Iam getting a message as No package kubectl available while installing kubectl
I have followed the documentation mentioned here
for CentOS VERSION="7 (Core)" , Linux kernel version = 3.10.0-862.14.4.el7.x8
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
yum search kubectl
yum install -y kubectl
when it is executing the command yum search kubectl it is giving the following logs
yum -y search kubectl
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirror.ancl.hawaii.edu
* epel: fedora-epel.mirrors.tds.net
* extras: centos-distro.1gservers.com
* updates: centos.mirror.lstn.net
Retrieving key from https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0x.......(some value):
Userid : "Google Cloud Packages RPM Signing Key <gc-team#google.com>"
Fingerprint: xxxx xxxx ... (some value)
From : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
=============================== Matched: kubectl ===============================
kubernetes-client.x86_64 : Kubernetes client tools
$ yum install -y kubectl
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
* base: mirror.ancl.hawaii.edu
* epel: fedora-epel.mirrors.tds.net
* extras: centos-distro.1gservers.com
* updates: centos.mirror.lstn.net
No package kubectl available.
Error: Nothing to do
I think it is not retrieving the key from "https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg"
The package is clearly available from that repository, so we just need to check your configuration to make sure we can install it.
<package pkgid="3d5dd3e6a783afcd660f9954dec3999efa7e498cac2c14d63725fafa1b264f14" name="kubectl" arch="x86_64"><version epoch="0" ver="1.15.0" rel="0"/><file>/usr/bin/kubectl</file></package>
Source: https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/filelists.xml
I would first check that A)/etc/yum.repos.d/kubernetes.repo actually exists, and B) that the contents match, i.e., via cat /etc/yum.repos.d/kubernetes.repo.
Next, both of the commands below can be used to search for the kubectl package.
# Using search
yum search kubectl
# Using grep
yum list | grep kubectl
For importing the GPG key for use with yum, see the following answer:
https://unix.stackexchange.com/q/337257/247886
Try with this:
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
yum install -y kubelet kubeadm kubectl
You may also try to install a specific version by executing: yum install -y kubelet-<version> kubectl-<version> kubeadm-<version>
Always make sure your versions satisfy dependency requirements.
If you have some older versions, uninstall them first.
You may also consider using kubeadm init.
Please let me know if that helped.
Ideally it should work with kubernetes.repo file also but it didn't work in my case. So installed using below steps from the official documentation and it was successful.
curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.15.0/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
Related
I'm trying to start a redis server with the support for tls. Based on the documentation (https://redis.io/topics/rediscli) I execute this command:
redis-cli -a xxxxxxxxx --tls --cacert ../config/certs/test-ca.crt
But it return this error:
Unrecognized option or bad number of args for: '--tls'
My redis-cli version is 6.0.9
I can't figure out what am I missing. How can I fix this?
When you performed make of the redis, you should run as:
make BUILD_TLS=yes
Install dependencies
update package information from repo
sudo apt update
install build dependencies
sudo apt install -y build-essential pkg-config libssl-dev tcl libjemalloc-dev wget
Download and extract the redis-cli source file
download the package
wget http://download.redis.io/redis-stable.tar.gz
extract the package
tar xvzf redis-stable.tar.gz
go inside the extracted directory
cd redis-stable
Build with tls enabled
remove previously generated build files
make distclean
build with tls option
make BUILD_TLS=yes
Once completed you can validate the build and connect to Redis-server
validate the redis-cli
Redis-CLI -h localhost -p 6379 --tls
localhost:6379> INFO SSL
SSL
ssl_enabled:yes
ssl_current_certificate_not_before_date:Jul 27 00:00:00 2021 GMT
ssl_current_certificate_not_after_date:Aug 25 23:59:59 2022 GMT
ssl_current_certificate_serial:ABCDEFGKKSHDJKAHSD05A15BF008A57002E8
I'm setting up a Kubernetes cluster and as part of that, I ran the following command (mentioned on official docs: https://kubernetes.io/docs/tasks/tools/install-kubectl/) :
sudo apt-get update && sudo apt-get install -y apt-transport-https
However, it fails with the following error:
Err:3 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 Packages
server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
Now, I fetch the certificate with this command :
ex +'/BEGIN CERTIFICATE/,/END CERTIFICATE/p' <(echo | openssl s_client -showcerts -connect packages.cloud.google.com:443) -scq > kubecertificate.crt
I get the following response :
verify error:num=20:unable to get local issuer certificate
DONE
But since I see content inside my kubecertificate.crt file , I go ahead and copy the certificate in /usr/local/share/ca-certificates/ directory.
Then I run:
update-ca-certificates
After updating my ca certificates bundle, I re run the first command mentioned.
It again fails with the server certificate verification failed error.
Please help me understand where am I going wrong? Is it because I'm unable to get the local issuer certificate? Please help.
Are you using i386 image or is there some firewall involved? If it is 64bit version of Xenial then it must be some kind of system issue.
Take a look at this case. Especially I would check the current system time date -R and apt-get install NTP as advised by #davidthings as I remember having similar problem. There is also a lot of different solutions which could help, listed in the linked case - check which one is applicable for your and update if you succeeded.
