I hereby claim:
- I am joshwget on github.
- I am joshwget (https://keybase.io/joshwget) on keybase.
- I have a public key ASBOlStyEnCJEMBuvIbjq3OfGp4xGHb4wjj27kSHiBaDbQo
To claim this, I am signing this object:
Josh Curl joshwget
joshwget
/ docker-compose.yml
Last active
March 15, 2020 01:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nginx: | |
| image: nginx | |
| environment: | |
| A=B |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "title": "Tapping modifier-keys produces a f-key.", | |
| "rules": [ | |
| { | |
| "description": "Press left_shift alone produces F12", | |
| "manipulators": [ | |
| { | |
| "type": "basic", | |
| "from": <%= from("left_shift", [], ["any"]) %>, | |
| "to": <%= to([["left_shift"]]) %>, |
joshwget
/ keybase.md
Created
September 19, 2017 02:59
joshwget
/ nginx-ingress.md
Last active
January 5, 2018 15:01
To make use of the Nginx ingress controller your Kubernetes environment must be configured to have the Rancher ingress controller disabled (Enable Rancher Ingress Controller should be false).
The Nginx ingress controller must be deployed before launching any ingresses. The recommended way of doing this is via Helm.
helm install stable/nginx-ingress
Rancher integrates with the native RBAC functionality in Kubernetes.
Owners of an environment will be automatically given complete access to the cluster. All other users begin with no access to the cluster.
Removing a Rancher user from an environment will remove their access to the cluster.
joshwget
/ stalesecret.md
Last active
August 21, 2017 09:34
Containers get stuck in a state of ImagePullBackOff or CrashLoopBackOff and show a detailed error like:
Cannot initialize Kubernetes connection: the server has asked for the client to provide credentialspanic: runtime error: invalid memory address or nil pointer dereference
This is caused by stale credentials within Rancher (rancher/rancher#8388).
The following instructions can be used to fix the issue in the meantime.
Delete the token first.
joshwget
/ selinux-status.md
Last active
March 16, 2017 18:08
Cattle environments will work with SELinux enabled by following the steps in https://gist.github.com/joshwget/413f45a31e42f1f23024558ba4c6a3f6. There are two manual steps in these docs. Eventually neither of these should be necessary.
- Modifying the host SELinux policy
Current workaround: Compile and load an SELinux module that allows Rancher IPSec networking to run.
Real solution: There is a bug in the RHEL SELinux policy that prevents Rancher IPsec from functioning. A patch has been submitted to upstream RHEL and is estimated to be available in 6 weeks.
These instructions apply to RHEL and CentOS hosts.
Install Docker from RHEL rather than from the official sources
yum install docker
systemctl enable docker
Set SELINUX to enforcing in /etc/selinux/config and reboot.
The following instructions have been tested on Rancher 1.4/1.5 and CentOS 7.3.
The selinux-policy-devel package must be installed to build the module (yum install selinux-policy-devel).
Create a file in the current directory (named virtpatch.te for example) with the following contents.
policy_module(virtpatch, 1.0)
gen_require(`
joshwget
/ gist:63e474ad09aea9d45dc3f1a2e07227a0
Created
February 19, 2017 07:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo aa |
NewerOlder