Create a secret containing a TLS certificate

January 5, 2020January 5, 2020 Jonas Dahlgren kubernetes icp, kubernetes

Example code to create a secret in namespace lab containing a certificate to be used with an ingress for example.

kubectl -n lab create secret tls tls-icp-cert-com --cert=cert.pem --key=cert.key

Docker and macvlan

October 11, 2018October 11, 2018 Jonas Dahlgren Docker, networking

If you want to use docker containers in your regular LAN subnet you need to setup a new Docker network with macvlan driver.

First create your Docker network. — ip-range specifies all addresses that Docker will manage. Chose a part of your subnet outside your DHCP-scoop if you have one to avoid ip conflicts.
–aux-address=’host=192.168.6.4′ docker_net is tied to your host interface to allow your containers to comunicate with your host.
[root@docker01 ~]# docker network create -d macvlan -o parent=ens224 \ --subnet 192.168.6.0/24 \ --gateway 192.168.6.1 \ --ip-range 192.168.6.192/27 \ --aux-address='host=192.168.6.4' docker_net

As you can see when running docker network ls we have a new network called docker_net with macvlan driver.

Next step is to create a macvlan interface, in this example called docker_int.
[root@docker01 ~]# ip addr add docker_int link ens224 type macvlan mode bridge

Configure the interface with your selected host address and bring it up. Last step is to add a IP route to tell your host how to connect to to al Docker containers.
[root@docker01 ~]# ip link add docker_int link ens224 type macvlan mode bridge [root@docker01 ~]# ip link set docker-shim up [root@docker01 ~]# ip route add 192.168.1.192/27 dev docker_int

Run a container and connect it to docker_net
[root@docker01 ~]# docker run nginx -network docker_net

If you want to check container ip run:
[root@docker01 ~]# docker inspect CONTAINER_ID

Batch create portgroups

April 25, 2018April 25, 2018 Jonas Dahlgren powercli, powershell

How to create new portgroups in a VD Switch from a CSV-file. Very handy when adding several portgroups at one time.

$file = Import-Csv -path "c:\vlan.csv"
foreach ($row in $file)
{
	New-VDPortgroup -VDSwitch dvSwitch_LAB1 -Name $row.name -VlanId $row.vlanid
}

Invoke webrequest example

March 11, 2018September 9, 2018 Jonas Dahlgren powershell

This example uses invoke-webrequest to retrieve computer information from a company reporting webpage. Only text inside TD elements are stored in a array for future use and added to a PSObject.

function Get-ComputerInfo
{
	[CmdletBinding()]
	param
(
		[parameter(
			 ValueFromPipeline = $true,
			 position = 0,
			 Mandatory = $true)]
	[string]$computername
)

	process
	{
		$Request = @{
			'domain'	  = 'domain1.company.net'
			'name'    = $computername
		}
		$lab = Invoke-WebRequest -Uri https://reporting.company.net/searchcomputer.php -Body $Request -Method Post
		
		$output = $lab.ParsedHtml.body.getElementsBytagname('TD') | select -expand innerhtml
		
		if ($output[7] -match '\D\d\d\d\d\d\d\d')
		{
			$user = Get-ADUser -Identity $output[7] | select -ExpandProperty name
		}
		else
		{
			$user = "Unknown"
			$output[7]= "Unknown"
		}
		
		$result = New-Object PSObject -Property @{
			Computername	    = $output[0];
			OU				    = $output[2];
			IP				    = $output[6];
			OS				    = $output[3];
			LastUser		    = $output[7];
			LastUSerFullName    = $user;
			LastSeen		    = $output[5];
			Master			    = $output[4];
		}
		Write-Output $result | select computername, ou, ip, os, master, lastuser, lastuserfullname, lastseen
	}#End Process
}

Migrate VMs between clusters with powecli

November 8, 2017December 7, 2017 Jonas Dahlgren powercli, powershell

A short script to migrate VMs to a new cluster or host. Migrates one vm at a time to save network bandwith. After migration it upgrades Vmware tools to match current host version.

Takes a CSV file as input with VMs to migrate.

Param (
	[Parameter (Mandatory = $True)]
	$file
)
$vms = Import-Csv $file

foreach ($vm in $vms)
{
	Write-Host "Migrating VM" $vm.name
	Move-VM -VM $vm.name -Destination Cluster01
	Write-Host "Updating Vm-tools on " $vm.name
	Update-Tools -VM $vm.name -NoReboot
}

Filter all IPv6 traffic on HPE procurve switches

September 27, 2017September 27, 2017 Jonas Dahlgren HP Procurve, networking hpe, IPv6, Network, Procurve

This config will dropp all ipv6 packages on vlan 1
ASW-02# conf ASW-02(config)# ipv6 access-list "drop-all-v6" ASW-02(config-ipv6-acl)# 10 deny ipv6 ::/0 ::/0 ASW-02(config-ipv6-acl)# exit ASW-02(config)# vlan 1 ASW-02(vlan-1)# ipv6 access-group "drop-all-v6" vlan ASW-02(vlan-1)#

Create AD users from a CSV-file

July 3, 2017 Jonas Dahlgren Uncategorized

Here is an example of a script to create AD users from a CSV-file and assign a temoporary password.

param
(
	[parameter(Mandatory = $true)]
	$infile,
	$output
)

$OU = "OU=Users,DC=PSLABB,Dc=local"

$users = Import-Csv -Path $infile


foreach ($user in $users)
{
	$rand = Get-Random -Minimum 1000 -Maximum 9999
	$pwd = "Temp$rand"
	$name = "$($user.givenname)" + " " + $($user.surname)
	
	New-ADUser -Name $name -GivenName $user.Givenname -Surname $user.Surname -SamAccountName $user.username -user $user.username -Description "Tempuser" -path $ou -enabled $true -AccountPassword (convertTo-securestring -AsPlainText "Temp$rand" -Force)
	
	$details = @{
		'Name'= $name;
		'username'  = $($user.username);
		'Password'     = $pwd
	}
	$results = New-Object PSObject -Property $details
	$results | Export-Csv -Path $output -NoTypeInformation -Append
	
}

Jonas Dahlgren's Blog

Some scripts and other IT related tasks.