blog
Table des matières
2 billet(s) pour janvier 2026
| Git - Duplication d'un dépôt | 2026/01/19 10:22 | Jean-Baptiste |
| Exemple simple de conf Nagios | 2026/01/14 10:07 | Jean-Baptiste |
K8S - Kind - Images - Nettoyer les images importées
cluster="kind" containers=("control-plane" "worker" "worker2" "worker3") for container in "${containers[@]}"; do echo "Cleaning import images in container: $cluster-$container" docker exec -it "$cluster-$container" bash -c 'ctr -n=k8s.io images ls | grep import | cut -f1 -d" " | xargs ctr -n=k8s.io images rm' done
Source : https://github.com/kubernetes-sigs/kind/issues/3369
Notes podman api
Source : https://github.com/containers/podman/issues/15377
Launch a long running container
podman run -d ubi8/ubi:latest /usr/bin/sleep 999
Obtain the container ID
$ podman ps --format "{{.ID}}"
3d806b972a91
Launch an exec
CONTAINER_ID=3d806b972a91 PODMAN_SOCKET=/run/user/$(id -u)/podman/podman.sock EXEC_ID=$(curl -X POST -s --unix-socket "$PODMAN_SOCKET" -H 'Content-Type: application/json' "http://d/v1.0.0/libpod/containers/$CONTAINER_ID/exec" -d '{"Cmd": ["/usr/bin/sleep", "2"], "AttachStdout": true}' | jq -r '.Id' ) curl -X POST --unix-socket "$PODMAN_SOCKET" -H 'Content-Type: application/json' "http://d/v1.0.0/libpod/exec/$EXEC_ID/start" -d '{"Detatch": false}'
Serveur NFS en userland avec Ganesha
Voir :
Voir aussi (conteneurs) :
ganesha.conf
################################################### # # Ganesha Config Example # # This is a commented example configuration file for Ganesha. It is not # complete, but only has some common configuration options. See the man pages # for complete documentation. # ################################################### ## These are core parameters that affect Ganesha as a whole. NFS_CORE_PARAM { ## Allow NFSv3 to mount paths with the Pseudo path, the same as NFSv4, ## instead of using the physical paths. #mount_path_pseudo = true; ## Configure the protocols that Ganesha will listen for. This is a hard ## limit, as this list determines which sockets are opened. This list ## can be restricted per export, but cannot be expanded. #Protocols = 3,4,9P; Protocols = 4; Enable_NLM = false; Enable_RQUOTA = false; } ## These are defaults for exports. They can be overridden per-export. EXPORT_DEFAULTS { ## Access type for clients. Default is None, so some access must be ## given either here or in the export itself. #Access_Type = RW; Access_Type = RO; Protocols = 4; PrivilegedPort = false; Transports = TCP; Squash = All_Squash; } ## Configure settings for the object handle cache #MDCACHE { ## The point at which object cache entries will start being reused. #Entries_HWMark = 100000; #} #DIRECTORY_SERVICES { } ## Configure an export for some file tree EXPORT { Export_Id = 0; Filesystem_id = 0.0; Protocols = 4; Path = /srv/nfs; Pseudo = /; FSAL { Name = PSEUDO; } } EXPORT { ## Export Id (mandatory, each EXPORT must have a unique Export_Id) Export_Id = 1; ## Exported path (mandatory) Path = /srv/nfs/files; ## Pseudo Path (required for NFSv4 or if mount_path_pseudo = true) #Pseudo = /nonexistent; Pseudo = /files; ## Restrict the protocols that may use this export. This cannot allow ## access that is denied in NFS_CORE_PARAM. #Protocols = 3,4; Protocols = 4; ## Access type for clients. Default is None, so some access must be ## given. It can be here, in the EXPORT_DEFAULTS, or in a CLIENT block #Access_Type = RW; Access_Type = RO; Transports = "TCP"; # Anonymous_Uid = -2; # Anonymous_Gid = -2; Anonymous_Uid = 65534; Anonymous_Gid = 65534; #SecType = "sys"; SecType = "none"; # Manage_Gids = true; ## Whether to squash various users. Squash = root_squash; ## Allowed security types for this export #Sectype = sys,krb5,krb5i,krb5p; # Exporting FSAL FSAL { Name = VFS; } } ## Configure logging. Default is to log to Syslog. Basic logging can also be ## configured from the command line LOG { ## Default log level for all components Default_Log_Level = WARN; ## Configure per-component log levels. Components { FSAL = INFO; NFS4 = EVENT; } ## Where to log Facility { name = FILE; destination = "/var/log/ganesha.log"; enable = active; } } #CLIENT { # Clients = 192.168.100.104,192.168.100.105; # Access_Type = RO; # }
Sur Debian
# systemctl list-units |awk '/nfs/ { print $1 }'
nfs-blkmap.service
nfs-ganesha-lock.service
nfs-ganesha.service
nfs-client.target
Lancement
/usr/bin/ganesha.nfsd -C -L /var/log/ganesha/ganesha.log -f /etc/ganesha/ganesha.conf -N NIV_EVENT
Pb - bug as root command su - user ask for password
Dans un conteneur avec le compte root.
