Skip to content

Instantly share code, notes, and snippets.

View gbevan's full-sized avatar

Graham Lee Bevan gbevan

View GitHub Profile

Microk8s DEV on Ubuntu LXD Container(s)

Ref: https://microk8s.io/docs/install-lxd

Microk8s LXD profile

$ lxc profile create microk8s
$ wget https://raw.githubusercontent.com/ubuntu/microk8s/master/tests/lxc/microk8s.profile -O microk8s.profile
$ cat microk8s.profile | lxc profile edit microk8s
@gbevan
gbevan / k8s-images-sort-bysize.sh
Created November 13, 2023 14:23
sort k8s images by size
kubectl get nodes -o json |
jq '.items[].status.images[] | [.sizeBytes, .names[0]] | @csv' -r |
sed -e 's/"//g' |
sed 's/,/ /g' |
sort -k1n
@gbevan
gbevan / README.md
Last active August 6, 2024 20:18
PoC - Kairos Build ISO from an Installed Linux VM as a base

Notes on PoC for Building a Kairos ISO Image from an Installed Linux VM as a Base

Create the base VM

Boot from Rocky 9 ISO
Minimal image + standard + guest agents

On the booted img

dnf update -y

MMANA-GAL on Linux with Wine

Using Winetricks to install prereqs

./winetricks -f corefonts vcrun6 vb5run native_oleaut32 vcrun2010 richtx32

Running MMANA-GAL

@gbevan
gbevan / SunSDR2 Pro on Linux Alsa Audio VAC.md
Last active October 26, 2024 13:47
SunSDR2 Pro on Linux with Alsa Audio Loopback VAC

SunSDR2 Pro on Linux with Alsa Audio Loopback VAC

Capturing my setup for VAC audio without intermittent clicks etc...

PC Config

Component description
OS Ubuntu 22.04
RAM 128GBs (way overspec'd)
CPU AMD Ryzen Threadripper 16 cores / 32 Threads
@gbevan
gbevan / containerd-template.toml
Created January 10, 2020 13:02
microk8s local insecure registry
...
[plugins.cri.registry]
[plugins.cri.registry.mirrors]
[plugins.cri.registry.mirrors."docker.io"]
endpoint = ["https://registry-1.docker.io"]
[plugins.cri.registry.mirrors."local.insecure-registry.io"]
endpoint = ["http://localhost:32000"]
[plugins.cri.registry.mirrors."k8sdev:32000"]
endpoint = ["http://k8sdev:32000"]
...
@gbevan
gbevan / INSTALL.md
Last active June 2, 2022 08:47
Gnuradio 3.8 on Ubuntu 18.04
@gbevan
gbevan / secure_microk8s_api_proxy.md
Last active February 5, 2019 05:50
Secure microk8s api via proxy

Securing Microk8s API access via kube-proxy on https port 6443 (blocking http/8080)

  1. Instead of setting iptables FORWARD default policy to ACCEPT, leave as DROP and follow this gist
  2. Configure explicit permit rules in /etc/iptables.conf (from above gist), e.g.
# Allow internal private k8s IPs to talk
-A FILTERS -m state --state NEW -s 10.0.0.0/8 -j ACCEPT

# Permit direct https/6443 access to k8s proxy from local subnet
-A FILTERS -m state --state NEW -m tcp -p tcp --dport 6443 -s your-src-ip-subnet/24 -j ACCEPT
@gbevan
gbevan / etc_iptables.conf
Last active January 4, 2021 11:29
Fix internet access for microk8s pods
# see https://unrouted.io/2017/08/15/docker-firewall/
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:FILTERS - [0:0]
:DOCKER-USER - [0:0]
-F INPUT
-F DOCKER-USER
@gbevan
gbevan / k8s.sh
Last active January 19, 2019 11:26
Simple kubernetes environment selector from command line
#!/bin/bash
# List your kubernetes environments here, they will each equate to a
# rc file named k8s_envname.rc in the same folder as this script:
ENVS="
openstack
k8sdev6443
"
# Prompt user to select environment: