Nurlan199206

Y,X,Y    Y,X      <== ===> Y   COMBO 2 ERMAC

down, left + A + RT в воздухе

X,Y,A + захват

Nurlan199206

helm install prometheus-stack prometheus-community/kube-prometheus-stack --version 58.2.0 --namespace=monitoring --create-namespace

helm upgrade --install prometheus-stack prometheus-community/kube-prometheus-stack --version 58.2.0 --namespace=monitoring -f values.yaml
=====================================================================================================================================

helm install prometheus-community/prometheus:v2.41.0 --namespace=monitoring --debug --dry-run

helm install nginx --namespace=default --debug  --set image.name=nurlan1992/app:v1 -f values.yaml .

helm upgrade --debug --install nginx --namespace=default  --set image.name=nurlan1992/app:v1 -f values.yaml .

Nurlan199206

Get Active Directory certificate
1. openssl s_client -showcerts -connect 192.168.1.155:636

2. copy cert output from previous command and save to your root keycloak truststores location! for example: /opt/keycloak/conf/truststores

2. mcedit /path/keycloak/bin/kc.sh 

3. if you gettins SSL error when connecting to LDAP server:
In JAVA_OPTS add to the end of the line -Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true

Nurlan199206

Vanilla OKD Console integration with Keycloak OIDC

Software version:

Keycloak: 23.0.7
Kubernetes: 1.26.5

# Run Keycloak on port 443 with custom domain
1) bash kc.sh start-dev --https-certificate-file=/etc/letsencrypt/live/auth.dev-ops.kz/fullchain.pem --https-certificate-key-file=/etc/letsencrypt/live/auth.dev-ops.kz/privkey.pem --https-port=443

Nurlan199206

openssl genrsa -out deployer.key 2048
openssl req -new -key deployer.key -out deployer.csr -subj "/CN=deployer"

cat deployer.csr | base64 | tr -d "\n"

cat <<EOF | kubectl apply -f -
apiVersion: certificates.k8s.io/v1
kind: CertificateSigningRequest
metadata:
  name: deployer

Nurlan199206

/etc/logrotate.d/postgresql-common

/var/log/postgresql/*.log {
       hourly
       rotate 3
       size 5M
       compress
       notifempty
       missingok
       nocreate

Nurlan199206

sonarqube-check:
  stage: Code Quality Check
  image: git.yourserver.com:5050/finservice/deployment/docker-images/gradle:7.6.3-jdk
  tags:
    - docker  
  variables:
    GRADLE_OPTS: "-Xmx1024m"
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
    GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
  cache:

Nurlan199206

1. 10.204.11.181
2. 10.204.11.182
3. 10.204.11.183

wget https://downloads.apache.org/kafka/3.6.1/kafka_2.13-3.6.1.tgz

wget https://dlcdn.apache.org/zookeeper/zookeeper-3.9.1/apache-zookeeper-3.9.1-bin.tar.gz

tar xvzf kafka_2.13-3.6.1.tgz

Nurlan199206

=======================================================systemd==============================================================
[Unit]
Description=MinIO
Documentation=https://docs.min.io
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio

[Service]
WorkingDirectory=/usr/local/bin/

Nurlan199206

example of HTTP3 on nginx
==============================================================
server {
    listen 443 quic reuseport;
    listen 443 ssl;
    server_name  test.mydomain.kz;

    #access_log  /var/log/nginx/host.access.log  main;

    ssl_certificate      /etc/letsencrypt/live/test.mydomain.kz/fullchain.pem;