williamcaban

FROM quay.io/fedora/fedora:31-x86_64

RUN dnf install --nodocs -y iperf3 lksctp-tools rt-tests && \
    dnf clean all && \
    rm -rf /var/cache/dnf

LABEL   io.k8s.display-name="iperf3" \
        io.k8s.description="This is an iperf3 and rt-tests container"

ENTRYPOINT /bin/bash -c "sleep infinity"

williamcaban

Enabling SCTP on OpenShift 4.2

WARNING: THIS PROCEDURE CANNOT BE UNDONE AND PREVENTS CLUSTER UPGRADES.

Create a FeatureGate resource to enable the SCTP Kubernetes Alpha feature.

Sample Custom Resource featuregate-sctp.yaml

williamcaban

Updating cluster level pull-secret from JSON file

The OCP4 cluster level pull-secret is used to source the default authorization keys to pull containers from external registries. To update from an existing pull-secret.json file execute:

oc create secret generic pull-secret \
    --from-file=.dockerconfigjson=<./pull-secret.json> \
    --type=kubernetes.io/dockerconfigjson \
    -n openshift-config

williamcaban

• To validate API server is operational:

  # If API server is operational you should be able to retrieve API version 
  curl -k $(oc whoami --show-server)/version
  
  # To catch the return code equals to 200
  curl -o /dev/null -s -w "%{http_code}\n" -k $(oc whoami --show-server)/version
  

• To validate the MachineConfigServer is operational:

williamcaban

Disable DHCP Client on connected NICs

NOTE: The following procedure needs to be done modifying the Ignition files for the corresponding node type

To turn off the default of DHCP on connected interfaces if using static addressing:

/etc/NetworkManager.conf.d/disabledhcp.conf
[main]
no-auto-default=*

williamcaban

Setting up a dual-stack (ipv4 & ipv6) dnsmasq instance for OCP clusters

• Allow the following ports and servcices in the bastion node

firewall-cmd --zone=public   --permanent --add-port=6443/tcp 
firewall-cmd --zone=public   --permanent --add-port=22623/tcp 
firewall-cmd --zone=public   --permanent --add-port=8080/tcp 
firewall-cmd --zone=public   --permanent --add-service=ssh
firewall-cmd --zone=public --permanent --add-service=cockpit

williamcaban

Enabling externalIPs on OCP4.2

Edit the config for the network Custom Resource (CR) instance spec.externalIP.policy.allowedCIDRs with the CIDRs to use.

1. Edit the Cluster network configuration:

oc edit network.config.openshift.io cluster

2. Edit the spec.externalIP.policy.allowedCIDRs. The following enable 192.168.18.64/26 as an externalIP CIDR:

williamcaban

apiVersion: v1
kind: Pod
metadata:
  name: static-ip
  annotations:
    k8s.v1.cni.cncf.io/networks: '[
      {
        "name": "<name>", 
 "ips": [ "192.0.2.205/24","2001:333:333::333/64" ], 

williamcaban

#version=RHEL8
ignoredisk --only-use=vda
# System bootloader configuration
bootloader --disabled
autopart --type=plain --fstype=ext4 --nohome --noboot --noswap
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
# Reboot after installation

williamcaban

#!/bin/bash -e

source set-environment

# Variables to set, suit to your installation
export AIRGAP_REGISTRY_INDEX_TAG=olm-index/redhat-operator-index:v$OCP_RELEASE_MAIN
export AIRGAP_REGISTRY_IMAGE_TAG=olm

# Set these values to true for the catalog and miror to be created
export RH_OP='true'