su - myuser
Bien que en 'root', le mot de passe est demandé.
Cause
yum downgrade -y libselinux
Vérif :
- Les droits sur la commande /bin/su sont OK
- /etc/pam.d semble OK
Autres :
- Cette commande avait été ajoutée afin de pouvoir installer le paquet
sudoersparce que l'image conteneur est plus récente que le dépôt yum utilisé. - Ce paquet ne contient que deux fichiers .so
Évidemment normalement :
- On install pas sudo et on utilise pas le compte root dans un conteneur
- Et on utilise un dépôt RPM aligné ou plus récent que l'image du conteneur
Pb apt-get install - Err 404 Not Found
# apt-get install tshark Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: libc-ares2 liblua5.2-0 libmaxminddb0 libnl-3-200 libnl-genl-3-200 libsbc1 libsmi2ldbl libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark11 libwiretap8 libwscodecs2 libwsutil9 wireshark-common Suggested packages: mmdb-bin snmp-mibs-downloader wireshark-doc The following NEW packages will be installed: libc-ares2 liblua5.2-0 libmaxminddb0 libnl-3-200 libnl-genl-3-200 libsbc1 libsmi2ldbl libsnappy1v5 libspandsp2 libssh-gcrypt-4 libwireshark-data libwireshark11 libwiretap8 libwscodecs2 libwsutil9 tshark wireshark-common 0 upgraded, 17 newly installed, 0 to remove and 0 not upgraded. Need to get 17.2 MB of archives. After this operation, 96.9 MB of additional disk space will be used. Do you want to continue? [Y/n] Y Err:1 http://security.debian.org buster/updates/main amd64 libssh-gcrypt-4 amd64 0.8.7-1+deb10u2 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:2 http://deb.debian.org/debian buster/main amd64 liblua5.2-0 amd64 5.2.4-1.1+b2 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:3 http://security.debian.org buster/updates/main amd64 libwireshark-data all 2.6.20-0+deb10u8 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:4 http://deb.debian.org/debian buster/main amd64 libmaxminddb0 amd64 1.3.2-1+deb10u1 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:5 http://security.debian.org buster/updates/main amd64 libc-ares2 amd64 1.14.0-1+deb10u4 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:6 http://deb.debian.org/debian buster/main amd64 libnl-3-200 amd64 3.4.0-1 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:7 http://deb.debian.org/debian buster/main amd64 libnl-genl-3-200 amd64 3.4.0-1 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:8 http://security.debian.org buster/updates/main amd64 libwsutil9 amd64 2.6.20-0+deb10u8 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:9 http://deb.debian.org/debian buster/main amd64 libsbc1 amd64 1.4-1 404 Not Found [IP: 2a04:4e42:8d::644 80] Err:10 http://security.debian.org buster/updates/main amd64 libwiretap8 amd64 2.6.20-0+deb10u8 404 Not Found [IP: 2a04:4e42:8d::644 80] Get:11 http://deb.debian.org/debian buster/main amd64 libsmi2ldbl amd64 0.4.8+dfsg2-16 [123 kB] Err:12 http://security.debian.org buster/updates/main amd64 libwscodecs2 amd64 2.6.20-0+deb10u8
Ne résout pas :
apt-get clean apt-get update
Tenter de corriger sources.list ne change rien
Solution
sudo rm /var/lib/apt/lists/* apt-get update
blog.txt · Dernière modification : de 127.0.0.1