Articles
What is this 'Anonymous' policy configured by the 3scale toolbox?
In this article on the Red Hat Developer blog, I explained how to deploy an API from the CLI, using the 3scale toolbox. If you tried this approach by yourself you may end up, sooner or later, with a 3scale service including an Anonymous policy in its policy chain. What is this policy and why is it there? Let’s dig in! Continuer la lecture
What is this 'URL Rewriting' policy configured by the 3scale toolbox?
In this article on the Red Hat Developer blog, I explained how to deploy an API from a Jenkins Pipeline, using the 3scale toolbox. If you tried this approach by yourself you may have noticed that in some cases, the configured service includes the URL Rewriting policy in its Policy Chain. Continuer la lecture
Configure the TLS trust store in Apicurio Studio
Microcks and Apicurio are nice Open Source projects that can even talk to each other to deliver greater value than the sum of their parts. Unfortunately, sometimes TLS certificates can get in the way of proper communication between the two projects. This post explains how to configure the trust store in Apicurio to overcome TLS communication issues between Apicurio and Microcks. Continuer la lecture
Running Red Hat SSO outside of OpenShift
In an article named Red Hat Single Sign-On: Give it a try for no cost!, I explained how to deploy Red Hat SSO very easily in any OpenShift cluster. As pointed by a reader in a comment, as widespread OpenShift can be, not everyone has access to a running OpenShift cluster. So, here is how to run Red Hat SSO outside of OpenShift: using only plain Docker commands. Continuer la lecture
Solving the Ansible error 'This module requires the OpenShift Python client'
If you are using MacOS to develop Operators based on Ansible or simply running Ansible playbooks straight from your Mac, you might encounter this error: This module requires the OpenShift Python client. When coping with this error message, two items need to be checked: The openshift python module needs to be installed using the pip command bundled with your Ansible. If you are not using the implicit localhost, your inventory needs to be updated. Continuer la lecture
Enable global policies on Apicast 3.6
Recent versions of Apicast have a pluggable policy mechanism to apply different treatments to each exposed API. This is very powerful since each service receives its specific configuration. However, if the same treatment has to be applied to every service exposed, it becomes an administration overhead. Hopefully, Apicast has the concept of Global Policies that applies to every service exposed by itself. Continuer la lecture
One-liner to decode a Kubernetes secret (base64 encoded)
Creating a Kubernetes secret from a value is easy: $ oc create secret generic my-secret --from-literal=secretValue=super-secret secret/my-secret created But getting back this value (from a Shell script, for instance) is not so easy since it is now base64 encoded: $ oc get secret my-secret -o yaml apiVersion: v1 kind: Secret metadata: name: my-secret namespace: qlkube type: Opaque data: secretValue: c3VwZXItc2VjcmV0 Hopefully, since the latest versions of Kubernetes, there is now a one-liner to extract the field and base64 decode it: Continuer la lecture
Use QLKube to query the Kubernetes API
QLKube is a project that exposes the Kubernetes API as GraphQL. GraphQL is a data query and manipulation language for APIs developed initially by Facebook and released as open-source. It strives to reduce the chattiness clients can experience when querying REST APIs. It is very useful for mobile application and web development: by reducing the number of roundtrips needed to fetch the relevant data and by fetching only the needed field, the network usage is greatly reduced. Continuer la lecture
Bash Snippet: Print a config file without comments
Logging in on a server, printing a configuration file and trying to find the relevant setting from thousands of comment lines. Sounds familiar? Not that comments are useless in a configuration file but sometimes it’s handy to print a configuration file without the comment lines. Especially when the file is thousand lines long but the useful lines fit the twenty five lines of a standard terminal. Continuer la lecture
Is my NTP daemon working?
If the time on your workstation or server is not stable, strange errors might appear, such as: $ tar zxvf /tmp/archive.tgz tar: my-file: time stamp 2019-03-28 14:04:45 is 0.042713488 s in the future This can happen when your NTP daemon is not synchronized. This means it cannot reliably determine the current time. Continuer la lecture