Increase Vm size installed by Vagrant
Install this plugin:
vagrant plugin install vagrant-disksize
Edit the
Vagrantfile
:
Vagrant.configure('2') do |config| ... config.vm.box = 'ubuntu/xenial64' config.disksize.size = '50GB' ... end
vagrant halt
vagrant up
On Ubuntu 18.04 VM, the main filesystem is resized automatically after we run `vagrant up`
On Centos 7 VM, only the virtual disk size is resized, and we need to resize the filesystem manually.
On suing kubectl
DNS, Docker and Ubuntu, the love story
From Ubuntu 18.04 a new tool is in use when it comes to DNS resolution : systemd-resolved (pronounce System D resolve D)
Systemd-resolved will be called upon reception of a DHCP reply ( called through dhclient hooks) and will store the nameservers for its own use. The /etc/resolv.conf is populated with the address 127.0.0.53, pointing to systemd-resolved.
The recent versions of Docker have been fixed related to the systemd-resolved integration. Hence Docker will not give 8.8.8.8 and 8.8.4.4 anymore but will parse the DNS address from systemd-resolved and give this to the containers.
https://github.com/moby/moby/pull/37485 This is the fix
SSH key file format
During the uplift to CentOS Stream 9 and Ubuntu 22.04 we encountered some ssh key issues and decided to move to a new format. The most secure and recommended key format seems to be Ed25519. You can generate a key like this:
ssh-keygen -t ed25519
Then add it to openstack through GUI or with this:
openstack keypair create --public-key <path-to-public-ed25519-key> <name-of-keypair-to-create>
For those who want more background on this, there is a good page on Arch wiki here.
The gist is that RSA can still be considered safe if using a long enough key and a good signing algorithm. It is mainly the signing algorithm used by packer that has been causing problems for us, since it has been disabled by default in these versions. But Ed25519 is considered safer and gives better performance, plus it does not have the issue with weaker signing algorithms. So by using this format we are a bit more future proof and avoid some issues.