This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Performance check command from etcd pod | |
# oc rsh <etcd-pod> -n openshift-etcd | |
$ etcdctl check perf --load="m" | |
$ etcdctl check perf --load='l' | |
$ etcdctl --write-out=table endpoint status | |
$ etcdctl --write-out=table endpoint health | |
$ etcdctl --write-out=table member list | |
### Collect metrics from the cluster. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Most probably is caused by different pull secret that is being used by serviceaccount to pull the images ### | |
### Edit imagePullSecret which is used by serviceaccount ### | |
oc edit sa <serviceaccountname> | |
# Edit below section | |
apiVersion: v1 | |
imagePullSecrets: | |
- name: jenkins-dockercfg-8nln8 #change to available pullsecrets which can be used to pull from image-registry# | |
# Save the config # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Step 1 | |
oc delete pod <podsname> -n myproject --grace-period=0 --force | |
### Step 2 | |
oc edit pod <podsname> | |
#Remove deletionTimestamp | |
#Before: deletionTimestamp: 2019-12-31T11:40:28Z | |
#After: deletionTimestamp: null | |
#Remove Finalizers | |
#Before |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Create SSL file for HTTPS traffic | |
mkdir /etc/haproxy/ssl | |
cat /root/wildcard.example.com.crt /root/wildcard.example.com.key >> /root/wildcard.example.com.pem | |
mv /root/wildcard.example.com.pem /etc/haproxy/ssl/ | |
### Configure HAProxy.cfg to accept HTTPS, redirect HTTPS to HTTP and replace header to targeted URL | |
vi /etc/haproxy/haproxy.cfg | |
#--- | |
#--------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Run below command to enable rook-ceph-tools in OCS Cluster | |
oc patch OCSInitialization ocsinit -n openshift-storage --type json --patch '[{ "op": "replace", "path": "/spec/enableCephTools", "value": true }]' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### In order to remove OCS Cluster manually, when resources are stucked, need to patch the resources manually as below : | |
[root@ocpbastion ~]# oc patch -n openshift-stroage crd/cephobjectstoreusers.ceph.rook.io --type=merge -p '{"metadata": {"finalizers":null}}' | |
customresourcedefinition.apiextensions.k8s.io/cephobjectstoreusers.ceph.rook.io patched | |
[root@ocpbastion ~]# oc patch -n openshift-stroage crd/cephblockpools.ceph.rook.io --type=merge -p '{"metadata": {"finalizers":null}}' | |
customresourcedefinition.apiextensions.k8s.io/cephblockpools.ceph.rook.io patched | |
[root@ocpbastion ~]# oc patch -n openshift-stroage crd/cephclusters.ceph.rook.io --type=merge -p '{"metadata": {"finalizers":null}}' | |
customresourcedefinition.apiextensions.k8s.io/cephclusters.ceph.rook.io patched | |
[root@ocpbastion ~]# oc patch -n openshift-stroage crd/cephfilesystems.ceph.rook.io --type=merge -p '{"metadata": {"finalizers":null}}' | |
customresourcedefinition.apiextensions.k8s.io/cephfilesystems.ceph.rook.io patched |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# How do I verify that a private key matches a certificate? | |
# To verify that a private key matches its certificate you need to compare the modulus of the certificate against the modulus of the private key. | |
#Please follow the below command to view the modulus of the certificate. | |
openssl x509 -noout -modulus -in server.crt | openssl md5 | |
#Now you will receive the modulus something like a77c7953ea5283056a0c9ad75b274b96 | |
#Please follow the below command to view the modulus of the private key. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://github.com/rhtconsulting/cfme-rhconsulting-scripts | |
https://pemcg.gitbooks.io/mastering-automation-in-cloudforms-4-2-and-manage/content/ | |
https://www.manageiq.org/blog/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#To Debug/run pods without interrupted by Kubernetes Health check process, do : | |
oc debug dc/dc-name | |
#or | |
oc debug deplyoment/deployment-name |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### To run Openshift container as root, need to do below command : | |
oc adm policy add-scc-to-user privileged -z default -n my-project-namespace | |
oc edit deployment/my-apps-deploy | |
### Find the securityContext line, and edit : | |
### securityContext: | |
### runAsUser: 0 |