I finally wanted to setup my own kubernetes cluster as everyone I talk to, said its the hottest shit. I’m using three VMs, hosted at Netcup running the latest Debian 9 Stretch build. I’ve installed most basic tools for me and also already set up docker using this amazing ansible role. Make sure to disable any swap you have configured – kubelet will not start otherwise. The documentation on how to install things is pretty good, but I’ve missed some details, that I banged my head on, so I will copy most snippets over for future reference. Keep in mind, that this might have already changed and is no longer working at the time you read this. First install all needed CLI tools on each of the three hosts: apt-get update && apt-get install -y apt-transport-https curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add – cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb http://apt.kubernetes.io/ kubernetes-xenial main EOF apt-get update apt-get install -y kubelet kubeadm kubectl Start the systemd Service for kubelet, our kubernetes manager – also on every node. systemctl enable kubelet && systemctl start kubelet Now the docs are a bit unspecific, but here’s a command to set the correct cgroup on Debian 9. […]
Author: Kordian Bruck
Termina(l)te your way in style
Usually I love to use guake as my terminal in gnome, as it quickly hides using the F12 key and you always have your terminal in reach. When doing more server heavy tasks, I often end up having several tabs in guake which tends to be messy. In those cases I love to use Terminator – the ultimate Terminal. Quickly installed using the following: # Debian / Ubuntu apt install terminator # Arch Linux pacman -S terminator Then you can use the following keyboard shortcuts to easily spawn new terminals the GUI way, instead of using tmux. Ctrl-Shift-E: will split the view vertically Ctrl-Shift-O: will split the view horizontally Ctrl-Shift-W: will close the view where the focus is on Ctrl-Shift-Q: will exit terminator As a good friend and I today noticed: using all those fancy commands like tmux directly might be faster, but sometimes the GUI way is easier and more intuitive.
Arch Linux: Touchpad right click no longer working
I’ve been using Arch on my XPS 2015 edition since the very beginning. Not only was the support of the software components newer/better than Dell’s official Ubuntu version for the developer edition, but also I absolutely love the rolling release before it was cool. So as we are bleeding edge, sometimes things break. Arch moved over to wayland some time ago, but like two days ago my touchpad’s right & middle click stopped working. Quick google search later revealed, that my gnome settings had the following option set to ‘fingers’. That didn’t work as my XPS has ‘areas’ – so switching it over with this simple command, fixed things for me. gsettings set org.gnome.desktop.peripherals.touchpad click-method ‘areas’
Easily add your Github SSH Keys to any Server or Docker Image
The default way to copy your ssh key(s) to a remote server is to use the ssh-copy-id command. This will create a secure connection to the remote server over SSH and then check if the user exists, create the folder&files if needed and add your keys. Works, Easy, Simple. My problem is, that often I’m already in the shell and I logged in with some password combination, that I would need to enter a second time to copy my ids. Also I don’t always have all my keys on one machine. As I often get asked by my colleagues, what my SSH keys are, there is a nifty trick you can do, instead of sending them over via E-Mail. Github allows to get your public SSH keys with only your username: https://github.com/<username>.keys So with a little bit of magic we can utilize this and run the following command on an existing SSH connection to create a new authorized_keys file and download our keys from Github to the file. curl https://github.com/kordianbruck.keys > ~/.ssh/authorized_keys Easy! You can always use >> instead to append your keys. This can also be used in automated docker builds, where you have a SSH server running inside your container (which […]
Github requires referer header field to login
So I’ve had this happen for some time now and could not determine the perpetrator as it was happening not really too often. From time to time I would encounter a error when trying to Login to Github: Oops! Something went wrong. Please try again later. In many cases this was related to something using oAuth but not in mine. I simply wanted to login to Github as usual. So after some trial and error, I’ve noticed that disabling the “Referer Control” extension in chrome or chromium would solve the issue. My guess is they simply use that to prevent XSRF attacks. Solution: Add an exception in the settings for Github as shown below
LetsEncrypt now used everywhere
So today I decided to move all my certificates from StartSSL to LetsEncrypt. Not only is StartSSL really a bad CA with recent problems, but also they limit you with several obstacles that just don’t make any sense. They really just want you to sign up for one of their “great” extended validation thingys. Over the last couple months they have really improved the web interface but still this is not enough to deal with today’s challenges of delivering secure connections to users easily. Their new APIs and StartEncrypt service are merely a late effort, trying to outbid LE with a worse service. Not worth the time or effort. The biggest problem is, that today I run multiple domains on my server and I need to provide one single certificate with all domains via Dovecot / Postfix. StartSSL allows you to have up to five domain names in the certificates they sign. (For example www.bruck.me and bruck.me would be a total of two domain names) So I’ve ran out of the possibility of using all my domains with one StartSSL certificate. Well, LE offers up to 100 domain names in one certificate. Of course wildcard certificates would be nicer, but […]
“libGL error: unable to load driver: i965_dri.so” fix
So I actually rarely encounter any problems with my Arch Linux, but sometimes they just want to see the world burn. Apparently after updating the mesa driver, so library got lost.
Easy fix:
# Arch Linux
mv ~/Android/Sdk/tools/lib64/libstdc++/libstdc++.so.6{,.bak}
mv ~/Android/Sdk/tools/lib64/libstdc++/libstdc++.so.6.0.18{,.bak}
ln -s /usr/lib/libstdc++.so ~/Android/Sdk/tools/lib64/libstdc++/Thanks to proft.me for providing this!
Featured on Codementor – 25 PHP Interview Questions
I’m glad to be part of the amazing community at codementor.io. In the past years I’ve been able to talk and help many different people with a range of problems. Often some hints and good advice was enough to point them in the right direction and I really enjoy teaching other people. Codementor recently approached me and asked me if I could contribute some questions from my experience in the last years to their blog post “25 PHP Interview Questions”. I’m happy they found my suggestions useful and featured me in that article! Hope it helps some developers that are just getting to know the world of PHP and all its hiccups. Don’t forget to check out my profile on codementor!
Properly setup proguard for an Android project
When dealing with an Android project you want to use Proguard to minify, shrink and possibly even obfuscate the code. The gains from this are huge and many smart minds have put a lot of thought into Proguard. We encountered that the TUM Campus App shrinked from 20 Megabytes to just 9 Megabytes with all the optimization in place – huge savings if you deploy it to 10k+ clients! Really if you are not using this in your project currently you must be insane! Anyways if you rely on external Libraries like Retrofit (Which is totally awesome, use it!) then you need to add some proguard rules in order to tell it what not to remove from those libs because it is really required but maybe not directly used. Mostly that is some models which get serialized and you might encounter some warnings but those don’t really are not interesting to you as a lib user. This repository has a great collection on proguard files for various libs. Use it, don’t reinvent the wheel!
Git command of the day: git remote prune
In this series of posts I’ll document useful git commands ready to copy&paste which nobody knows by heart but you need once in a while. Today:
git remote prune <name>
From the docs:
prune
Deletes all stale remote-tracking branches under <name>. These stale branches have already been removed from the remote repository referenced by <name>, but are still locally available in “remotes/<name>”.
With
--dry-runoption, report what branches will be pruned, but do not actually prune them.
Very useful when working with Github and you just merged a PR then usually you also delete the branch on the remote immediately after. This does not however delete the branch from your local repository and over time it can get messy. With this simple command you delete all local references tracking upstream branches which were deleted on the server. If your remote is called origin then just type enter it like so::
git remote prune origin