guerzon guerzon

## latency.txt
Latency Comparison Numbers (~2012)
----------------------------------
L1 cache reference                           0.5 ns
Branch mispredict                            5   ns
L2 cache reference                           7   ns                      14x L1 cache
Mutex lock/unlock                           25   ns
Main memory reference                      100   ns                      20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy             3,000   ns        3 us
Send 1K bytes over 1 Gbps network       10,000   ns       10 us
Read 4K randomly from SSD*             150,000   ns      150 us          ~1GB/sec SSD

## pam_tally_reset.txt
### On RHEL5 servers ###
1. Check the login failure count
pam_tally --user username
2. Reset the login failures
pam_tally --user username --reset
3. Retry logging in.

### On RHEL6 and RHEL7 servers ###
1. Check the login failure count
pam_tally2 --user username

## install_jenkins_plugin.sh
#!/bin/bash

set -e

UPDATES_URL="http://updates.jenkins-ci.org/download/plugins/"

if [ $# -lt 2 ]; then
  echo "USAGE: $0 plugin-list-file destination-directory"
  exit 1
fi

## ansible references
## Important Documentation

Documentation: https://docs.ansible.com/ansible/latest/index.html
Modules: https://docs.ansible.com/ansible/latest/modules/modules_by_category.html
Community: https://docs.ansible.com/ansible/latest/community/index.html

## Other resources

Ansible for the Windows Admin: https://www.youtube.com/watch?v=ZI20Y10OKd0

## verify_ciphers.sh
#!/usr/bin/env bash
# Usage: ./verify_ciphers.sh IP:PORT
# Credits: http://superuser.com/a/224263/204745

# OpenSSL requires the port number.
SERVER=$1
DELAY=1
ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g')

echo Obtaining cipher list from $(openssl version).

## config.toml
concurrent = 10
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "Docker runner"
  url = "https://gitlab.localdomain.local/"
  token = "tOkeNh3r3-"

## keycloak_client_output.log
Wednesday 04 November 2020  12:03:28 +0100 (0:00:00.067)       0:00:14.229 ****
redirecting (type: modules) ansible.builtin.keycloak_client to community.general.keycloak_client
Using module file /Users/workstation/.local/share/virtualenvs/ansible_project-6ES-zTZc/lib/python3.6/site-packages/ansible_collections/community/general/plugins/modules/keycloak_client.py
Pipelining is enabled.
<targetserver> ESTABLISH SSH CONNECTION FOR USER: root
<targetserver> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/Users/workstation/.ansible/cp/205f67cdb9 targetserver '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"''
<targetserver> (0, b'\n{"proposed": {"publicClient": false, "protocol": "openid-connect", "description": "awesomeapp Desktop Application OpenID client", "directAccessGrantsEnabled": true, "adminUrl": "https

## podman-issues.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                guerzon
                / podman-issues.md
            
            
              Last active
              May 18, 2022 12:29
            
          
    podman issues

Blockers why podman cannot replace docker-ce (yet). This is to remind myself to not waste any more time trying to use podman.
Issues

rootless containers fail to start with cgroup2 (EL8)

[lester@rocky8 ~]$ podman run alpine

  
## kubernetes-hosts.csv

          
            Hostname
             role
             IP address

            
              kubehost1
               master
               192.168.133.91

            
              kubehost2
               worker
               192.168.133.92

            
              kubehost3
               worker
               192.168.133.93

            
              buildatron
               management/local
               192.168.133.128

## deploy-awx.sh
## awx namespace
export NAMESPACE=awx
kubectl create ns $NAMESPACE

## secrets

cat <<EOF > awx-secrets.yml
---
apiVersion: v1
kind: Secret
	Latency Comparison Numbers (~2012)
	----------------------------------
	L1 cache reference 0.5 ns
	Branch mispredict 5 ns
	L2 cache reference 7 ns 14x L1 cache
	Mutex lock/unlock 25 ns
	Main memory reference 100 ns 20x L2 cache, 200x L1 cache
	Compress 1K bytes with Zippy 3,000 ns 3 us
	Send 1K bytes over 1 Gbps network 10,000 ns 10 us
	Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD
	### On RHEL5 servers ###
	1. Check the login failure count
	pam_tally --user username
	2. Reset the login failures
	pam_tally --user username --reset
	3. Retry logging in.

	### On RHEL6 and RHEL7 servers ###
	1. Check the login failure count
	pam_tally2 --user username
	#!/bin/bash

	set -e

	UPDATES_URL="http://updates.jenkins-ci.org/download/plugins/"

	if [ $# -lt 2 ]; then
	echo "USAGE: $0 plugin-list-file destination-directory"
	exit 1
	fi
	## Important Documentation

	Documentation: https://docs.ansible.com/ansible/latest/index.html
	Modules: https://docs.ansible.com/ansible/latest/modules/modules_by_category.html
	Community: https://docs.ansible.com/ansible/latest/community/index.html

	## Other resources

	Ansible for the Windows Admin: https://www.youtube.com/watch?v=ZI20Y10OKd0
	#!/usr/bin/env bash
	# Usage: ./verify_ciphers.sh IP:PORT
	# Credits: http://superuser.com/a/224263/204745

	# OpenSSL requires the port number.
	SERVER=$1
	DELAY=1
	ciphers=$(openssl ciphers 'ALL:eNULL' \| sed -e 's/:/ /g')

	echo Obtaining cipher list from $(openssl version).
	concurrent = 10
	check_interval = 0

	[session_server]
	session_timeout = 1800

	[[runners]]
	name = "Docker runner"
	url = "https://gitlab.localdomain.local/"
	token = "tOkeNh3r3-"
	Wednesday 04 November 2020 12:03:28 +0100 (0:00:00.067) 0:00:14.229 ****
	redirecting (type: modules) ansible.builtin.keycloak_client to community.general.keycloak_client
	Using module file /Users/workstation/.local/share/virtualenvs/ansible_project-6ES-zTZc/lib/python3.6/site-packages/ansible_collections/community/general/plugins/modules/keycloak_client.py
	Pipelining is enabled.
	<targetserver> ESTABLISH SSH CONNECTION FOR USER: root
	<targetserver> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/Users/workstation/.ansible/cp/205f67cdb9 targetserver '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"''
	<targetserver> (0, b'\n{"proposed": {"publicClient": false, "protocol": "openid-connect", "description": "awesomeapp Desktop Application OpenID client", "directAccessGrantsEnabled": true, "adminUrl": "https
Hostname	role	IP address
kubehost1	master	192.168.133.91
kubehost2	worker	192.168.133.92
kubehost3	worker	192.168.133.93
buildatron	management/local	192.168.133.128
	## awx namespace
	export NAMESPACE=awx
	kubectl create ns $NAMESPACE

	## secrets

	cat <<EOF > awx-secrets.yml
	---
	apiVersion: v1
	kind: Secret