Vadim's KB

VMware Photon 4, k3s

18. ноября 2022 koba (0)

if has error "CreateContainerError":

yum install apparmor-parser apparmor-utils

 

k8s dashboard

kubectl create serviceaccount k8s-admin -n kube-system
kubectl create clusterrolebinding k8s-admin --clusterrole=cluster-admin --serviceaccount=kube-system:k8s-admin
kubectl -n kube-system create token k8s-admin


https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

VMware Photon OS 4: DNS settings

16. ноября 2022 koba (0) 
sudo rm /etc/resolv.conf
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

systemctl restart systemd-networkd
systemctl restart systemd-resolved
 

VMware vCenter, set VMCA as Subordinate Certification Authority

15. октября 2022 koba (0)

1. SSH into vCenter appliance and run the following commands:

shell.set --enable True
shell
chsh -s /bin/bash root
2. Generate the Certificate Signing Request (CSR)
  • run
     
    /usr/lib/vmware-vmca/bin/certificate-manager
  • Select Option 2.
  • Type Y when prompted to generate the certificates using a configuration file.
  • Press Enter if using administrator@vsphere.local is OK.
  • Input the administrator password when prompted.
  • Enter your country code, e.g. US.
  • For the Name value enter the FQDN of your VCSA
  • Input your Organization name
  • Input your OrgUnit 
  • Input your State
  • Input your Locality
  • Input the IP address of your VCSA
  • Input a contact email address
  • Input the FQDN of your VCSA for the hostname
  • Input the VMCA Name (i.e. FQDN of your VCSA)
  • Select option 1 to generate the CSRs
  • Enter the path of your choice (e.g. /tmp/) for the resulting CSRs
  • Leave the SSH session open

The Certificate manager created two files:

/tmp/vmca_issued_csr.csr
/tmp/vmca_issued_key.key

3. Open your favorite SCP tool (e.g. WinSCP, Royal TSX, etc.). Navigate to /tmp/ Download: vmca_issued_csr.csr
4. Submit Certificate Request on Certification Authority
5. Get CA Certificate Chain, file chain.cer
6. Configuring the VMCA
  • Transfer chain.cer to the VMCA via SCP to /tmp/.
  • Switch back to your SSH session on the VMCA and press 1.
  • Enter /tmp/chain.cer for the Root certificate.
  • Enter /tmp/vmca_issued_key.key for the custom key.
  • Enter Y to replace all of the certificates.
  • Sit back and wait a few minutes for the change to complete.

Linux, expand partition online

6. июня 2022 koba (0)

Install:

apt-get install cloud-utils

Run:

growpart /dev/xvda 1  # Grows the partition
resize2fs /dev/xvda1  # Grows the filesystem

Install SSL certificate on Windows RDP

27. декабря 2020 koba (0)

1. Certificate thumbprint. Certificate must be installed in personal store at the computer level.

2. Run PowerShell script:

$PATH = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices)
Set-WmiInstance -Path $PATH -argument @{SSLCertificateSHA1Hash="thumbprint"}

 

Chrome: disable certificate check

20. декабря 2020 koba (0)

1. Chrome - type "thisisunsafe" on page

2. Chrome - run with parameters:

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --ignore-certificate-errors
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --ignore-certificate-errors --ignore-urlfetcher-cert-requests &> /dev/null