Author: <span class="vcard">kenio.carvalho</span>

We started a CP4D installation on AWS, but without using AWS ROSA. We create a new cluster from scratch.
In our lab everything worked perfectly but when the client went to do its installation the Openshift CLI displayed the following error message:

assertion failed [inst.has.value()]: failed to decode instruction: 0x0

After much analysis, we discovered that the client’s Administrator was using a MacBook Pro M1 laptop.

We found the solution at this link https://veducate.co.uk/

 

Linux

It’s only for messages. No calendar migration

Imapsync command is a tool allowing incremental and recursive imap transfers from one mailbox to another. If you don’t understand the previous sentence, it’s normal, it’s pedantic computer-oriented jargon.

All folders are transferred, recursively, meaning the whole folder hierarchy is taken, all messages in them, and all message flags (\Seen\Answered \Flagged etc.) are synced too.

Imapsync reduces the amount of data transferred by not transferring a given message if it already resides on the destination side. Messages that are on the destination side but not on the source side stay as they are.

Get the tool here  https://github.com/imapsync/imapsync

Domino

This paper is intended for architects, systems programmers, analysts and programmers wanting to understand the performance characteristics, and best
practises of IBM MQ. The information is not intended as the specification of any programming interface that is provided by IBM. It is assumed that the reader is
familiar with the concepts and operation of IBM MQ.

Link to download the paper:    https://ibm-messaging.github.io/mqperf/MQ_Performance_Best_Practices_v1.0.pdf

MQ

I received an email yesterday from Docker. It’s a reminder about the end of grace period.

Hello,

As a reminder you’re receiving this email because on August 31, 2021 we updated the terms applicable to the Docker products or services you use.

On January 31, 2022, the grace period ends for free commercial use of Docker Desktop in larger enterprises. Companies with more than 250 employees OR more than $10 million USD in annual revenue now require a paid subscription to use Docker Desktop. Read the blog or visit our FAQ to learn more about these updates.

For me is not a problem anymore i remove Docker Desktop from my computers and install Podman.  No issues, no problems everything works.

Don’t need Docker Desktop anymore.

Uncategorized

Openshift comes with a set of default templates, you can use oc get templates -n openshift to show them
Each template contains specifc sections
  • The objects section: defines a list of resources that will be created
  • The parameters section: defines parameters that are used in the template objects
1 – Inspect the template file for the parameters
I export the postgresql-ephemeral to a yaml file using :  oc get template postgresql-ephemeral -o yaml -n openshift > postgresql.yaml 
Then inspect the yaml file  oc process --parameters -f <filename.yaml>
2 – Create the application using oc process
oc process -f postgresql.yaml -l app=mydb -p DATABASE_SERVICE_NAME=dbservice -p POSTGRESQL_USER=dbuser \
-p POSTGRESQL_PASSWORD=password -p POSTGRESQL_DATABASE=books | oc create -f -

Uncategorized

Podman Pods are very similar to Kubernetes pods in a way that they can have more than one container.

Every Podman pod contains one infra container by default. This container is responsible for associating the names space with the pod and allowing podman to connect the containers to another pod.

Create a Pod using Podman

The first step is to create a Pod using podman:

sudo podman pod create –name <podname>

For our example we will create a pod with the name wp-pod

sudo podman pod create -p 8080:80 --name wp-pod

After creating the Pod you can see the infra container using the command:

sudo podman pod ps -a --pod

Note that host port 8080 has been redirected to port 80 of the pod. Pod port settings should always be made when creating the pod. You cannot reset this later.

Adding containers to a Pod

To add a container to a pod we use the –pod option when using the comand podman run.

sudo podman run -d --name <container name> --pod <podname> <imagename>

Creating a container using the mariadb image

To run the workpress we need a database. In this case I will use the image of mariadb and add it in the pod wp-pod

sudo podman run -d --restart=always –-pod wp-pod \

-e MYSQL_ROOT_PASSWORD="myrootpass" \

-e MYSQL_DATABASE="wpdb" \

-e MYSQL_USER="wpuser" \

-e MYSQL_PASSWORD="w0rdpr3ss" \

--name=wp-db registry.access.redhat.com/rhscl/mariadb-100-rhel7

Next we will create a wordpress container, add it to the pod and connect it to the previously created database.

sudo podman run -d --restart=always --pod wp-pod \

-e WORDPRESS_DB_NAME="wpdb" \

-e WORDPRESS_DB_USER="wpuser" \

-e WORDPRESS_DB_PASSWORD="w0rdpr3ss" \

-e WORDPRESS_DB_HOST="127.0.0.1" --name wp-web wordpress

To verify that if everything is working, run:

 curl http://localhost:8080/wp-admin/install.php.

The text corresponding to an html  page will appear in the console:

!DOCTYPE html><html lang="en-US" xml:lang="en-US"><head>

<meta name="viewport" content="width=device-width" /> 

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />     

  <meta name="robots" content="noindex,nofollow" /> 

  <title>WordPress &rsaquo; Installation</title>

  <link rel='stylesheet' id='dashicons-css'  href='http://localhost:8080/wp-includes/css/dashicons.min.css?ver=5.8.2' type='text/css' media='all' />…

So far, we have a pod with 3 containers: infra, wp-db and wp-web.  The pod is running as root and also does not have a volume associated for data persistence.

