http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html https://www.youtube.com/watch?v=_wiGpBQGCjU
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#### Prereqs | |
kubectl create ns influx | |
oc adm policy add-scc-to-user anyuid -z default -n influx | |
#### HostNetwork | |
# pods in the host network of a node can communicate with all pods on all nodes without NAT | |
# Not using a separated network namespace. The pod will see the entire ip stack | |
# https://kubernetes.io/docs/concepts/cluster-administration/networking/#the-kubernetes-network-model | |
cat <<EOF > /tmp/influxdb-hostnetwork.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
AUTH_NAME="auth2kube" | |
NEW_KUBECONFIG="newkubeconfig" | |
echo "create a certificate request for system:admin user" | |
openssl req -new -newkey rsa:4096 -nodes -keyout $AUTH_NAME.key -out $AUTH_NAME.csr -subj "/CN=system:admin" | |
echo "create signing request resource definition" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## credit: http://fabian-affolter.ch/blog/the-lineinfile-module-of-ansible/ | |
--- | |
- hosts: alpine_install | |
user: root | |
tasks: | |
# - name: create a complete empty file | |
# command: /usr/bin/touch /test/test.conf | |
- name: create a new file with lineinfile |