5kits zhao

Archive for December, 2019

Error from server (Forbidden): users.user.openshift.io is forbidden: User “syste m:anonymous” cannot create users.user.openshift.io at the cluster scope: no RBAC policy matched

Monday, December 30th, 2019

Solution

oc login -u system:admin

ansible playbook: Install httpd, start httpd and change hostname

Thursday, December 26th, 2019

  • name: just for testing by ayad hosts: web1 tasks:
    • name: installing httpd
      yum:
      name: httpd
      state: present
    • name: starting the services
      service:
      name: httpd
      state: started
    • name: modify the hostname
      lineinfile:
      path: /etc/hosts
      regexp: ‘^127.0.0.1’
      line: 127.0.0.1 ayad.com.cm.my
      owner: root
      group: root
      mode: 0644

Pods status in openshift

Wednesday, December 25th, 2019
kubectl get pods --all-namespaces
or 
oc get pods --all-namespaces

Ansible with_team

Wednesday, December 25th, 2019

  • hosts: webservers0
    tasks:
  • name: Execute a command using the shell module
    become: true
    become_user: root
    shell: touch {{ item }}
    with_items: “{{ groups[‘webservers0’] }}”

The following packages have pending transactions

Monday, December 23rd, 2019

here is the solutions

#Unfinished transaction remaining

$sudo yum install yum-utils

$yum-complete-transaction –cleanup-only

back and restore iptables

Thursday, December 19th, 2019


$ iptables-save > /path/to/iptables.bkp

$ systemctl restart iptables

$ iptables-restore < /path/to/iptables.bkp

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED

Monday, December 16th, 2019

If you faced the following error

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:CBrXeEtmY2R6dJNnmsiaEyJ4RvfcRE1+riCBX5/qQiA.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:5
ECDSA host key for host1.okd-testing.com has changed and you have requested strict checking.
Host key verification failed.

here is the solutions

Run the following command on the main host

ssh-keygen -R 192.168.1.123

make sure to change the ip to hostname or ip according to the issue. because the command will remove the cache.

Ansible playbook to install and start httpd

Sunday, December 15th, 2019


  • name: Playbook
  • hosts: webservers
  • become: yes
  • become_user: root
  • tasks:
    • name: ensure apache is at the latest version
      yum:
      name: httpd
      state: latest
    • name: ensure apache is running
      service:
      name: httpd
      state: started