blog [AdminSysGNULinux]

blog

Table des matières

4 billet(s) pour janvier 2026

2026:
- janvier

2025:
- mars
- avril
- mai
- juin
- juillet
- août
- septembre
- octobre
- novembre
- décembre

4 billet(s) pour janvier 2026

AWX sur K8S Kind - partage de fichier pour les blob - Execution pods	2026/01/26 10:15	Jean-Baptiste
Notes rsh rcp	2026/01/21 18:08	Jean-Baptiste
Git - Duplication d'un dépôt	2026/01/19 10:22	Jean-Baptiste
Exemple simple de conf Nagios	2026/01/14 10:07	Jean-Baptiste

Notes Containerd et CRI

Install

Voir :

CRI ctr crictl

Voir :

ctr tasks list
sudo ctr containers ls
sudo ctr -n k8s.io containers ls

$ sudo crictl ps --label=io.kubernetes.container.name=etcd
WARN[0000] runtime connect using default endpoints: [unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead. 
WARN[0000] image connect using default endpoints: [unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead. 
CONTAINER           IMAGE               CREATED             STATE               NAME                ATTEMPT             POD ID              POD
26ad6c508d95f       2e96e5913fc06       53 minutes ago      Running             etcd                3                   7adfdae770dbc       etcd-vmdeb01.local

$ sudo ctr -n k8s.io containers ls |grep etcd
26ad6c508d95f60c42468e683334b01ac46a983d0dc145f05c50e94fb27ab2a4    registry.k8s.io/etcd:3.5.15-0                      io.containerd.runc.v2    
e2deef7ab12b892a88ec02e1b4956617a95bc2418ebd05d9112d650b4a6827a4    registry.k8s.io/etcd:3.5.15-0                      io.containerd.runc.v2 

$ sudo crictl inspect 26ad6c508d95f60c42468e683334b01ac46a983d0dc145f05c50e94fb27ab2a4 2>/dev/null | jq '.status.state' 
"CONTAINER_RUNNING"
$ sudo crictl inspect e2deef7ab12b892a88ec02e1b4956617a95bc2418ebd05d9112d650b4a6827a4 2>/dev/null | jq '.status.state'
"CONTAINER_EXITED"

$ sudo crictl pods --name etcd
WARN[0000] runtime connect using default endpoints: [unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead. 
POD ID              CREATED             STATE               NAME                 NAMESPACE           ATTEMPT             RUNTIME
7adfdae770dbc       About an hour ago   Ready               etcd-vmdeb01.local   kube-system         1                   (default)
d258693e868f9       21 hours ago        NotReady            etcd-vmdeb01.local   kube-system         0                   (default)

sudo crictl pods --name etcd -o yaml
 
# list pods by label
$ crictl pods --label component=kube-apiserver
 
# get the latest pod
$ crictl pods --latest
 
crictl logs 87d3992f84f74

Pb

Pb Kubeadm 1

root@vmdeb02:~# kubeadm init
[init] Using Kubernetes version: v1.29.0
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR CRI]: container runtime is not running: output: time="2023-12-19T04:03:10-06:00" level=fatal msg="validate service connection: validate CRI v1 runtime API for endpoint \"unix:///var/run/containerd/containerd.sock\": rpc error: code = Unimplemented desc = unknown service runtime.v1.RuntimeService"
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

Et / ou

# systemctl status containerd.service
Sep 10 09:35:34 vmdeb01 containerd[18699]: time="2024-09-10T09:35:34.364662398Z" level=error msg="copy shim log" error="read /proc/self/fd/17: file already closed" namespace=k8s.io

Solution

/etc/containerd/config.toml

#disabled_plugins = ["cri"]
disabled_plugins = []

Et

systemctl restart containerd.service

Voir

zcat /usr/share/man/man5/containerd-config.toml.5.gz |sed -ne '/\.EX/,/\.EE/p' > /etc/containerd/config.toml.exemple1
containerd config default > /etc/containerd/config.toml.exemple2

/etc/containerd/config.toml

disabled_plugins = [""]
 
#root = "/var/lib/containerd"
#state = "/run/containerd"
#subreaper = true
#oom_score = 0
 
#[grpc]
# address = "/run/containerd/containerd.sock"
# uid = 0
# gid = 0
 
#[debug]
# address = "/run/containerd/debug.sock"
# uid = 0
# gid = 0
# level = "info"
 
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true

Voir https://k8s.myprivatelab.tech/deploiement_serveur_kubernetes_v2

Autres

zcat /usr/share/man/man5/containerd-config.toml.5.gz |sed -ne '/\.EX/,/\.EE/p' > /etc/containerd/config.toml.exemple

En cas de Pb désactiver Faut-il désactiver AppArmor / SELinux

Désactiver AppArmor

systemctl disable --now apparmor

2025/03/24 15:06

brouillon, k8s, docker

Notes Console - Terminal

Couleur

Un peu de couleurs

env S_COLORS=always sar -A | less -R -S
env S_COLORS=always sar -n DEV | grep --color=never eth0

watch --color env ANSIBLE_FORCE_COLOR=true ansible localhost -m async_status -a "jid=j918561124738.218554"

