Enabling, Configuring RBAC, TLS Node Bootstrapping On An Existing Kubernetes Cluster – Part 7

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Configuring RBAC, TLS Node Bootstrapping On An Existing Kubernetes(1.11) Cluster. Below is a continuation to my previous post(S) part 1-6 on how to configure Kubernetes 3 Master Node cluster. In the post below I am going to show you. How to enable and configure RBAC on an your existing kubernetes cluster. how to automatically bootstrap […]

Read More

Configuring NAT Using PF Firewall in Solaris 11 / 12 Zones

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

Solaris 11/12 PF Firewall NAT Configuration Below is an update on how to configure NAT in Solaris 11/12, the original post used IPfilter(IPF). Since Solaris now officially switched to the BSD firewall(PF) I created the updated example below. Assumptions The network used in the kernel zones are 10.10.1.0/24 The network used on the global zone […]

Read More

Oracle ZFS Appliance(ZFSSA) LDAPS TLS / Diffie-Hellman(DH) SSL Rejected Due To Bit Length

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Workaround for Oracle ZFS Appliance(ZFSSA) LDAPS / TLS Reject When Using OUD I recently patched/upgraded firmware on a Oracle ZFS Appliance. Once the upgraded was completed, the ZFS Appliance LDAPS connections stopped working, the error was due to the ZFS Appliance rejecting the Diffie-Hellman(DH) Cipher being used in the LDAPS connections. It turns out the […]

Read More

Configuring Solaris 11 user as Primary Administrator

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Configuring a user as Primary Administrator in Solaris To configure a User in Solaris 11.2 as Primary Administrator follow the below steps Note: Primary Administrator was removed in Soalris 11.2 because its of a security concern. /etc/user_attr sshsvc::::type=roles;lock_after_retries=no;defaultpriv=all;profiles=Primary Administrator,All /etc/security/prof_attr.d/core-os Primary Administrator:::Can perform all administrative tasks:auths=solaris.*,solaris.grant;help=RtPriAdmin.html /etc/security/exec_attr.d/core-os Primary Administrator:suser:cmd:::*:uid=0;gid=0

Read More

Solaris IPFilter optimization

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

The default settings are quite conservative, and should be increased. user@opensolaris:~# ipfstat | grep lost fragment state(in): kept 0 lost 0 not fragmented 0 fragment state(out): kept 0 lost 0 not fragmented 0 packet state(in): kept 798 lost 100 packet state(out): kept 612 lost 234 The default settings are quite conservative. user@opensolaris:~# ipf -T list […]

Read More