We are using a DHCP CNI plugin to setup networking for Kubernetes pods. On a node (CentOS) that looked just like other nodes, we noticed that the pods were not getting their default gateways set (they don’t have a default route).
After spending a lot of time checking configurations of DHCP server, switches, and the way the nodes had been connected, we concluded that the problem was with the node itself.
Continue reading DHCP Does Not Set Default GatewayThere are numerous note-taking solutions on the web, and never-ending discussions comparing the pros/cons of them. One easily gets lost when searching for an ideal solution for themselves. You hate Evernote because it’s too bloated. But sometimes you don’t like little editors like Typora either, because they lack some features you want.
After spending days and nights looking for the right note-taking app for myself, I thought hard about what I really wanted.
Continue reading Taking Markdown Notes with Visual Studio CodeThis post is about how misconfigured time can affect the Linux operating system and lead to unexpected results. Also I’ll share some thoughts on how to get it right. In this specific example, the Linux distribution is CentOS 7.
I got this error when I wanted to clone a git repo over HTTPS:
# git clone https://git.my.org/projects/test.git Initialized empty Git repository in /tmp/test/.git/ error: while accessing https://git.my.org/projects/test.git/info/refs
If I access the server with curl there’s error too:
# curl -v --insecure https://git.my.org * About to connect() to git.my.org port 443 (#0) * Trying 192.168.4.97... connected * Connected to git.my.org (192.168.4.97) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * warning: ignoring value of ssl.verifyhost * NSS error -5961 * Closing connection #0 * SSL connect error curl: (35) SSL connect error
That was a CentOS 6 box and it had not been updated for quite some time. The curl version:
# curl --version curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
I fixed it by updating nss lib and curl:
# yum update -y nss curl libcurl
Note that both nss and curl need to be updated. After the update:
# curl --version curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
As of this writing Puppet 5 isn’t supported by Foreman’s latest version (1.15.2) yet. I saw some discussions or tickets in the community about Puppet 5 but I can’t wait for a new release. I want to integrate Foreman with a separately installed Puppet 5 for several reasons:
We have a network in which a bunch of servers send out lots of notification emails and all these emails are relayed to the outside world through a single Postifx server (by setting relayhost variable in main.cf on the servers). Sometimes developers don’t pay enough attention and address the emails as from some domain that is not of our network, and such emails tend to be classified as spam by the receivers’ email provider.
Continue reading Postfix – Replace Sender Address and Add Reply-to Header