Source yaml:
+		// https://github.com/coreos/container-linux-config-transpiler
+		/*
+			systemd:
+			  units:
+			  - name: docker.service
+			    enable: true
+			    dropins:
+			      - name: 10-uesrns.conf
+			        contents: |-

euank

export LOG_LEVEL=6
export EXPERIMENTAL_CRI=true
export CONTAINER_RUNTIME=rkt
export ALLOW_SECURITY_CONTEXT=yes
export ALLOW_PRIVILEGED=yes

# TODO fix cgroup handling
export CGROUPS_PER_QOS=false 
# export CGROUP_DRIVER=systemd

euank

$ git clone https://github.com/kubernetes/kubernetes && cd kubernetes
$ git remote add rktlet https://github.com/kubernetes-incubator/rktlet
$ git fetch rktlet
$ git checkout rktlet/master
$ git subtree split -P rktlet -b rktlet-subtree
# note -P rktlet is the subdir 'rktlet' and -b is the arbitrary branch name
$ git checkout master # kubernetes
$ rm -rf ./pkg/kubelet/rktshim/ && git commit -avm "rktshim: delete old code"
$ git subtree add -P pkg/kubelet/rktshim rktlet-subtree
$ # Done