Rootless Podman

Rootless podman (running Podman as a non-root user) needs to do some gymnastics to get the same container experience you’re familiar with from docker, but without requiring root.

When you run rootless podman, it uses a user namespace to map between the user IDs in the container and the user IDs on your host.

All rootless containers run by you, are run inside the same user namespace.

By using the same user namespace, your containers can share resources with each other, without needing to ask for root privileges.

It uses this user namespace to mount filesystems, or run a container which accesses more than one user ID (UID) or group ID (GID).

This mapping is fine for most situations, except when the container needs to be able to share something with the host, like a volume.

When the container runs, any volumes which are shared with it, will appear inside the user namespace as owned by root/root.

Because the mapping will map your UID on the host (e.g. 1000) as root (0) in the container.

This means that if you’re running your container process as a non-root user, it won’t be able to write to that directory and I don’t want to disable SELinux.

This is where podman unshare comes in.

Running WP-POD as a rootless POD and use a volume to persist data

First we need to create a directory so that it can be used by the container

mkdir /home/<username>/dbfiles

Using the podman inspect command we can see that the mariadb container uses user 27

We then execute the command:  podman unshare chown 27:27 -R /home/kenio/dbfiles

To remove the previously created pod:

sudo  podman pod stop wp-pod

sudo podman pod rm wp-pod

Perform the following steps to create the wp-pod as rootless:

podman pod create --name=wp-pod -p 8080:80

podman run -d --restart=always \

-v /home/kenio/dbfiles:/var/lib/mysql/data:Z --pod wp-pod \

-e MARIADB_ROOT_PASSWORD="password" \

-e MYSQL_ROOT_PASSWORD="password" \

-e MYSQL_DATABASE="wpdb" \

-e MYSQL_USER="wpuser" \

-e MYSQL_PASSWORD="w0rdpr3ss"  \

--name=wp-db registry.access.redhat.com/rhscl/mariadb-100-rhel7

 

Note that I add the :Z flag to the volume. This tells Podman to label the volume content as “private unshared” with SELinux.

This label allows the container to write to the volume, but doesn’t allow the volume to be shared with other containers.

 

podman run  -d --restart=always --pod=wp-pod \

-e WORDPRESS_DB_NAME="wpdb" \

-e WORDPRESS_DB_USER="wpuser" \

-e WORDPRESS_DB_PASSWORD="w0rdpr3ss" \

-e WORDPRESS_DB_HOST="127.0.0.1" --name wp-web wordpress

Use curl://localhost:8080/wp-admin/install.php and verify if everything is running.

Use podman logs –names <container name> para verificar os logs dos containers

I am using RHEL 8.3 and podman is version 3.2.3

If you want to access the worpress pod from external machine, in my case, I need to setup the firewall:

sudo firewall-cmd --add-port=8080/tcp --permanent

sudo firewall-cmd –reload

 

Many thanks for Tone Donohue for his article about rootless podman.

https://www.tutorialworks.com/podman-rootless-volumes/

docker Linux podman

Linux Containers have emerged as a key open source application packaging and delivery technology, combining lightweight application isolation with the flexibility of image-based deployment methods.

Red Hat Enterprise Linux (RHEL) base images are meant to form the foundation for the container images you build. As of April 2019, new Universal Base Image (UBI) versions of RHEL standard, minimal, init, and Red Hat Software Collections images are available that add to those images the ability to be freely redistributed.

RHEL minimal images provide a base for your own container images that is less than half the size of the standard image, while still being able to draw on RHEL software repositories and maintain any compliance requirements your software has.

Building custom images using Containerfile or Dokerfile  sometimes you need to install packages on top of the minimal images of RHEL.  You need to use microdnf to install things not dnf /yum.

Answer: As minimal as stated: no Python and no Python module dependencies. Which are quite many packages to think of it.

I suppose the actual gap will come also from the fact of not using Python:

  • There is no Python interface, and thus you can’t invoke microdnf from a Python code using a consistent API. You’ll have to resort to using the subprocess Python module
  • Actual dnf can be expanded with many additional commands provided by the dnf-plugins-core and other plugin packages. You may not expect any of those features in microdnf. They will hardly ever make it to microdnf.

 

 

 

openshift

Today I received a notice on my computer about  another Docker Desktop update, but this time a new agreement had to be accepted as now for professional use there is a subscription.
I saw many people commenting about this when the new licensing model was announced and since Kubernetes will no longer support the Docker Container Engine, I decided to remove Docker Desktop from my MAC and install Podman.

To remove the Docker Desktop I used this article and to install Podman I used the following steps:

  • brew install podman
  • podman machine init
  • podman machine start

Use podman info to see if everything is ok.

