SCC assignments and permissions in OpenShift

Oct 1, 2020
SCCs 🔗There are tons of information out there about SCCs, but in this post we will be focused on how to create and use a custom SCC only. See the OpenShift official documentation on Managing Security Context Constraints for more details. Custom SCC 🔗In the event of requiring a custom SCC, there are a few steps that need to be done to be able to use the SCC properly.

Manage external displays with Gnome and Argos extension

Sep 21, 2020
I wanted to easily switch between my regular desktop configuration: All the external displays: To a single external display: Or just the laptop screen: This usually required to open gnome-control-center, then click displays, etc. So I thought it would be nice to look for a extension in the Gnome Extensions site… but I couldn’t find any that worked as I wanted… so let’s try to do our own method! :)

Podman rootless containers in RHEL7

Jul 24, 2020
Quick howto to make podman rootless containers work in RHEL7: sudo yum clean all sudo yum update -y sudo yum install slirp4netns podman -y echo "user.max_user_namespaces=28633" | sudo tee -a /etc/sysctl.d/userns.conf sudo sysctl -p /etc/sysctl.d/userns.conf sudo usermod --add-subuids 200000-300000 --add-subgids 200000-300000 $(whoami) podman system migrate Then, logout and log-in again. Easy peasy!

Simulate ONTAP ® 9.6 on KVM + Trident 20.04 on OCP4

May 11, 2020
Introduction 🔗NetApp filers can be used to provide dynamic storage to OCP4/k8s using NetApp’s Trident storage orchestrator . In order to be able to use it, you need to have a real NetApp hardware to play with. It is also true that NetApp offers a simulator to play with. NOTE: The Simulator is not publicly available and you can only access to it if you are a customer or partner.

Xiaomi Mijia Ble Sensor MQTT on containers on Kubernetes

Nov 8, 2019
Intro 🔗As I mentioned in my previous post , everything was working flawlessly… except for a bluetooth issue in my raspberry pi 3 that basically renders bluetooth unusuable… but it is rebooted daily via a cron job, so minor issue :) (I know I know, I’m planning to do a better workaround…) This was good enough, but a few days ago I decided to give k3sup a chance and install k3s (a lightweight Kubernetes distribution focused on ARM/IoT devices) in a spare pine64 that was gathering dust in a drawer :)

Xiaomi Mijia Ble Sensor MQTT on containers

Nov 8, 2019
As a geek, I use Home Assistant to simplify my home automation tasks (running in a container, of course!). Home Assistant is a really nice project and I recommend you to take a look at it if you want to get started in home automation. One of the things I wanted to have was temperature and humidity sensors spread across the rooms in order to be able to see the current status and historical data… and it turns out it is supported out of the box using the mitemp_bt module .

metallb on OCP4 baremetal

Jul 5, 2019
UPDATE: I submitted a PR to the MetalLB docs on how to deploy MetalLB on OpenShift 4 and it has been merged \o/ so hopefully it will be live soon. ORIGINAL BLOG POST: –8<– This blog post illustrates my steps to deploy metallb on OCP4 running on baremetal. Environment 🔗I have an OCP4 environment running in a Red Hat lab using 3 baremetal hosts as masters + workers deployed using openshift-metal3/dev-scripts


Jun 25, 2019
In this blog post, I’m going to try to explain in my own words a high level overview of what Metal3 is, the motivation behind it and some concepts related to a ‘baremetal operator’. Let’s have some definitions! Custom Resource Definition 🔗The k8s API provides some out-of-the-box objects such as pods, services, etc. There are a few methods of extending the k8s API (such as API extensions) but since a few releases back, the k8s API can be extended easily with custom resources definitions (CRDs).

OCP4 UPI baremetal pxeless with static ips

Jun 19, 2019
Do you want to deploy an OCP4 cluster without using PXE and using static IPs? I’ve got you covered. See my unsupported step by step instructions on how to doing it, including: No PXE (pretty common scenario in big companies) Avoid installing stuff and use containers instead (instead yum/dnf install httpd, haproxy,… use containers) Use rootless containers if possible Use Fedora29/RHEL8 stuff (nmcli, firewalld, etc.) Enjoy!

Lock & unlock GNOME session using CLI

Jun 19, 2019
I personally use those commands with the gsconnect GNOME extension and KDE Connect on my Android phone: Lock 🔗gdbus call --session --dest org.gnome.ScreenSaver --object-path /org/gnome/ScreenSaver --method org.gnome.ScreenSaver.Lock Unlock 🔗loginctl unlock-session && xset dpms force on