Author Archive

Jul 07

OCI Network Load Balancer Source Header Preservation

In my case running Traefik on docker I was not getting real ip addresses. I changed the NLB option Source header (IP, port) preservation: Enabled

To change this you need to remove the targets from the backend set first.

At the same time suddenly the console did not allow me to add the VM.Standard.A1.Flex server back into the backend set. It required me to upgrade to a paid account. Which is nonsense since I used this server as a target for a long time and now suddenly they want to be sneaky with free options. At least the CLI did add the IP back in.

❯ ocicli nlb backend create --backend-set-name server01-443 --network-load-balancer-id  --port 443 --ip-address 10.0.10.226

Comments Off on OCI Network Load Balancer Source Header Preservation
comments

Posted in OCI, Traefik

Jul 02

Terraform with a Makefile

To streamline Terraform use you can use the typical make command. Below is a very simple Makefile and of course it can be built out for testing steps etc...

Makefile

➜ cat Makefile 

init:
        terraform init

validate:
        terraform fmt -recursive
        terraform validate

plan:
        terraform validate
        terraform plan -var-file="variables.tfvars"

apply:
        terraform apply -var-file="variables.tfvars" --auto-approve

destroy:
        terraform destroy -var-file="variables.tfvars"

all: validate plan apply

Example command

❯ make init
terraform init

Initializing the backend...

Initializing provider plugins...
- Reusing previous version of oracle/oci from the dependency lock file
- Using previously-installed oracle/oci v5.2.1

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Comments Off on Terraform with a Makefile
comments

Posted in Terraform

Jun 03

Rancher Admin Password Docker Image

To reset the Rancher admin console password when you are using the docker image you can do this.

$ docker exec d3f145fa9a35 reset-password
New password for default admin user (user-9zmsf):
f0aVUFblablahGJsiiIO9

Comments Off on Rancher Admin Password Docker Image
comments

Posted in Docker, rancher

Apr 30

sed remove ansi colors from output

Using ansi colors can be very helpful to see script out[put. Example of cleaning ansi color codes from output before putting it in your log. You may want to keep them since cat would still handle it. However if you don't like your logs with unreadable codes this is an example of cleaning it first with sed.

# crontab -l
00 22 * * * /root/scripts/backup.sh -w 1 -t 192.168.1.112 | sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g" > "/logs//bin/date +\%Y-\%m-\%d-backup-192.168.1.112.log"

Comments Off on sed remove ansi colors from output
comments

Posted in Bash

Mar 16

Bash alias inside a script

If you need to use an alias inside a script you need this:

shopt -s expand_aliases
source ~/.bash_aliases

I recently started using the docker OCI client instead of trying to install it local. For some reason it is just not working. So now I use the docker image but as you can see you dont want to be using this command everytime.

docker run --rm -it -v "$HOME/.oci:/oracle/.oci" oci

So an alias is helpful but as mentioned wont just work in you script. Example how I use the command in a script and this works. My alias is ocicli.

CREATED_APPLY_JOB_ID=$(ocicli resource-manager job create-apply-job --stack-id $CREATED_STACK_ID --execution-plan-strategy FROM_PLAN_JOB_ID --execution-plan-job-id "$CREATED_PLAN_JOB_ID" --wait-for-state SUCCEEDED --query 'data.id' --raw-output)

Comments Off on Bash alias inside a script
comments

Posted in Bash, OCI

Dec 04

kubectl export

Since kubectl --export is deprecated it is possible to do something like this.

WARNING: I have not tested this

#!/bin/bash
d=$(date +%Y%m%d)
BACKUP_TARGET="/TANK/ARCHIVE/argocd-backups/argocd_backup_yaml"
kubectl -n argocd get cm -o=json | jq 'del(.metadata.resourceVersion,.metadata.uid,.metadata.selfLink,.metadata.creationTimestamp,.metadata.annotations,.metadata.generation,.metadata.ownerReferences,.status)' | yq eval . --prettyPrint > $BACKUP_TARGET
kubectl -n argocd get secrets -o=json | jq 'del(.metadata.resourceVersion,.metadata.uid,.metadata.selfLink,.metadata.creationTimestamp,.metadata.annotations,.metadata.generation,.metadata.ownerReferences,.status)' | yq eval . --prettyPrint >> $BACKUP_TARGET 
kubectl -n argocd get app -o=json | jq 'del(.metadata.resourceVersion,.metadata.uid,.metadata.selfLink,.metadata.creationTimestamp,.metadata.annotations,.metadata.generation,.metadata.ownerReferences,.status)' | yq eval . --prettyPrint >> $BACKUP_TARGET 
kubectl -n argocd get appproj -o=json | jq 'del(.metadata.resourceVersion,.metadata.uid,.metadata.selfLink,.metadata.creationTimestamp,.metadata.annotations,.metadata.generation,.metadata.ownerReferences,.status)' | yq eval . --prettyPrint >> $BACKUP_TARGET

Comments Off on kubectl export
comments

Posted in Kubernetes, Uncategorized

Oct 16

VirtualBox Host-Only Networking Change

In case this save someone hours of frustration. I recentlty tried to dust off an old kubernetes POC running on virtualbox VM's. I could not get anything to work right until I realized that Virtualbox somewhere in v6.x started to ONLY support 192.168.56.0/21 for their host-only networks. Even though my old vboxnet's where still there and even configurable!

https://www.virtualbox.org/manual/ch06.html#network_hostonly

My kubernetes POC had primary NAT and secondary host-only networks. I still had to re-initialize my cluster an lost all my POC work even after I fixed the networking but at least this may point you in the right direction. To allow my 172.20.0.0/16 network I added this to the config file:

# cat /etc/vbox/networks.conf
* 172.20.0.0/16 192.168.0.0/16

Comments Off on VirtualBox Host-Only Networking Change
comments

Posted in Kubernetes, Virtualbox

Feb 16

ACM check validation

Everytime I want to do a CLI query I spend a little time on syntax so recording this just for quick reference.