Linux

Today i will install Code Ready. You can install Openshift on your laptop. See this link . My RHEL 8.4 VM has a small disk and first i need to resize the disk and then install CodeReady

Using this commands i change from 20 GB to 50GB disk

First you need to locate the vm disk with the command

sudo virsh domblklist rhel8-1

the output was:

Target Source
——————————————————-
vda /var/lib/libvirt/images/rhel8-2-clone.qcow2
sda –

To resize the disk the VM must be not running and must not have a snapshot.

Just type this command and add 30GB

sudo qemu-img resize /var/lib/libvirt/images/rhel8-2-clone.qcow2 +30G

Start the vm and verify the disk using lsblk command

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sr0 11:0 1 1024M 0 rom
vda 252:0 0 50G 0 disk
|-vda1 252:1 0 1G 0 part /boot
`-vda2 252:2 0 29G 0 part
|-rhel-root 253:0 0 26G 0 lvm /
`-rhel-swap 253:1 0 3G 0 lvm [SWAP]

 

Linux openshift

After creating a VM using the template that was created using RHEL 8 I tried to register the new VM and the following error was shown:

 

This system is registered to Red Hat Subscription Management, but is not receiving updates. You can use subscription-manager to assign subscriptions.

Error: There are no enabled repositories in "/etc/yum.repos.d", "/etc/yum/repos.d", "/etc/distro.repos.d"

The solution for me was to remove and add subscriptions again RHEL8:

 subscription-manager remove --all        
 subscription-manager clean
 subscription-manager register --username <redhat username> --auto-attach
 dnf repolist or yum repolist

Linux

Continuing with the preparation of my lab I have installed a vm with RHEL 8.4 updated and from there I will create a template.

To create a template and use it later in the KVM the steps are as follows:

obs: My host is an Ubuntu 20.04

Install the tools to work with guests:

sudo apt install libguestfs-tools

List the vms:

virsh list --all

Prepare the rhel8-2 virtual machine to be a template

sudo virt-sysprep -d rhel8-2

Rename the vm to be a template

sudo virsh domrename rhel8-2 rhel8-Template

Open the VM Manager (virt-manager), and then select the rhel-Template. Right-click on it and select the Clone option, which will open the Clone Virtual Machine window.

Linux openshift

I am studying to take some RedHat certification exams including the OpenShift Enterprise Administration (DO280) exam.  I could set up Linux cloud servers such as IBM Cloud or even on AWS but I have an old laptop and decided to setup

a cluster with 3 Linux machines on it. I will start building a small k8s cluster. The first step was to install Ubuntu 20.04 as host.

My old laptop is a Toshiba Satellite P875 – S3210 32GB RAM 512GB SSD 750 GB HD SATA

Install and Enable SSH server on Ubuntu 20.04

  1. Update ubuntu : sudo apt-get update
  2. Install OpenSSH: sudo apt-get install openssh-server
  3. Verify the status: sudo systemctl status sshd
  4. Enable ssh connections on the host: sudo ufw allow ssh
  5.  Check if openssh is enabled:  sudo systemctl list-unit-files | grep enabled | grep ssh6
  6. If you have no results on step 5: sudo systemctl enable ssh

Now I can connect to my ubuntu laptop using ssh.

The second step was to install Timeshift and perform a backup of the system.

  1. Add the repository: add-apt-repository -y ppa:teejee2008/ppa2
  2. Install TimeShift: apt install timeshift

Then I made the first backup and started the KVM installation

Install KVM on Ubuntu 20.04

Install KVM:

  1. sudo apt install qemu qemu-kvm libvirt-clients libvirt-daemon-system virtinst bridge-utilsb
  2. sudo systemctl enable libvirtd
  3. sudo systemctl start libvirtd

Configure VNC:  VNC support should be available by default, and I do this configuration:

Edit /etc/libvirt/qemu.conf and add: vnc_listen = “0.0.0.0”
This will enable VNC on all networks. This is not a problem for me because it’s a local machine. Don’t do this if you are using a machine exposed to internet.b.

Edit /etc/libvirt/libvirtd.conf and add: listen_tcp = 1

Reboot the machine.

Enable VNC connections: sudo ufw allow 5900:5903 (VNC uses TCP port 5900+n and I will setup 3 machines)

Setup a bridge network

 The default network virbr0, created by KVM does not allow virtual machines to communicate with external hosts (inbound and outbound).

Using the nmcli tool I setup a bridge network. I try to use my wireless connection but it’s not work, some documents show that this only work with ethernet interfaces. My host ethernet connection is enp1s0

nmcli con add ifname br0 type bridge con-name br0

nmcli con add type bridge-slave ifname enp1s0 master br0

nmcli con down “Wired connection 1”

nmcli con up br0

Declaring KVM Bridged Network Create a xml file anmed bridge.xml with the lines:

<network>  <name>br0</name>  <forward mode="bridge"/>  <bridge name="br0" /></network>

Use the file to define the new network:

virsh net-define ./bridge.xml 

Start the network and configure it for auto-start

 virsh net-start br0virsh net-autostart br0   

Now I can use this network on the Virtual Machines 

For example using virt-install –network option

  Next step is to setup 3 machines and K8s

openshift