Gabriel Dumitrescu gdumitrescu

Folks, Leave me a comment / URL if something you like is missing!

Beginner Resources

Resource	Description
Kube Academy	https://kube.academy/
kuernetes-101	https://kube.academy/courses/kubernetes-101/
Docs Home	https://kubernetes.io/docs/home/
CKS CKA CKAD Simulator	https://killer.sh/

How to register Rancher managed Kubernetes clusters in Argo CD

Registering Rancher managed clusters in Argo CD doesn't work out of the box unless the Authorized Cluster Endpoint is used. Many users will prefer an integration of Argo CD via the central Rancher authentication proxy (which shares the network endpoint of the Rancher API/GUI). So let's find out why registering clusters via Rancher auth proxy fails and how to make it work.

Hint: If you are just looking for the solution scroll to the bottom of this page.

Why do i get an error when running `argocd cluster add`?

Service Account tokens and the Rancher authentication proxy

Example Jenkins integration for Vault

This snippet provides an example Jenkinsfile that performs an AppRole authentication using curl utility. The objective is to allow Jenkins to Authenticate to Vault, then use a temporary token to retrieve a secret. It does not rely on a plugin and therefore offers more flexibility.

AppRole authentication relies on a ROLE_ID and SECRET_ID to login and retrieve a Vault token. There are two ways to provide the SECRET_ID to Jenkins. Both of these are expanded upon below.

Pre-created SECRET_ID as a Jenkins secret. An out-of-band workflow will need to refresh the SECRET_ID periodically so Jenkins continues to perform AppRole logins successfully.
Alternative AppRole design: Give Jenkins the ability to refresh the SECRET_ID by itself.

1. Pre-created Secret ID

Managing GitHub with Terraform

Creating a Personal Access Token (PAT): help.github.com
Provider documentation: terraform.io/docs/providers/github
Provider source: github.com/terraform-providers/terraform-provider-github
Sensitive Data in Terraform State: terraform.io/docs/state/sensitive-data.html

	# Source: https://gist.github.com/vfarcic/78c1d2a87baf31512b87a2254194b11c

	###############################################################
	# How To Create A Complete Internal Developer Platform (IDP)? #
	# https://youtu.be/Rg98GoEHBd4 #
	###############################################################

	# Additional Info:
	# - DevOps MUST Build Internal Developer Platform (IDP): https://youtu.be/j5i00z3QXyU
	# - How To Create A "Proper" CLI With Shell And Charm Gum: https://youtu.be/U8zCHA-9VLA

	nodes:
	- address: 10.0.0.11
	user: ubuntu
	role:
	- controlplane
	- etcd
	- worker
	- address: 10.0.0.12
	user: ubuntu
	role:

	# Disable Commercial Repo
	sed -i "s/^deb/\#deb/" /etc/apt/sources.list.d/pve-enterprise.list
	apt-get update

	# Add PVE Community Repo
	echo "deb http://download.proxmox.com/debian/pve $(grep "VERSION=" /etc/os-release \| sed -n 's/.(\(.\)).*/\1/p') pve-no-subscription" > /etc/apt/sources.list.d/pve-no-enterprise.list
	apt-get update

	# Remove nag
	echo "DPkg::Post-Invoke { \"dpkg -V proxmox-widget-toolkit \| grep -q '/proxmoxlib\.js$'; if [ \$? -eq 1 ]; then { echo 'Removing subscription nag from UI...'; sed -i '/data.status/{s/\!//;s/Active/NoMoreNagging/}' /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js; }; fi\"; };" > /etc/apt/apt.conf.d/no-nag-script

	apiVersion: v1
	kind: ReplicationController
	metadata:
	name: kube-registry-v0
	namespace: kube-system
	labels:
	k8s-app: kube-registry
	version: v0
	spec:
	replicas: 1

	body {
	border: none !important;
	}

	.kineticjs-content {
	background-color: #282c34;
	}

	td {
	background-color: #282c34;