Skip to content

Instantly share code, notes, and snippets.

View miminar's full-sized avatar

Michal Minář miminar

13 followers · 5 following
  • ETH Zürich
  • Switzerland
  • 20:30 (UTC +02:00)
View GitHub Profile
@miminar
miminar / downgrade-to-latest.sh
Last active November 27, 2018 10:45
Downgrade all packages to the latest available version with yum
#!/usr/bin/env bash
set -euo pipefail
IFS=$'\n\t'
export LANC=C LC_ALL=C
readonly RE_EVRA="^([[:digit:]]+):(.+)-([^-]+)\.([^.-]+)$"
readonly RE_UNSUPPORTED='\(systemd\|yum\|selinux-policy\|dbus\|kernel\)'
readonly USAGE="$(basename "${BASH_SOURCE[0]}") [-hynk] [-f FILE]
@miminar
miminar / README.adoc
Last active November 21, 2018 11:19
Gluster S3 API deployment in OCP
@miminar
miminar / README.md
Last active March 13, 2018 17:03
OpenShift integrated registry with redis as a memcache

OpenShift integrated registry with redis as a memcache

motivation: find out if it works with multiple replicas with image pruning.

worry: are the entries safely removed from cache when image pruning is run?

Tested with:

oc v3.7.14
@miminar
miminar / README.md
Created January 25, 2018 12:35
OpenShift Ansible troubleshooting

Too restrictive security group

Version: OCP 3.7, openshift-ansible-3.7.22-1-9-g56970a0 Environment: Amazon AWS cluster Scenario: 1 master&node + 2 nodes; glusterfs

Error

TASK [openshift_storage_glusterfs : Verify heketi service] **************************************************************************************************************************************************************
fatal: [ec2-54-237-234-66.compute-1.amazonaws.com]: FAILED! => {"changed": false, "cmd": ["oc", "rsh", "--namespace=default", "deploy-heketi-storage-1-vkfwm", "heketi-cli", "-s", "http://localhost:8080", "--user", "admin", "--secret", "4Jl50v50d9BtfTbxXI1LWeikIH9dfWGe559rZlq2Gz8=", "cluster", "list"], "delta": "0:02:07.485073", "end": "2018-01-25 05:26:51.447002", "msg": "non-zero return code", "rc": 1, "start": "2018-01-25 05:24:43.961929", "stderr": "Error from server: error dialing backend: dial tcp 172.18.12.254:10250: getsockopt: connection timed out", "stderr_lines": ["Error from server: error dial
@miminar
miminar / redeploy-docker-registry.md
Last active December 11, 2017 14:50
Re-deploy docker-registry as insecure

Re-deploy docker-registry in the same namespace as insecure

Motivation

Debug networking.

Prerequisites

  • docker-registry deployed in the current namespace
  • jq binary installed and present in PATH
@miminar
miminar / INSTANCE_NAME_PREFIX
Last active October 18, 2017 05:51
Jenkins params for AWS cluster
dev-miminar-sap-vora-cluster
@miminar
miminar / README.md
Last active September 29, 2017 11:46
Print image layout in OpenShift namespace

About

The script attempts to collect what images are used in current (or given namespace) and what objects reference them.

Requisities

jq utility needs to be installed on machine running this command

Usage

@miminar
miminar / add-scc-to-sa.sh
Created September 20, 2017 09:07
Add scc to nfs-provisioner
saname=`oc get -o jsonpath=$'{.metadata.namespace}:{.spec.serviceAccount}\n' pod nfs-provisioner`
oc adm policy add-scc-to-user scc-nfs-provisioner \
'system:serviceaccount:<serviceaccount_namespace>:<serviceaccount_name>'
@miminar
miminar / prune-unreferenced-registry-blobs.sh
Last active May 18, 2017 13:19
A script to remove unreferenced blobs from registry storage
#!/bin/bash
set -euo pipefail
IFS=$'\n\t'
readonly AUDITOR_ROLE='system:image-auditor'
readonly DEFAULT_DAYS=3
readonly DEFAULT_STORAGE_PATH_ROOT="/registry"
readonly DEFAULT_CONFIG_PATH="/config.yml"
@miminar
miminar / ose-base.sh
Last active May 4, 2017 14:36
#!/bin/bash
function get_ip() {
for intf in enp0s8 eth1 eth0 enp0s3 net0; do
ip=`ip addr show $intf | sed -n 's,^\s\+inet\s\+\(\([0-9]\+\)\.[^/]\+\)/.*brd.*,\1,p'`
if [[ -n "$ip" ]]; then
echo "$ip"
return 0
fi
done