Another week goes by! Software & DevOps 🔗 Uber Kraken - A P2P-powered Docker registry developed by Uber, designed for highly scalable and available image distribution. Xpra - Persistent remote applications for X11, MacOS, and MS Windows, known as “screen for X,” allowing disconnection and reconnection to graphical applications. pkgit - An unconventional package manager designed to compile and install packages directly from their git repository. volare - A Kubernetes volume populator project.

What Edu is Reading This Week 🔗People often ask me about the cool stuff I stumble upon during the week. So, I figured, why not share the links that caught my eye? So here we are. This is inspired by some newsletters I read such as Vermandeen’s Valuable News or Kube Today. I’m not 100% sure if I’ll be able to keep a weekly cadence; I really don’t have too much free time lately, but I’ll try!

I wanted to simulate a RedFish BMC to be able to power on/off libvirt virtualmachines and attach ISOs as I do for baremetal hosts. Entering sushy-tools 🔗sushy-tools include a RedFish BMC emulator as sushy-emulator (see the code in the official repo). Basically it can connect to the libvirt socket to perform the required actions exposing a RedFish API. metal3-io/sushy-tools container image 🔗To easily consume it, the metal3 folks already have a container image ready for consumption at quay.

I wanted to have specific permissions on the /var/lib/libvirt/images folder to be able to write as my user. To do it, you can just use setfacl as: $ sudo setfacl -m u:edu:rwx /var/lib/libvirt/images The issue is sometimes those permissions were reset to the default ones… but why? and most important… who? auditd 🔗To find the culprit I used auditd to monitor changes in that particular folder as: $ sudo auditctl -w /var/lib/libvirt/images -p a -k libvirt-images Then, performed a system update just in case… and after a while…

I wanted to configure a VM to act as a router between two networks, providing DHCP and DNS services as well. │ │ │ │ ┌──────┐ │ │ │ │ │ ┌────────────┐ ├───┤ vm01 │ ├─┤ dhcprouter ├──┤ │ │ │ └────────────┘ │ └──────┘ │ │ │ │ ┌──────┐ │ │ │ │ │ ├───┤ vm02 │ │ │ │ │ │ │ └──────┘ │ │ public network private network public network is the regular libvirt network created by default (192.

I wanted to compile the hypershift binary but it requires golang 1.17 which is not included in Fedora 35, so I ended up doing this: mkdir ./tmp/ && \ podman run -it -v ${PWD}/tmp:/var/tmp/hypershift-bin/:Z --rm docker.io/golang:1.17 sh -c \ 'git clone --depth 1 https://github.com/openshift/hypershift.git /var/tmp/hypershift/ && \ cd /var/tmp/hypershift && \ make hypershift && \ cp bin/hypershift /var/tmp/hypershift-bin/' && \ cp ${PWD}/tmp/hypershift ~/bin/ HTH

To be able to monitor hardware health, status and information on HP servers running RHEL, it is required to install the HP’s Service Pack for Proliant packages. It seems the Management Component Pack is the same(agent software but for community distros, for enterprise, use SPP. There is more info about those HP tools on the HP site Basically you just need to add a yum/dnf repository, install the packages and start a service (actually the service is started as part of the RPM post-install, which is not a good practice…)

When deploying OpenShift IPI on baremetal, there is only so much you can tweak at installation time in terms of networking. Of course you can do changes after the installation, such as applying bonding configurations or vlan settings via machine configs… but what if you need those changes at installation time? In my case, I have an OpenShift environment composed by physical servers where each of them have 4 NICs. 1 unplugged NIC, 1 NIC connected to the provisioning network and 2 NICs connected to the same switch and to the same baremetal subnet.

In this blog post I’m trying to perform the integration of an external registry with an OpenShift environment. The external registry can be any container registry, but in this case I’ve configured harbor to use certificates (self generated), the ‘library’ repository in the harbor registry to be private (aka. require user/pass) and created an ‘edu’ user account with permissions on that ‘library’ repository. Harbor installation 🔗Pretty straightforward if following the docs, but for RHEL7:

Introduction 🔗I’ve been using Nextcloud for a few years as my personal ‘file storage cloud’. There are official container images and docker-compose files to be able to run it easily. For quite a while, I’ve been using the nginx+redis+mariadb+cron docker-compose file as it has all the components to be able to run an ‘enterprise ready’ Nextcloud, even if I’m only using it for personal use :) In this blog post I’m going to try to explain how do I moved from that docker-compose setup to a podman rootless and systemd one.