Mounting certificates/CAs for elasticsearch pods in k8s for custom configurations – ECK

When you deploy elasticsearch in k8s via ECK by default it takes care of the transport certificates/http certificates/CA creation if you don’t use your own custom ones. Lets say that your cluster is up and running and now you are trying to configure something like SAML/LDAP/OIDC or something else that requires content to be made available to the elasticsearch pod but its a bit sensitive so you need it to be stored as a secret such as CA, certificates, etc. How would you go about doing this? Following example will add a custom certificate authority to be used with your… Continue Reading


Updated deploy-elastic script – version 9

Last update to version 8 is listed here The original post for the deploy-elastic.sh script is here Changes: Starting 7.12.x added node.roles. es01 & es02 is tagged as data_content & data_hot and es03 is tagged as data_frozen. This will allow users to play with the frozen tier, configure searchable snapshots, partically mounted indices, restored indices, and more. (make sure to run the script with snapshot option so that minio is stood up) LDAP mode was added. To test various role_mappings and for basic ldap authentication configurations and settings LDAP mode was added and it will work with any versions of… Continue Reading


Install and configure a database and a webserver – Migrated to a new server 2 of 4

This is the second section in the 4 part series of migrating my server Install and configure the host machine Install and configure a database and webserver – we are here Install and configure a mailserver Install and configure vaultwarden Tie everything back to 1. for backups, misc, etc Dockerized services I will configure a database and a webserver(mainly wordpress container) to listen internally only and not exposed to the outside network. I will also configure a nginx-proxy and letsencrypt to provide the access from the world to the wordpress site and to generate the letsencrypt certificate. Wanted to note… Continue Reading


Homemade Electrolyte Ice Cubes to replace tablets

I recently started cycling and with the North Texas summer heat decided that I need something more than just water to help me keep hydrated during the summer.  I started by taking nuun tablets and it’s very good but after taking the tablets for a while I noticed that the cost does add up and it does have many unnatural chemicals so I decided to research and come up with my own solution. I dislike coconut flavor, however, coconut water does provide a lot of electrolytes so one formula is based on coconut water and the other ginger.  Also, many… Continue Reading


mysql changing to utf8 and converting DB to utf8

by default mysql is installed as latin1 and sometimes it causes problems when your data is not always latin1. Follow the steps to change mysql to utf and also convert existing databases to UTF8 #1 backup your databases and convert it to UTF8 mysqldump -uusername -ppassword -c -e –default-character-set=utf8 –single-transaction –skip-set-charset –add-drop-database -B dbname -r dbname.utf8.dump.sql do this for each of your databases. #2 shutdown mysql service mysqld stop #3 edit /etc/my.cnf ADD to [mysqld] section # init_connect=’SET collation_connection = utf8_unicode_ci’ init_connect=’SET NAMES utf8′ character-set-server=utf8 collation-server=utf8_unicode_ci skip-character-set-client-handshake also [client] default-character-set=utf8 #4 restart mysqld service mysqld start #5 import your databases… Continue Reading


is it safe to use epel and rpmforge at the same time ?

There are many repositories that you can add onto your RHEL/CENTOS/FEDORA OS to install additional software. full list of repos can be found here http://wiki.centos.org/AdditionalResources/Repositories however is it safe to just add the repos and start installing packages? yes and no. We will configure priorities to setup the repos to keep packages from conflicting. Also you will want to protect the base OS installation so that there is less corruption/conflicts later on. step 1 – install the plugin if its not installed already yum install -y yum-plugin-priorities yum-plugin-protectbase step 2 – setup priorities for *-Base.repo that came with your OS… Continue Reading


NFS locking down ports for SLES

When you run NFS server it will pick random ports for mountd and nlockmgr which can change upon reboot causing nightmares when the nfs is going through a firewall. You can lock these ports down so that its not random anymore edit /etc/sysconfig/nfs and put in the following STATD_PORT=4001 LOCKD_TCPPORT=4002 LOCKD_UDPPORT=4002 MOUNTD_PORT=4003 and restart the nfs services now if you look at the port assignments via rpcinfo you will see that mountd and nlockmgr is locked into a specific port # rpcinfo -p program vers proto   port 100000    2   tcp    111  portmapper 100000    2   udp    111  portmapper 100003    2   udp  … Continue Reading


life updates

so again its been almost a year since my last post.  It seems that this blog only gets updated once a year lol.  Anyways its been a busy year for 2009.  Ethan’s been growing a bunch and I can tell that he will be a handfull.  We moved to a new house a much much bigger house but with much much bigger bills I think its oversized for our use and hope that the market will pick up soon so that we can turn it.  Lastly we had our second kid!! Her name is Heather and she is a beauty!!… Continue Reading