Voir aussi :

dircolors

Scripts lancer aux logins

Pour désactiver certains messages

touch ~/.hushlogin

Pb

Erreur screen: Unknown terminal type

Sur AIX

srv1@root /root #> vi
screen: Unknown terminal type
 [Hit return to continue]

tmux fixe TERM à screen à la place de xterm

Solution

export TERM=vt101
 
# A tester
# export TERM=linux
# export TERM=linux-vt

Voir TERM - Available builtin terminals

Erreur 072W Failed to audit keystrokes within the configured time frame. Code: 1

072W Failed to audit keystrokes within the configured time frame. Code: 1

La session est enregistrée, CyberArk où qqch du genre.

Par de solution connue à par relancer la connexion

2025/03/24 15:06

brouillon, console, ca

Notes configuration kernel Linux

Pour criu (snapshot process)

http://criu.org/Installation

The following options must be enabled for CRIU to work:

    General setup options
        CONFIG_CHECKPOINT_RESTORE=y (Checkpoint/restore support)
        CONFIG_NAMESPACES=y (Namespaces support)
        CONFIG_UTS_NS=y (Namespaces support -> UTS namespace)
        CONFIG_IPC_NS=y (Namespaces support -> IPC namespace)
        CONFIG_PID_NS=y (Namespaces support -> PID namespaces)
        CONFIG_NET_NS=y (Namespaces support -> Network namespace)
        CONFIG_FHANDLE=y (Open by fhandle syscalls)
        CONFIG_EVENTFD=y (Enable eventfd() system call)
        CONFIG_EPOLL=y (Enable eventpoll support)
    Networking support -> Networking options options for sock-diag subsystem
        CONFIG_UNIX_DIAG=y (Unix domain sockets -> UNIX: socket monitoring interface)
        CONFIG_INET_DIAG=y (TCP/IP networking -> INET: socket monitoring interface)
        CONFIG_INET_UDP_DIAG=y (TCP/IP networking -> INET: socket monitoring interface -> UDP: socket monitoring interface)
        CONFIG_PACKET_DIAG=y (Packet socket -> Packet: sockets monitoring interface)
        CONFIG_NETLINK_DIAG=y (Netlink socket -> Netlink: sockets monitoring interface)
    Other options
        CONFIG_INOTIFY_USER=y (File systems -> Inotify support for userspace)
        CONFIG_IA32_EMULATION=y (x86 only) (Executable file formats -> Emulations -> IA32 Emulation)

Pour cgroup

Pour Dump Mem (passer à n pour accès à /dev/mem)

CONFIG_STRICT_DEVMEM=y

2025/03/24 15:06

brouillon, kernel, linux

Notes compression

pigz/unpigz remplace gzip

7z 7zip PeaZip

lzop, lz4 pour la rapidité (similaire à gzip)

xz / pxz pour la compression

pbzip2

rsync ⇒ voir gzip --rsyncable

ppack_lz.sh

#!/bin/sh
 
PARALLEL="$(nproc --ignore=1)"
 
EXT="${0##*_}"
 
case "$EXT" in
     bz2) CMD='bzip2 -9'                              ;;
     gz)  CMD='gzip -9'                               ;;
     lz)  CMD='lzip -9'                               ;;
     xz)  CMD='xz -9e'                                ;;
     zst) CMD='zstd --rm --single-thread --ultra -22' ;;
esac
 
 
if [ -z "$1" ]
then echo "Specify files to pack into ${EXT} files."
else for x
     do printf '%s\0' "$x"
     done | nice xargs -0 -L 1 -P "$PARALLEL" $CMD
fi

Source : https://www.linuxjournal.com/content/parallel-shells-xargs-utilize-all-your-cpu-cores-unix-and-windows

2025/03/24 15:06

Notes compilation C C++

cmake .
make

Erreur :

fatal error: opencv2/cudaimgproc.hpp: No such file or directory
 #include <opencv2/cudaimgproc.hpp>

$ locate cudaimgproc.hpp
/usr/lib/opencv3.3/include/opencv2/cudaimgproc.hpp
$ export CPLUS_INCLUDE_PATH=/usr/lib/opencv3.3/include
$ make

Autres

export CFLAGS="$CFLAGS -I/usr/lib/opencv3.3/include" ; export CPPFLAGS="$CPPFLAGS -I/usr/lib/opencv3.3/include"
 
pkg-config --libs --cflags opencv
mkdir -p /usr/local/lib/pkgconfig
cp -p /usr/lib/opencv3.3/lib/pkgconfig/opencv.pc  /usr/local/lib/pkgconfig/opencv.pc
pkg-config --libs --cflags opencv

Obliger les binaires à chercher tout ce qui est dynamique dans un répertoire particulier grâce à des commandes comme : patchelf --set-rpath et patchelf --set-interpreter

2025/03/24 15:06

brouillon, lang

<< Billets récents | Anciens billets >>

blog.txt · Dernière modification : 2025/03/24 15:06 de 127.0.0.1