SHANER.LIFE

Category: General

  • Fix vault-agent token expiring with auto_auth

    I recently discovered a “gotcha” when using vault-agent with auto_auth via approle. You must configure the approle being used for auto-auth to issue periodic tokens. If you don’t, your token will eventually hit the max_ttl and not be allowed to renew itself. Even if you set max_ttl=0 on the approle, it’ll eventually hit the default…

  • Slow iSCSI performance on ZFS Volumes (zvol)

    TL;DR: For reasons, don’t use ZVOLs for iSCSI volumes. Instead, just use a generic file. I’ve been reorganizing my lab a bit to consolidate some storage and wanted to experiment with iSCSI. I thought “wow, what a great use-case for ZFS ZVOLS…”. If you recall, ZFS has the ability to create block devices called ZVOLs.…

  • Finding Idle Cloud Desktops (Linux)

    Suppose you’re hosting remote Linux desktops in your cloud environment and want to discover which ones could be able to shutdown to save on valuable resources like money, RAM, or CPU. Most Linux remote desktop protocols still utilize Xorg (as opposed to Wayland) for their display server. Prime examples would be tigervnc, tightvnc, or X2go.…

  • Create SSL Cert and Key

    Sometimes during development you may find yourself needing an SSL certificate and key to test with. I’ve had to do this so much I went ahead and added the below function to my ~/.bashrc file. Now, I can create certs on-the-fly without having to look it up in my notes. Here’s how it looks in…

  • Windows VM using LXD

    It’s not entirely obvious how to create a Windows Virtual Machine when using LXD. Here are the most basic steps to get it up and running. This is largely for my own documentation but will probably help someone else out there I’m sure. The easiest option is to embed the VirtIO drivers directly into the…

  • Hashicorp Vault Dev Mode

    Ever needed to spin-up a quick Vault cluster to test commands or functionality? Sure, you could spin up minikube and deploy a helm chart, but what if you could do it even faster, without Kubernetes? Vault actually has some *currently* undocumented command-line options that can save you a ton of time. Read on, brother. I…