№ 10430 В разделе "Администрирование" от December 6th, 2019,
You can easily use it to check MySQL or Postgresql connection.
#!/bin/bash for i in `seq 1 ${CONNECT_TIMEOUT}`; do mysql -h "${DB_HOST}" -u${DB_USERNAME} -p${DB_PASSWORD} ${DB_DATABASE} -e 'select 1' if [ $? -eq 0 ]; then echo "Connected to MySQL" exit 0 fi if [ $i -eq ${CONNECT_TIMEOUT} ]; then echo "MySQL timeout" exit 1 fi sleep 1 done
№ 10420 В разделе "Администрирование" от December 4th, 2019,
Prepare Configmap with auth information. Use command htpasswd -Bbn vlad 123
to create login and password for users. No need to restart all pods of registry to apply changes. May be you want to store it in Secret resource, at your choice.
Example:
--- apiVersion: v1 kind: ConfigMap metadata: creationTimestamp: null name: registry-auth data: htpasswd: | vlad:$2y$05$anFCx3pAPG/BNxPsEKcau.LPKjWFN7hHkoXbvIMp7Jie97uYafuSq
Now create bucket my-own-registry
in Spaces with access key id and secret key. Do not forget to set http_secret and nodeSelector. http_secret required if you want multiple pods.
Example:
--- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: registry spec: replicas: 2 template: metadata: labels: name: registry spec: containers: - name: registry image: registry:2 ports: - name: registry containerPort: 5000 volumeMounts: - mountPath: /auth name: auth env: - name: REGISTRY_HEALTH_STORAGEDRIVER_ENABLED value: "false" - name: REGISTRY_AUTH value: "htpasswd" - name: REGISTRY_AUTH_HTPASSWD_REALM value: "Registry Realm" - name: REGISTRY_AUTH_HTPASSWD_PATH value: /auth/htpasswd - name: REGISTRY_STORAGE value: "s3" - name: REGISTRY_STORAGE_S3_ACCESSKEY value: "TVV3WXZ233MEPEBXFP7X" - name: REGISTRY_STORAGE_S3_SECRETKEY value: "ERlofd+hb9Ps1oBR5jUJuPa9NIMRSLxvUyulKJnt8S0" - name: REGISTRY_STORAGE_S3_BUCKET value: "my-own-registry" - name: REGISTRY_STORAGE_S3_REGION value: "fra1" - name: REGISTRY_STORAGE_S3_REGIONENDPOINT value: "https://fra1.digitaloceanspaces.com" - name: REGISTRY_LOG_LEVEL value: "info" - name: REGISTRY_HTTP_ADDR value: "0.0.0.0:5000" - name: REGISTRY_HTTP_SECRET value: sexy_pony resources: limits: cpu: 100m memory: 200Mi requests: cpu: 50m memory: 50Mi volumes: - name: auth configMap: name: registry-auth nodeSelector: doks.digitalocean.com/node-pool: infra
Last step easily shares registry. Set limit for image size in proxy-body-size
, value 0
means no limits.
Example:
--- apiVersion: v1 kind: Service metadata: name: registry labels: name: registry spec: ports: - port: 80 targetPort: registry protocol: TCP name: registry selector: name: registry type: ClusterIP --- apiVersion: extensions/v1beta1 kind: Ingress metadata: annotations: certmanager.k8s.io/cluster-issuer: letsencrypt-prod kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/proxy-body-size: "0" name: registry spec: rules: - host: registry.k8s.blindage.org http: paths: - backend: serviceName: registry servicePort: registry path: / tls: - hosts: - k8s.blindage.org - '*.k8s.blindage.org' secretName: k8s-blindage-tls
№ 10039 В разделе "3D printing" от December 1st, 2019,
Модель вытяжки https://www.thingiverse.com/thing:4011854
Решетка на вентилятор https://www.thingiverse.com/thing:2802474
№ 10409 В разделе "3D printing" от November 26th, 2019,
№ 10401 В разделе "Администрирование" от November 19th, 2019,
At first, create digitalocean.tf
with auth token if you do not have one.
Carefully read documentation:
Now prepare domains.tf
with resources declaration:
resource "digitalocean_domain" "k8s_blindage_org" { name = "k8s.blindage.org" } resource "digitalocean_record" "k8s_blindage_org_ns1" { domain = digitalocean_domain.k8s_blindage_org.name type = "NS" name = "@" value = "ns1.digitalocean.com." } resource "digitalocean_record" "k8s_blindage_org_ns2" { domain = digitalocean_domain.k8s_blindage_org.name type = "NS" name = "@" value = "ns2.digitalocean.com." } resource "digitalocean_record" "k8s_blindage_org_ns3" { domain = digitalocean_domain.k8s_blindage_org.name type = "NS" name = "@" value = "ns3.digitalocean.com." }
Authorize and receive list of records with IDs:
export DO_TOKEN=fed82d66020b4ccfa67d53d45a519fuck6d3you0c946a9cd196f1062195a7993 curl -X GET https://api.digitalocean.com/v2/domains/k8s.blindage.org/records -H "Authorization:Bearer ${DO_TOKEN}"
Now you are ready to import current state with record IDs from previous step:
terraform import digitalocean_domain.k8s_blindage_org k8s.blindage.org terraform import digitalocean_record.k8s_blindage_org_ns1 k8s.blindage.org,80019903 terraform import digitalocean_record.k8s_blindage_org_ns2 k8s.blindage.org,80019904 terraform import digitalocean_record.k8s_blindage_org_ns3 k8s.blindage.org,80019905
Говорят вещь хорошая, надо будет поковырять на днях keel.sh/ #kubernetes #devops
Хорошая шпаргалка по пластикам для печати drive.google.com/file/d/1NKB3- В принципе, данные практически сходятся с моими blindage.org/?p=10199
Код quay теперь открыт www.projectquay.io/ #devops #kubernetes
Fortune cookie: Mathematicians do it with a small, imaginary part.