Let me take you on an adventure.

Today I needed to access a service inside a corporate network, but the service is firewalled from external use, and also from access via the VPN.

The suggestion was to use a machine already internal to the network and some port forwarding to get around this restriction. Ahah, I can get around this with a small container on the OpenShift cluster I thought.

So I need a tiny container just for forwarding ports. Google turned up - https://github.com/derkork/socat-openshift.

Warning - this reduces security

Find the id of the container, you can list active containers with:

pct list

Edit the container config like:

vim /etc/pve/lxc/113.conf

Add the extra lines:

lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop:

Shutdown and restart the container.

To enable aufs/overlay in the container, it actually needs to be loaded on the proxmox host, this can be done with:

Sometimes you need to push images into the OpenShift registry locally for testing, the steps involved are below. Note that I start/stop local Openshift development with a command which includes:

BASE_DIR="/openshift/project"
export OPENSHIFT=$(ip addr show docker0 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1)
oc cluster up --base-dir=${BASE_DIR} --public-hostname=${OPENSHIFT}

Which means it consistently listens on 172.17.0.1 which is available from within and outside of the OpenShift cluster, which 127.0.0.1 isn't.

When developing, often there are parts of the project that are worth releasing as separate independent projects. There is a tool from the Symfony authors - https://github.com/splitsh/lite - which can assist, but it took a little working out.

The script I've ended up using is below. I run it from the root of the project.

It should be usable by simply adjusting the few variables are the top and then run the script with bash.

While working on a timekeeping module I encountered an issue that couldn't be resolved with the config/install & config/optional combinations. This module requires other modules to be installed first, but then some field group manipulation was needed to add the timekeeping tab into the tabs on the main page, luckily, there are tests on the field group module, so with a bit of looking through tests and experimenting, it ends up like this:

hook_install() code

`Had this problem earlier today. Could reconnect the mouse by removing the Bluetooth connection and re-doing it, but that should not be required.

Note: Updated slightly now rancher 2.0 is GA.

There are a couple of tricks, but it is possible to get the Rancher beta running in an lxc container with some tweaks. Firstly, the lxc profile needs to be tweaked:

lxc profile edit default

The defaults that worked for me were:

Sometimes, containers die, and you need to look inside to resolve, this one liner allows a quick way to adjust the 'container_name' and it will drop you right into the container so you can look around, then cleanup afterwards.

CTR="container_name"; docker commit $(docker ps -a | egrep " ${CTR}$" | awk '{ print $1 }') test; docker run --rm -ti --entrypoint=bash test; docker rmi test

Or maybe as a script, something like:

I've been developing for Drupal over the last 3 years using Ubuntu as my OS of choice, but changes mean that its time to reinstall Windows on the X1 Carbon.

After a Windows install and some(!) updates, things are ready for my setup which includes:

The systemd included in ubuntu zesty doesn't work nicely with dnsmasq by default, which is a pain if you are a developer and want to setup a local .test or similar domain. The way around this is to change the /etc/systemd/resolved.conf and uncomment/add a line like:
 

DNSStubListener=no

Then setup you dnsmasq as normal, probably by creating a file /etc/dnsmasq.d/test with the contents: