Blog Entries

17. 07. 2024 Lorenzo Candeago DevOps

How to Add SSH Keys to ArgoCD and Tekton on OpenShift to Access Gitea: Part2 – Add an SSH Key as a Secret to ArgoCD and Run a Test Deployment

In my previous post, we set up our test environment and a Gitea operator. In this blog post we’ll install the OpenShift GitOps operator and run a simple deployment. This setup allows us to test OpenShift-specific security constraints (such as OpenShift-specific SCCs, non privileged containers by default, etc.) in a test environment before going into…

Read More
17. 07. 2024 Lorenzo Candeago DevOps

How to Add SSH Keys to ArgoCD and Tekton on OpenShift to Access Gitea: Part1 – Set up the Test Environment and Add SSH Key to Gitea

In this series of blog posts I’ll show you how to set up ArgoCD and Tekton to clone git repositories via ssh from a Gitea instance hosted on an OpenShift cluster. Please note that for the sake of this blog post, the configurations are not suited for use in production, but just to give you…

Read More
30. 10. 2023 Lorenzo Candeago DevOps

How to Fix OpenShift Console not Showing the Characters in Firefox

Recently when opening a console in the web-ui of OpenShift in Firefox, I saw the following: This doesn’t happen when opening the console using Chromium. In the Firefox debugger, we can see that we have the following error: The error is due to a strict Firefox privacy setting that prevents characters from being loaded. To…

Read More
30. 10. 2023 Lorenzo Candeago DevOps

LVM Disks on Azure for Dockerized Applications

As an example of a Logical Volume Manager ( LVM ) setup on Azure, let me show you a real-world use case. Say we want to run a Pulp 3 container to host an rpm repo on Azure. As the base image let’s choose Rocky Linux 9. The machine that we provision will have two…

Read More
06. 10. 2023 Lorenzo Candeago Development, DevOps

How to Test Beta Repos for RedHat 8.9 in a Container

We wanted to test the new RedHat 8.9 beta releases, but RedHat doesn’t currently provide a beta container. How can we do it anyway? Please note that this procedure is not officially supported by RedHat. As a first step, we want to retrieve the package redhat-release from the rhel 8.9 beta ISO, in the directory…

Read More
12. 09. 2023 Lorenzo Candeago DevOps

How to Convert and Add a .pfx cert to Pulp 3 Operator

On our OpenShift cluster we use pulp3 as the repository manager. One recent task we had to do was to add a certificate before we could expose the repository over TLS. Our IT department provided us with the certificate in .pfx format. Following this guide for converting the certificate to a format usable by OpenShift,…

Read More
25. 08. 2023 Lorenzo Candeago DevOps

Debug and Workarounds for a Stuck Update on OpenShift 4.13.6

Today we wanted to update our OpenShift cluster, and after a while we came up against the following error: Not good… Let’s start by checking the clusterversion to investigate if we can find any errors: By analyzing the logs further we found the following error: it seems like the openshift-etcd-operator is not able to deploy…

Read More
19. 04. 2023 Lorenzo Candeago Bug Fixes, NetEye

Bug Fix for NetEye 4.29

Fixed a bug that blocks neteye upgrade under some conditions For NetEye 4.29 we updated the following packages:

Read More
20. 12. 2022 Lorenzo Candeago Development, DevOps

A Simple and Portable Dockerfile for Working with Azure and Ansible

For our use case, we need to be able to deploy Azure machines using Ansible from developer’s laptops and from our own CI/CD infrastructure both on Jenkins and OpenShift. The easiest way to ship a working and easy-to-use environment for our use case is to create a Docker instance: we based our Docker on rockylinux…

Read More
10. 10. 2022 Lorenzo Candeago DevOps

My OpenShift Journey #5: Run Unprivileged Containers with systemd in OpenShift: Part 2 – Testing

In my previous blog post, we modified the boot parameters to enable cgroups v2 and the user namespace in CRI-O. In this second part I’ll show you how to run a sample container with systemd and check that the modifications we made actually worked. Setting up a Test Docker To test the new config, let’s…

Read More
06. 10. 2022 Lorenzo Candeago DevOps

My OpenShift Journey #4: Run Unprivileged Containers with systemd in OpenShift: Part 1 – Deployment

For our ongoing transition from Jenkins to OpenShift, we’re currently working on porting our testing infrastructure to OpenShift. Our tests involve installing and running our product, NetEye, in a container. The installation requires a working systemd environment inside the container, and systemd needs to run with PID 1 and as root user (UID 0). Until…

Read More
07. 07. 2022 Lorenzo Candeago DevOps

How to Test an ISO with Packer and Change the Root Password at Boot

In a previous blogpost, we showed how to test an ISO using Packer, an open source software tool for creating machine images for multiple platforms. One of the issues we faced was due to a security requirement we have: that the ISO we ship must have its password already expired so that when NetEye is…

Read More
07. 07. 2022 Lorenzo Candeago DevOps

How to Use a Host’s Redhat Subscription to Run Containers Using Docker instead of Podman

In NetEye 4.23 we shifted our base containers from CentOS to RedHat Enterprise Linux. Within our NetEye image and container we ship packages that come from RedHat Enterprise Linux’s private repositories and are thus subject to subscription, hence we need a way to be able to use our subscription when building NetEye containers. RedHat allows…

Read More
23. 08. 2021 Lorenzo Candeago ITOA

Telegraf’s Starlark Processor

In the world of IT monitoring, we often deal with metrics that are cumulative, or where we cannot control or modify the definition of a metric. Examples include the various Windows performance monitoring metrics for MS Dynamics AX 2013 R3 (AOS) server. These metrics are cumulative, but whenever the AOS services are restarted, or the…

Read More
06. 07. 2021 Lorenzo Candeago ITOA

Continuous Deployment for Grafana Dashboards using Jsonnet and Jenkins, Part 2

In my previous blog post, I introduced our scenario: in a private cloud context, we want to deploy a dashboard for multiple clients created using Grafana, InfluxDB and Telegraf for SQL performance monitoring. We saw how to write a Grafana dashboard programmatically using Jsonnet and upload it to Grafana using the Grafana API. In this…

Read More

Archive