add linux user

initial server install- we started this linux stuff before packages were using the group 101. We like to use that group so NFS shares work without mappings

Fix /etc/groups, move group 101 out of the way
grep 101 /etc/groups
like change systemd-journal:x:101: to systemd-journal:x:128:
groupmod -g 128 systemd-journal
groupadd -g 101 homeuser

add a generic user with a homedir & bash
useradd -m -s /bin/bash sr
add a user with no homedir & no shell
useradd -M -s /dev/null no-reply
add phomlish
useradd -g 101 -u 501 -md /home/phomlish -s /bin/bash phomlish

install certs in .ssh
add phomlish to all groups that have paul

add swarm
groupadd -g 1002 swarm
useradd -g 1002 -u 1002 -m swarm

give sudo
usermod -aG sudo phomlish

for wsl, powershell:

wsl –user phomlish

kubernetes nginx

Installing nginx on kubernetes for localnet access (won’t be exposed to the internet)
Goal: TLS for prometheus and grafana

check
phomlish@a6:~/kubernetes/nginx$ pwd
/home/phomlish/kubernetes/nginx

kubernetes dashboard

token

kubectl -n kubernetes-dashboard create token admin-user –duration=0
eyJhbGciOiJSUzI1NiIsImtpZCI6IjA3UXBrR1JYRDdGaHNMZ0pNZHl5UkJ0QmNGeXBVOVlfUHhOS09wTkpQQzQifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjY3Mjk5MDE1LCJpYXQiOjE2NjcyOTU0MTUsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiM2U4OTQzNTUtMzFjNi00M2VlLTg5YTAtZTQxMzM2NWViMzMyIn19LCJuYmYiOjE2NjcyOTU0MTUsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.rtra01E-O1CzZpBi1ocoGIETSHAWHgAq77OdZIsiMXhCKyv9bXHKCbqR-4AfGaXzEo_8W0GbHcMa_43BzVQXsrb15jIxTmEK6VgEKHD5a5KUesBd6DxEtx1pzcwgGptyb7uQY0kE_dycI7RAN8khujiFIIg2tZYCg7Vt0Um0ewD6pMy25vwRRj65uc0ROy8Q4fkq-FDnSJAerY5bPQmMC2OSFMmMyU117ZDhRAyHMv53LEy9S2t8iR2tEjBxKjB4lNo_KBjI1jx0EfTn5tIGM6yG15jIMoe3nnxyshN7kH1Fy3ITqpMU1QBWGQyiDRryEp8DuKbEMzDTGFawmE2V_Q

k -n kubernetes-dashboard get sa
NAME SECRETS AGE
admin-user 0 35d
default 0 35d
kubernetes-dashboard 0 35d

k -n kubernetes-dashboard describe sa admin-user
Name: admin-user
Namespace: kubernetes-dashboard
Labels:
Annotations:
Image pull secrets:
Mountable secrets:
Tokens:
Events:

k -n kubernetes-dashboard get secrets
NAME TYPE DATA AGE
kubernetes-dashboard-certs Opaque 5 35d
kubernetes-dashboard-csrf Opaque 1 35d
kubernetes-dashboard-key-holder Opaque 2 35d

Continue reading “kubernetes dashboard”