Kubernetes – Reset Cluster

REF: Stack Overflow

james@server-01:~$ more ~/kube_reset.sh
#!/bin/sh
# https://stackoverflow.com/questions/56850650/reset-kubernetes-cluster
sudo kubeadm reset -f &&
 sudo systemctl stop kubelet &&
 sudo systemctl stop docker &&
 sudo rm -rf /var/lib/cni/ &&
 sudo rm -rf /var/lib/kubelet/* &&
 sudo rm -rf /etc/cni/ &&
 sudo ifconfig cni0 down &&
 sudo ifconfig flannel.1 down &&
 sudo ifconfig docker0 down &&
 sudo ip link delete cni0 &&
 sudo ip link delete flannel.1 &&
 sudo rm -rf /var/lib/etcd/* &&
 sudo rm -fr ~/.kube/* &&
 sudo shutdown -r now

ansible when with_items – ignore one group

I’m setting up icinga & using https://github.com/Icinga/icinga2-ansible

However, it’s putting a config on the icinga server to monitor itself, which is causing

information/ConfigCompiler: Compiling config file: /etc/icinga2/conf.d/pmlgra-03.domain.conf
information/ConfigCompiler: Compiling config file: /etc/icinga2/conf.d/satellite.conf
information/ConfigCompiler: Compiling config file: /etc/icinga2/conf.d/services.conf
information/ConfigCompiler: Compiling config file: /etc/icinga2/conf.d/slave-6.domain.conf
information/ConfigCompiler: Compiling config file: /etc/icinga2/conf.d/templates.conf
information/ConfigCompiler: Compiling config file: /etc/icinga2/conf.d/timeperiods.conf
information/ConfigCompiler: Compiling config file: /etc/icinga2/conf.d/users.conf
critical/config: Error: Object 'dmlici-02.domain' of type 'Host' re-defined: in /etc/icinga2/conf.d/hosts.conf: 18:1-18:20; previous definition: in /etc/icinga2/conf.d/dmlici-02.domain.conf: 2:1-2:35
Location: in /etc/icinga2/conf.d/hosts.conf: 18:1-18:20
/etc/icinga2/conf.d/hosts.conf(16):  */
/etc/icinga2/conf.d/hosts.conf(17): 

So this ansible with_items and when fixed it. Note: My icinga server is in a group called icinga

- name: Copy Host Definitions
  template: src=hosts_template.j2
            dest={{ icinga2_hosts_dir }}/{{ hostvars[item]['inventory_hostname'] }}.conf
            owner=root 
            group=root 
            mode=0644
  with_items: groups['all']
  when: "'icinga' not in hostvars[item]['group_names']"

osx display nameserver via cmd line

[user@macmini ~]#  scutil --dns | grep 'nameserver\[[0-9]*\]'
  nameserver[0] : 209.222.18.222
  nameserver[1] : 209.222.18.218
  nameserver[0] : 209.222.18.222
  nameserver[1] : 209.222.18.218
  nameserver[0] : 209.222.18.222
  nameserver[1] : 209.222.18.218

Rename files to no longer have spaces in names

I was having a problem where the for loop split files with spaces into multiple lines.

jamess@greenscar Ace_Of_Base_-_Star_Mark_Greatest_Hits_(2008)_-_flac $ for i in `find . -type f -name "* *"`; do  echo "$i"; rename 's/\ /_/g' "$i"; done;
./CD_1/01.Happy
Nation.flac
./CD_1/02.All
That
She
Wants.flac
./CD_1/03.The
Sign.flac
./CD_1/04.Wheel
Of
Fortune.flac
...

Then I found the IFS

IFS=$'\n'; for i in `find . -type f -name '* *.flac'`; do  echo "$i"; rename 's/\ /_/g' "$i"; done; unset IFS

And she works.

jamess@greenscar sorted $ IFS=$'\n'; for i in `find . -type f -name '* *.flac'`; do  echo "$i"; rename 's/\ /_/g' "$i"; done; unset IFS
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/01 - Thunderstruck.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/02 - Shoot To Thrill.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/03 - Big Gun.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/04 - Fire Your Guns.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/05 - You Shook Me All Night Long.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/06 - Heatseeker.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/07 - Back In Black.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/08 - Who Made Who.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/09 - Hard As A Rock.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/10 - Hells Bells.flac
./ACDC/2008_-_Warning!_High_Voltage_-_Greatest_Hits/CD1_-_Brian_Johnson/11 - Moneytalks.flac
...

