UI has instructions for the steps up to register your rancher server domain and creating the OAuth credentials. These are the steps for generating the service account credential file:
Create Service account - page 2- no need to specify roles
Load balancer
| RANCHER_URL="myrancherhost:8080" | |
| # External ID value, should be the value of the attribute you want to provide for User ID in Rancher, so if is sAMAccountName | |
| EXTERNAL_ID="value of sAMAccountName for admin" | |
| curl -H "Accept: application/json" -H "Content-Type: application/json" -d '{"name":"api.host", "value":"${RANCHER_URL}"}' http://${RANCHER_URL}/v2-beta/settings | |
| # Define the admin user | |
| curl -H "Content-Type: application/json" -X PUT -d '{"externalId":"${EXTERNAL_ID}", "externalIdType":"shibboleth_user"}' http://${RANCHER_URL}/v2-beta/accounts/1a1 | |
| # Get API keys for Admin user |
Pods: Unique IP address accessible within cluster. One or more containers, ususally one. Smallest concept Deployment: If pod goes down, we need something to monitor it and notify api-server to bring up another one.
https://kubernetes.io/docs/getting-started-guides/fedora/fedora_manual_config/ - ref
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=4"
| dnf download <package>: downloads the binaries |
| create multiple AD groups | |
| source: http://www.signalwarrant.com/create-active-directory-groups-bulk-csv-w-powershell/ | |
| ``` | |
| $csv = Import-Csv -Path ".\bulk_input2.csv" | |
| ForEach ($item In $csv) | |
| { | |
| Write-Host "item: $($item)" | |
| $create_group = New-ADGroup -Name $item.GroupName -GroupCategory $item.GroupCategory -groupScope $item.GroupScope -Path $item.OU | |
| Write-Host -ForegroundColor Green "Group $($item.GroupName) created!" |
| 1. In case of errors, log the error only if you handle it, if it's going to bubble up, then only return the error | |
| 2. If the error might expose too many details to the user, log the error, and return a human readable message | |
| 3. Follow import patterns specific to the programming language you use | |
| 4. It is a bad practice to use data structure names in your variable names. | |
| 5. The code should be self-documenting or self-explanatory. If that means adding comments, add comments. | |
| But you should also strive to name and structure things so that the code is self-evident without comments. | |
| 6. Better commit messages | |
| 7. Close response, http, connections |
Rancher's access control requires 7 fields
Display Name Field, User Name Field, UID Field, Groups Field, Private Key, Certificate and Metadata XML
The first 4 fields, Display Name Field, User Name Field, UID Field and Groups Field, map to the attributes
released from the data store used by the Identity Provider. These released attributes are specified in the IdP's Attribute
Contract.
Generate private key and certificate for the Rancher server, and paste/upload them to the Private Key and Certificate
fields respectively. Upload IdP metadata and click Save. This will save all the configuration in cattle db and generate the
SP metadata.
| 1 exit | |
| 2 xhost local:root | |
| 3 sudo DISPLAY=$DISPLAY gedit /etc/profile | |
| 4 sudo DISPLAY=$DISPLY | |
| 5 ls -l /tmp/.X11-unix/X1 | |
| 6 ps | |
| 7 kill 8448 | |
| 8 ps | |
| 9 xvfb-run --server-args='-screen 0, 1024x768x24' google-chrome -start-maximized http://www.example.com &> /dev/null & |