$ oc get pod <POD_NAME> -o json | jq -r '.spec.volumes[] | select(.name=="config").secret.secretName'
Ales Nosek noseka1
noseka1
/ Using jq with Kubernetes and OpenShift.md
Last active
August 19, 2021 16:37
Using jq with Kubernetes and OpenShift
noseka1
/ Upgrading OpenShift 4 cluster.md
Last active
January 14, 2022 07:36
Related OpenShift documentation is Updating a cluster within a minor version by using the CLI.
Available upgrades are managed by https://github.com/openshift/cincinnati-graph-data/tree/master/channels.
Individual graph edges can be blocked by https://github.com/openshift/cincinnati-graph-data/tree/master/blocked-edges.
KCS that is dynamically built and communicates why edges are blocked: https://access.redhat.com/node/6103381
noseka1
/ JSONPath in kubectl CLI.md
Last active
September 27, 2023 15:38
JSONPath in kubectl CLI examples
$ kubectl get pods -o json
$ kubectl get pods -o jsonpath='{@}'
$ kubectl get pods -o jsonpath='{.items[0]}'
$ kubectl get pods -o jsonpath='{.items[0].metadata.name}'
$ kubectl get pods -o jsonpath="{.items[*]['metadata.name', 'status.capacity']}"
$ kubectl get pods -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.status.startTime}{"\n"}{end}'
$ kubectl get pods -o jsonpath='{.items[*].status.podIP}'
noseka1
/ mount-nfs-clusterrole.yaml
Last active
August 7, 2020 15:55
Allow cluster-wide mounting of NFS volumes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: mount-nfs | |
| rules: | |
| - apiGroups: | |
| - security.openshift.io | |
| resources: | |
| - securitycontextconstraints | |
| verbs: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nfs-client | |
| spec: | |
| containers: | |
| - image: quay.io/noseka1/openshift-toolbox:basic | |
| name: openshift-toolbox | |
| volumeMounts: | |
| - name: nfs-volume |
noseka1
/ OpenShift.NFS.volumes.svg
Last active
June 2, 2023 20:01
Share NFS volume across multiple pods
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
noseka1
/ How to approve OpenShift operator upgrade using CLI.md
Last active
April 4, 2024 09:15
How to approve OpenShift operator upgrade using CLI
Install the operator using the Manual approval strategy, see the attached screenshot.
An install plan has been created but not executed as it has not been approved:
oc get installplan -n openshift-logging
NAME CSV APPROVAL APPROVED
install-dq68d clusterlogging.4.5.0-202007012112.p0 Manual false
noseka1
/ ocp-log-forwarding-config.md
Created
July 7, 2020 15:52
— forked from dwakeman/ocp-log-forwarding-config.md
These instructions can be run from a command line using oc authenticated to the target cluster. They were derived from the OpenShift documentation for installing the Cluster Logging Operator using the CLI. Here is an ansible playbook that was also used during testing.
Create a file named logging_namespace.yml with the following content:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # dump all forwarded input to stdout | |
| <source> | |
| @type forward | |
| bind 0.0.0.0 | |
| port 24224 | |
| </source> | |
| <source> | |
| @type forward |
noseka1
/ How to disable AAAA lookups.md
Last active
July 15, 2023 09:46
The corporate DNS server that is outside of our control doesn't handle AAAA queries properly. When sent a AAAA query, the DNS server doesn't respond. A properly working DNS server returns NOERROR, ANSWER: 0, if there is no AAAA record for a given name. Misconfigured DNS server doesn't send any response.
In an IPv6-enabled environment, the client tries to resolve both A and AAAA addresses. If the DNS server doesn't send any reply, the client repeats the query and eventually times out. Only after the AAAA query times out, the client will use the A address. Waiting for the timeouts renders utilities like curl, kubectl, oc, ... and others unusable.
NewerOlder