ffmpeg on osx to convert flac to Apple Lossless (’cause itune$ won’t support flac)

References:
http://www.renevolution.com/how-to-install-ffmpeg-on-mac-os-x/
http://sound.stackexchange.com/questions/26633/free-batch-conversion-from-flac-to-apple-lossless-alac

  1. Install brew
  2. Install ffmpeg

    user@box dir $ brew install ffmpeg --with-fdk-aac --with-ffplay --with-freetype --with-frei0r --with-libass --with-libvo-aacenc --with-libvorbis --with-libvpx --with-opencore-amr --with-openjpeg --with-opus --with-rtmpdump --with-schroedinger --with-speex --with-theora --with-tools
    
  3. Convert all flac files

    for f in `find . -type f -name *.flac`; do ffmpeg -i "$f"  -vf "crop=((in_w/2)*2):((in_h/2)*2)" -c:a alac "${f%.flac}.m4a"; done
    

Self signed root cert with multdomain cert & sha-256

Self signed root cert with multdomain cert & sha-256
—-
Prep by creating dirs

mkdir -p /Users/user/Documents/multidomain/root_cert/private/
mkdir -p /Users/user/Documents/multidomain/star_devwest_foobar_com/

Root Certs
Create Root Key

user@greenscar root_cert $ openssl req \
-x509 \
-new \
-nodes \
-days 3650 \
-newkey rsa:2048 \
-sha256 \
-subj "/C=US/ST=California/L=San\ Jose/O=Cloud\ Cruiser\ Inc./CN=*.foobar.com" \
-keyout /Users/user/Documents/multidomain/root_cert/private/root_ca.key

Create Self Signed Root Cert

openssl req \
-x509 \
-sha256 \
-new \
-nodes \
-days 3650 \
-key /Users/user/Documents//SHA-256/root_cert/private/root_ca.key \
-subj "/C=US/ST=California/L=San\ Jose/O=Cloud\ Cruiser\ Inc./CN=*.foobar.com" \
-out /Users/user/Documents/multidomain/root_cert/root_ca.crt      

————————————————
Per environment certs
CD to cert dir

user@greenscar star_devwest_foobar_com $ cd /Users/user/Documents/multidomain/star_devwest_foobar_com

Create Private Key

openssl genrsa \
-out /Users/user/Documents/multidomain/star_devwest_foobar_com/star_devwest_foobar_com.key \
2048

Generate CSR

user@greenscar SHA-256 $ cd /Users/user/Documents/multidomain/star_devwest_foobar_com
openssl req -new \
-config /Users/user/Documents/multidomain/foobar.com.cnf \
-key /Users/user/Documents/multidomain/star_devwest_foobar_com/star_devwest_foobar_com.key \
-sha256 \
-out /Users/user/Documents/multidomain/star_devwest_foobar_com/star_devwest_foobar_com.csr \
-subj "/C=US/ST=California/L=San\ Jose/O=FooBar\ Inc./CN=devwest.foobar.com" 

Create files with all domains you want supported

echo "subjectAltName=DNS:devwest.foobar.com,DNS:*.devwest.foobar.com">cert_extensions

Checkout our new CSR
openssl req -text -noout -in star_devwest_foobar_com.csr

Sign cert via self signed root cert

openssl x509 -req \
-in /Users/user/Documents/multidomain/star_devwest_foobar_com/star_devwest_foobar_com.csr \
-CA /Users/user/Documents/multidomain/root_cert/root_ca.crt \
-CAkey /Users/user/Documents/multidomain/root_cert/private/root_ca.key \
-CAcreateserial \
-sha256 \
-extfile cert_extensions \
-out /Users/user/Documents/multidomain/star_devwest_foobar_com/star_devwest_foobar_com.crt \
-days 3650

Upload Cert

user@greenscar star_devwest_foobar_com $ aws iam delete-server-certificate --server-certificate-name star_devwest_foobar_com
user@greenscar star_devwest_foobar_com $  aws iam upload-server-certificate --server-certificate-name star_devwest_foobar_com  --certificate-body file://star_devwest_foobar_com.crt --private-key file://star_devwest_foobar_com.key