Fixing lens error: unknown command "oidc-login" for "kubectl"

 Here is a simple snippet for all who faces this issue:)

First of all, don't forget pass the environment variable

export PATH="$PATH:$HOME/.krew/bin"

and use full kubectl path as like I used below.

    - name: your_oidc

      user:

        exec:

            apiVersion: client.authentication.k8s.io/v1beta1

            args:

                - oidc-login

                - get-token

                - --oidc-issuer-url=https://your-oidc-issuer 

                - --oidc-client-id=kubernetes

                - --grant-type=password

                - --username=veysel.sahin

                - --password=YOURPASSWORD

            command: /usr/local/bin/kubectl

            env: null

            interactiveMode: IfAvailable

            provideClusterInfo: false

Read More

Block range of RFC1918 from external interface

We have to find out the external interface. You can find by ip route get 8.8.8.8 command. You will see a multi-column row after the run. The 5th value of this row shows your external interface. You can also get the interface name by using awk command as shown below.  We exporting interface name to make process easier. You can block RFC1918 subnets from the external interface to prevent these to go out by command that I prepared below. You can also replace $INET_IFACE variable by hard-coded way such as eth0. I found my external by this command: ip route get 8.8.8.8 | awk -- '{printf $5}'

export INET_IFACE=$(ip route get 8.8.8.8 | awk -- '{printf $5}')

iptables -A FORWARD -o $INET_IFACE -d 10.0.0.0/8 -j REJECT 

iptables -A FORWARD -o $INET_IFACE -d 172.16.0.0/12 -j REJECT 

iptables -A FORWARD -o $INET_IFACE -d 192.168.0.0/16 -j REJECT

iptables -A FORWARD -o $INET_IFACE -d 100.64.0.0/10 -j REJECT

iptables -A FORWARD -o $INET_IFACE -d 169.254.0.0/16 -j REJECT

Hard-coded way:

iptables -A FORWARD -o eth0 -d 10.0.0.0/8 -j REJECT 

iptables -A FORWARD -o eth0 -d 172.16.0.0/12 -j REJECT 

iptables -A FORWARD -o eth0 -d 192.168.0.0/16 -j REJECT

iptables -A FORWARD -o eth0 -d 100.64.0.0/10 -j REJECT

iptables -A FORWARD -o eth0 -d 169.254.0.0/16 -j REJECT

Read More

Trust self-signed certificate at linux mint

Example certificate content for root and intermediate certificate:


sudo mkdir /usr/local/share/ca-certificates/extra
sudo cp root.cert.pem /usr/local/share/ca-certificates/extra/root.cert.crt
sudo update-ca-certificates

Important tip: You have to select the certificate at the top of the list that opens after "sudo update-ca-certificates" command.

Read More

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Hi, you have to unmask docker service by command given below if you getting some error during etc sn apshot-save like this "Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running"

rke --debug etcd snapshot-save

unmask command
systemctl unmask docker.service systemctl unmask docker.socket systemctl start docker.service

Read More

webpack --hot Uncaught SyntaxError: missing ) after argument list error

Hi, it is have a very simle solution. You can just remove package-lock.json file and node_modules folder and reinstalling modules with npm install. It because changing node version with nave etc..

Read More

solving rancher 2.x setting default storageclass failure on gui

Hi everyone,
If you using rancher 2.x for kubernetes and and nfs-provisioner for storageclass and you cannot set nfs as your default storageclass you have to set this via kubectl.

You can do this by running this command in your main system.
kubectl patch storageclass nfs -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

If you getting an error like cannot connect host:8080 you must run kubectl with --kubeconfig param that resolves your kube_config_cluster.yml.

example usage:
 kubectl patch storageclass nfs -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' --kubeconfig=~/kube_config_cluster.yml

You also can add kube_config_cluster.yml as KUBECONFIG environment value by
export KUBECONFIG=/path/to/kube_config_cluster.yml
or adding in /etc/environment file for persistent usage.

Read More

Failed to list *v1alpha1.Certificate: the server could not find the requested resource (get certificates.certmanager.k8s.io)

Hi everone, if you getting an error like "Failed to list *v1alpha1.Certificate: the server could not find the requested resource (get certificates.certmanager.k8s.io)" in kube-system cert-manager pod's log you just have to install cert-manager catalog app into kube-system namespace in system project.

Read More

kubernetes in container dns resolution problems with flannel vxlan backend

You can change net backend type vxlan to host-gw if you are using a ovh or kimsufi server and you don't sure server's vxlan support and docker containers outgoing connections fails because name resolution. I am using rancher and kubernetes and i changed my net-conf.json config from canal-config configmap. 

Change

net-conf.json { "Network": "10.42.0.0/16", "Backend": { "Type": "vxlan" } }

to 

net-conf.json { "Network": "10.42.0.0/16", "Backend": { "Type": "host-gw" } }

Read More

Program.cs(15, 28): [CS0017] Program has more than one entry point defined. Compile with /main to specify the type that contains the entry point.

Hi,

If you getting error after adding after adding Microsoft.NET.Test.Sdk Nuget package to project reference you can just add 

<GenerateProgramFile>false</GenerateProgramFile>

property in Project PropertyGroup in your .csproj file like screenshot. This will prevent multiple Main function conflict error. 

Read More

controller.cs is not found among the loaded symbol documents rider on linux

Hi guys, If you getting "not found among the loaded symbol documents" error on your .net core linux development environment probably you added "run watch" parameter to  runtime arguments to your run configuration. Remove the argument from configuration and restart Rider with invalidate caches option.

Read More

Error on connection registry.npmjs.org via npm update

Hi guys, if you get an error like below on npm update. You can set npm strict-ssl false on terminal by typing 

npm config set strict-ssl false

Hostname/IP does not match certificate's altnames: Host: registry.npmjs.org. is not in the cert's altnames: DNS:a.sni.fastly.net, DNS:a.sni.global-ssl.fastly.net

If problem didn't solved you can try set dns 8.8.8.8 at your /etc/resolv.conf for linux.

Read More