I am working to install multi-user Eclipse Che on a three node OKD cluser on AWS. There is one master and two worker nodes on a common security group. Each runs Centos. Single-user Che intalled flawlessly.
$ oc version
David Medinets medined
medined
/ rbac-for-pod-security-policies.yaml
Created
August 1, 2020 17:50
Initial Pod Security Policy Resources For Kubernetes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: policy/v1beta1 | |
| kind: PodSecurityPolicy | |
| metadata: | |
| name: privileged | |
| annotations: | |
| seccomp.security.alpha.kubernetes.io/allowedProfileNames: "*" | |
| labels: | |
| addonmanager.kubernetes.io/mode: EnsureExists | |
| spec: |
medined
/ ingress-controller-manifest.yaml
Last active
August 1, 2020 15:21
Ingress Controller Installation For Kubernetes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: ingress-nginx | |
| labels: | |
| name: ingress-nginx | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: |
medined
/ gist:7e28803ced7db85dd86b103cff1e9cb0
Created
June 28, 2020 14:50
kubectl as reverse proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| You can use `kubectl` as a reverse proxy so that it handles locating the API server and | |
| authentication. It can run in the background but I like to use the foreground to make it easy | |
| to stop. | |
| ```bash | |
| kubectl proxy --port=8080 | |
| ``` | |
| Now you can open another terminal to explore the API. |
medined
/ lynis-report-after-stig.txt
Created
June 26, 2020 15:23
Results of Running Lynis Audit on Centos7 After Running MindPoint Group RHEL7 STIG
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2020-06-26 15:02:05 Starting Lynis 3.0.0 with PID 11125, build date 2020-03-20 | |
| 2020-06-26 15:02:05 ==== | |
| 2020-06-26 15:02:05 ### 2007-2020, CISOfy - https://cisofy.com/lynis/ ### | |
| 2020-06-26 15:02:05 Checking permissions of /usr/share/lynis/include/profiles | |
| 2020-06-26 15:02:05 File permissions are OK | |
| 2020-06-26 15:02:05 Reading profile/configuration /etc/lynis/default.prf | |
| 2020-06-26 15:02:05 Action: created temporary file /tmp/lynis.PsCgQxJx67 | |
| 2020-06-26 15:02:05 Language set via profile to '' | |
| 2020-06-26 15:02:05 Plugin 'authentication' enabled according profile (/etc/lynis/default.prf) | |
| 2020-06-26 15:02:05 Plugin 'compliance' enabled according profile (/etc/lynis/default.prf) |
medined
/ stig-results.txt
Created
June 26, 2020 15:19
Results Of Running MindPoint Group RHEL7 STIG Against Latest Centos7 (ami-0affd4508a5d2481b)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PLAY [Apply STIG] ***************************************************************************************************************************************************************************************** | |
| TASK [Gathering Facts] ************************************************************************************************************************************************************************************ | |
| ok: [34.192.52.20] | |
| TASK [/data/projects/RHEL7-STIG : Gather distribution info] *********************************************************************************************************************************************** | |
| skipping: [34.192.52.20] | |
| TASK [/data/projects/RHEL7-STIG : Check OS version and family] ******************************************************************************************************************************************** | |
| ok: [34.192.52.20] => { |
medined
/ gist:1dbbcdbbef555f71f7c1b714f1a70643
Created
June 19, 2020 15:25
HTTP Code 404 When Generating Report
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2020-06-19 15:23:50.0718|1|INFO|Microsoft.AspNetCore.Hosting.Internal.WebHost|Request starting HTTP/1.0 GET http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/?pii=false&filter=low |url: http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/|action: | |
| 2020-06-19 15:23:50.0718|2|INFO|Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler|Successfully validated the token. |url: http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/|action: | |
| 2020-06-19 15:23:50.0727|0|INFO|Microsoft.AspNetCore.Routing.EndpointMiddleware|Executing endpoint 'openrmf_api_compliance.Controllers.ComplianceController.GetCompliancBySystem (openrmf-api-compliance)' |url: http://34.238.89.128/system/5eec2e1b9a09bd00019a911f/|action: GetCompliancBySystem | |
| 2020-06-19 15:23:50.0727|3|INFO|Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker|Route matched with {action = "GetCompliancBySystem", controller = "Compliance"}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResu |
medined
/ README-che-installation.md
Created
February 18, 2019 13:47
Attempt to Install Multi-User Eclipse Che On OpenShift
medined
/ accumulo_notes
Created
December 29, 2011 19:04
Accumulo Installation and Configuration Steps on a Ubuntu VirtualBox Instance
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Oct 17, 2012 - See https://github.com/medined/accumulo_stackscript for an even better script. Really ignore the stuff below. Go. Scoot. | |
| Aug 28, 2012 - See http://affy.blogspot.com/2012/08/stackscript-for-accumulo-on-linode.html for a more concise method is configuring accumulo. I'll leave this gist unchanged for fans of history. | |
| My goal was to get Accumulo running on a VirtualBox Ubuntu instance. I was successful using the following steps. If a line starts with $ then it is a command-line to execute. Note that you'll need to have sudo privilege. My username was 'ubuntu'. If you are using a different username, you'll need to change the process a little bit. I'll try to point out where. | |
| https://issues.apache.org/jira/browse/ACCUMULO | |
| ########## | |
| # Start a new VirtualBox instance using the Ubuntu 11.10 |
medined
/ keybase.md
Created
August 3, 2016 17:39
I hereby claim:
- I am medined on github.
- I am medined (https://keybase.io/medined) on keybase.
- I have a public key ASAisVKwZNRmz62jhQXJAawUhJEHd5Oo3yHwZX29yQj7Tgo
To claim this, I am signing this object:
{
medined
/ install_accumulo_in_home_directory.sh
Created
April 24, 2013 03:05
how to install accumulo (and everything else) to your home directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| export HADOOP_VERSION=hadoop-1.0.4 | |
| export CDIR=`pwd` | |
| export LOGFILE=~/build.log | |
| export PASSWORD=`openssl passwd -1 password` | |
| ########## | |
| # enable logging. Logs both to file and screen. | |
| exec 2>&1 |
NewerOlder