~$ aws acm --region us-east-1 list-certificates --query "CertificateSummaryList[?DomainName=='domain.biz']"
[
    {
        "CertificateArn": "arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/4c93f48f-516a-4263-bf65-aa01e02cf170",
        "DomainName": "domain.biz"
    }
]

~$ aws acm describe-certificate --region us-east-1 --certificate-arn arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/4c93f48f-516a-4263-bf65-aa01e02cf170 --query "Certificate.RenewalSummary.DomainValidationOptions[].[DomainName, ValidationStatus, ValidationMethod]"
[
    [
        "domain.biz",
        "SUCCESS",
        "DNS"
    ],
    [
        "www.domain.biz",
        "PENDING_VALIDATION",
        "DNS"
    ]
]

Comments Off on ACM check validation
comments

Posted in AWS

Feb 06

Linux Shell Incremental Search

You probably use (and rely) on command search a lot already but thought I would add something about fish. If you are from the csh or ksh days you will recall the big adoption for bash came because of up and down scroll through command and maybe to a lesser extent tab for showing completion options.

I recently started using fish in some places. I know zsh has become popular as a bash alternative and zsh has the same powerful history search Control-R functionality.

Unfortunately with fish it is handled different. Many people prefer the way fish handles it and I admit I really like the type ahead and showing it in lighter color like shown below.

There are an ongoing push to also add Control-R search like bash and zsh handles it. As far as I can tell in v3.3.1 which is in the latest Ubuntu 22.04 beta this is not working as I wanted.

Note

With fish you start typing and you can still then use up and down keys to get through a list of related searches. I like and dislike the way fish does it. For the moment I am still mostly going back to bash since zsh also annoys me(for other reasons). But I could end up with fish if they leave the type ahead like it is and add exact Control-R incremental search like bash and zsh.

Powerful History Mechanism of fish

Modern shells save previous commands in a command history. You can view earlier commands by using the up and down arrows. Fish extends this concept by integrating the history search functionality. To search the history, simply type in the search string, and press the up arrow. By using the up and down arrow, you can search for older and newer matches. The fish history automatically removes duplicate matches and the matching substring is highlighted. These features make searching and reusing previous commands much faster.

Good explanation for why fish search is not Control-R

Using up and down arrows it's not a good alternative to Ctrl+R, because if the phrase you are looking for it is really deep in the history, you'll have to hit up/down keys a lot! I just use history | grep -i [phrase]

Comments Off on Linux Shell Incremental Search
comments

Posted in Bash, Linux

Dec 04

python append key

Python Append Key

Building a dict and ordering it into groups by key is sometimes very useful.

Teh following code show using the if .. in option and defaultdict option of checkign for a key when loading the dictionary. Although people warn that using has_key or if .. in type checks slows it down a lot my timings was fairly similar. I left some commented code in for my own reference.

source

from collections import defaultdict
from time import time

sample_size = 10000000

dct1 = defaultdict(list)
dct1 = {}
st_time = time()

for i in range(1, sample_size):
    s = str(i)
    key = s[0:1]
    name = 'server' + s
    dct1.setdefault(key, []).append({'name':name,'status':'RUNNING'})  # returns None!

print (f"\ndct1 defaultdict option: {time() - st_time}")

#print (dct1)  
# get one key
#one_key = dct1.get('2')
#print (one_key)
#for v in one_key:
#  print (v)

# print by key
#for k,v in dct1.items():
#  print("\nkey == {}".format(k))
#  print (v)
#  #for i in v:
#  #  print("  {} {}".format(i["name"], i["status"]))

dct2 = {}
st_time = time()

for i in range(1, sample_size):
    s = str(i)
    key = s[0:1]
    name = 'server' + s
    if key in dct2:
      dct2[key].append({'name':name,'status': 'STOPPED'})
    else:
      dct2.update({key: [{'name': name,'status': 'STOPPED'}]})

print (f"\ndct2 if .. in option: {time() - st_time}")

#print (dct2)
#one_key = dct1.get('1')
#print (one_key)
#for v in one_key:
#  print (v)

# print by key
#for k,v in dct2.items():
#  print("\nkey == {}".format(k))
#  print (v)
#  #for i in v:
#  #  print("  {} {}".format(i["name"], i["status"]))

test

py-assoc-arr$ python3 py-keyed-dict-timing.py 

dct1 defaultdict option: 6.392352342605591

dct2 if .. in option: 6.472132921218872

Comments Off on python append key
comments

Posted in Python

« Older Entries
Newer Entries »