Very useful command: tfswitch
|
1 |
brew install warrensbox/tap/tfswitch |
-
Fast switch Terraform version
-
How to label Kubernetes node ROLE name
That’s easy!
Add Label:
kubectl label node <node name> node-role.kubernetes.io/<role name>=<key — (any name)>
Remove label:
kubectl label node <node name> node-role.kubernetes.io/<role name>-
Let’s try:
$ kubectl get nodes
1234NAME STATUS ROLES AGE VERSIONnode-1.domain.loc Ready master 51d v1.17.0node-2.domain.loc Ready <none> 51d v1.17.0node-3.domain.loc Ready <none> 51d v1.17.0$ kubectl label node node-2.domain.loc node-role.kubernetes.io/worker=
1node/node-2.domain.loc labeledand check:
$ kubectl get nodes
1234NAME STATUS ROLES AGE VERSIONnode-1.domain.loc Ready master 51d v1.17.0node-2.domain.loc Ready worker 51d v1.17.0node-3.domain.loc Ready <none> 51d v1.17.0
-
How to setup L2TP over IPSec VPN server (Ubuntu 16.04 – 20.04)
How to setup L2TP over IPSec VPN server (Ubuntu 16.04)
1apt-get install strongswan xl2tpd# (optional, need to check ) apt-get install ppp libgmp3-dev bison flex
Edit /etc/ipsec.conf
123456789101112131415161718192021222324# /etc/ipsec.conf — Openswan IPsec configuration file modified for Strongswan# (c) Kayama 2018# Add connections hereconn L2TP-IPSECauthby=secretrekey=nokeyingtries=3type=transportesp=aes128-sha1ike=aes128-sha-modp1024ikelifetime=8hkeylife=1hleft=XXX.XXX.XXX.XXX # your router’s external IPleftprotoport=17/1701right=%anyrightprotoport=17/%anyrightsubnet=0.0.0.0/0auto=adddpddelay=30dpdtimeout=120dpdaction=clear#force all to be nat’ed. because of iOSforceencaps=yesEdit /etc/ipsec.secrets
12345# This file holds shared secrets or RSA private keys for authentication.# RSA private key for this host, authenticating it to any other host# which knows the public part.: PSK “TypeYourPassPhraseHere”Edit /etc/ppp/options.xl2tpd
1234567891011121314151617181920require-mschap-v2refuse-mschapms-dns 8.8.8.8ms-dns 8.8.4.4asyncmap 0authcrtsctsidle 1800mtu 1410mru 1410connect-delay 5000lockhide-passwordlocal#debugmodemname l2tpdproxyarplcp-echo-interval 30lcp-echo-failure 4Edit /etc/xl2tpd/xl2tpd.conf
12345678910111213141516171819202122[global]ipsec saref = nodebug tunnel = nodebug avp = nodebug network = nodebug state = noaccess control = norand source = devport = 1701auth file = /etc/ppp/chap-secrets[lns default]ip range = 192.168.1.10-192.168.1.20local ip = 192.168.1.1require authentication = yesname = l2tppass peer = yesppp debug = nolength bit = yesrefuse pap = yesrefuse chap = yespppoptfile = /etc/ppp/options.xl2tpdAnd finally add password to the /etc/ppp/chap-secrets file
1234test l2tpd TestTest “*”service xl2tpd restartservice ipsec restartEverything should work fine!
Upd. 2022.01
-
lxd and adjusting size of root device
That’s normal. With LXD 2.9 and the storage pool changes, LXD stopped generating automatic «root» devices for the containers, instead relying on inheritance from the default profile.
So in LXD < 2.9, every container had a local «root» device which you could then set properties directly on. With those LXD versions, adding a «root» device to your default profile would be entirely ignored as all containers would override it.
In LXD > 2.9, containers don’t have any devices by default, they instead rely on inheritance. Meaning that if you want to override it, you have to add a new device to the container with the same name so that it overrides the one coming from the profiles.
«lxc config show NAME» vs ” lxc config show –expanded NAME ” is pretty useful to see how this all works.
© https://discuss.linuxcontainers.org/u/stgraber
-
makepasswd console script
Add to the .bash_profile
1alias makepasswd=”openssl rand -base64 $1″