Cornucopia of Ideas - Kubernetes, Cloud, GNU/Linux,Networking, Security and more ...
cert-manager is a X.509 certificate controller that allows you issue certificate from variety of certificate issuers and renew certificates automatically before they expire in your containerized environment. You can find more info about installation cert-manager Configuration Once cert-manager is installed first thing to be configured is Issuer or ClusterIssuer. These two resources represent Certificate Authority able to sign certificates in response to CSR. In this post certificate will be issued from Let's Encrypt.
Recently, I had very interesting issue with Vault that, it stopped functioning two hours after integration with Redfish Bare-Metal Host Monitoring which uses Approle to get iLO user and credential.
Vault audit logs shows that Approle for redfish monitoring requested heavly in a second. It might be still normal for around 80 Physical servers polling, but something is still not quite okay. After some investigation and tests, it was found that File system Inode for Vault file backend run out of space.
Sometimes you may have situation that you have to set/remove check_mk hostdowntime through multiple hosts due to planned maintenance to avoid false notifications and keep “unplanned maintenance” times correct for SLA reports.
The GitHub repo contains both Ansible playbooks and shell scripts to set/remove/show host downtimes programmatically in check_mk.
Both Ansible playbooks and shell scripts in GH repo are tested on check_mk version 2.0.0p31 (CFE)
Happy monitoring :)
Satellite Compute Resource Provider Password Update Sometimes you may have an environment with strict requirements that even technical accounts have to be rotated by Privilege account manager(Cyberark etc.) regularly. That means any technical account used by the service has to be in-sync with the Privilege account manager. For this post, it will be shown you how to Compute Resource provider password updated regularly on Satellite, which is required if you are provisioning your RHEL systems to Virtualization Platforms(oVirt, vmWare etc.
In this post, multinode Kubernetes cluster will be built using lxc and microk8s. It is one of the quickest method to deploy multi-node Kubernetes cluster up and running in minutes.
Installing LXC You can enable lxc on your system either installing lxc or lxd package.
:~$ sudo apt-get install lxc OR
:~$ sudo apt-get install lxd Inital configuration of LXC After installation, initial setup of lxc is necessary,networking and storage e.
Introduction The server installer for 20.04 supports a new mode of operation: automated installation, autoinstallation for short. You might also know this feature as unattended or handsoff or preseeded installation. Autoinstallation lets you answer all those configuration questions ahead of time with an autoinstall config and lets the installation process run without any interaction.
Providing the autoinstall config The autoinstall config is provided via cloud-init configuration, which is almost endlessly flexible.