After that you can try with this, to download kubectl, kubelet and kubeadm (or edit it accordingly if you want just one)
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg |
apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
I am following a tutorial that can be found here to set up a headless selenium scraper on an ec2 instance:
https://krbnite.github.io/Driving-Headless-Chrome-with-Selenium-on-AWS-EC2/
The tutorial I am using seems to assume an ubuntu distro whereas the ec2 instance I am using is an AWS AMI. As such apt-get is not available to me and instead I use yum to install things.
The first step of the installation process is the following:
wget -q -O - "https://dl-ssl.google.com/linux/linux_signing_key.pub" | sudo apt-key add -
When I do this I get the following, to be expected error on my AWS AMI instance:
sudo: apt-key: command not found
I was wondering what the equivalent command would be without using apt, apt-get, or apt-key but instead using yum. I have blindly tried the following but they did not work:
wget -q -O - "https://dl-ssl.google.com/linux/linux_signing_key.pub" | sudo yum add -
wget -q -O - "https://dl-ssl.google.com/linux/linux_signing_key.pub" | sudo yum-key add -
Thanks
Below is from an article on Baeldung which I think answers this questions properly:
Adding a repository in YUM is a manual operation, which consists in creating a file with the .repo extension under the folder /etc/yum.repos.d.
The file must contain all the information about the custom repository that we are connecting to.
Let’s try adding the AdoptOpenJDK repository:
# /etc/yum.repos.d/adoptopenjdk.repo
[AdoptOpenJDK]
name=AdoptOpenJDK
baseurl=http://adoptopenjdk.jfrog.io/adoptopenjdk/rpm/centos/7/$(uname -m)
enabled=1
gpgcheck=1
gpgkey=https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public
In APT, though, things are quite different. The GPG key of the repository must be downloaded and added to the APT keyring with apt-key add:
wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | sudo apt-key add -
Then, at this point, the repository can be added through add-apt-repository –yes followed by the URL:
add-apt-repository --yes https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/
Contrary to YUM, all the repositories are saved in a single file,
/etc/apt/sources.list.
Add the repo and then import the repo GPG key
sudo wget -o /etc/yum.repos.d/reponame.repo <repo url>
sudo rpm --import <key url>
Confirm
yum repolist
We recently installed ppolicy module and the related things in our OpenLDAP instance for password policy ( http://www.zytrax.com/books/ldap/ch6/ppolicy.html#account-unlock) . However, among them there was no way to set up something that does a password check whenever a new password is set. Then, we were pointed out to this link - http://ltb-project.org/wiki/documentation/openldap-ppolicy-check-password , where pwdPolicyChecker seemed like a module that can solve this issue. But we have no idea how to install this C module in our current ubuntu OpenLDAP set up. Also, the instructions provided seemed to be more like how the openldap setup used to be earlier in ubuntu and not like how it is now with slapd.d . Has anyone done an installation of a C module in OpenLDAP in the new ubuntu setup? Any pointers toward that would be very much appreciated.
Thanks!
I've been using the LTB's pwdCheckerModule for years without a glitch.
I just rebuilt it - as a package, for Debian/Stretch - using the tweaked Onyx Point's version; https://github.com/onyxpoint/ppolicy-check-password
I created the corresponding Debian-specific fork - https://github.com/cedric-dufour/ppolicy-check-password/tree/debian-stretch - including the README.DEBIAN file that should answer your question (most relevant part copied below); doing the same for Ubuntu should not be too different.
* Get the Debian source code for the OpenLDAP packages and build dependencies:
apt-get source openldap
apt-get build-deps openldap
* Include the ppolicy-check-password source code into the OpenLDAP source tree
and install additional build dependencies:
cd openldap-<version>
mkdir -p contrib/slapd-modules/ppolicy-check-password
cp /path/to/ppolicy-check-password.git/* contrib/slapd-modules/ppolicy-check-password/.
apt-get install libcrack2-dev
* Patch the Debian (packaging) directory:
patch -p1 < /path/to/ppolicy-check-password.git/debian/debian-directory.patch
* Build the OpenLDAP packages:
dpkg-buildpackage -us -uc -b
* Copy and install the slapd-ppolicy-check-password_<version>.deb package to
the target server:
dpkg -i slapd-ppolicy-check-password_<version>.deb
* Configure the ppolicy-check-password module:
vim /etc/ldap/check_password.conf
* Add the ppolicy-check-password module/check to your PPolicy:
pwdCheckModule: check_password.so
pwdCheckQuality: 2
I am using CentOs 6.6 64bit, and have a problem when using curl. The server primarily hosts several wordpress blogs using apache and mysql.
My simplest means to generate the error is with the following yum command which outputs the below
yum list "ca-certi*"
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Could not get metalink https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=x86_64 error was
14: PYCURL ERROR 77 - "Problem with the SSL CA cert (path? access rights?)"
* base: cosmos.cites.illinois.edu
* epel: mirror.cogentco.com
* extras: mirrors.rit.edu
* updates: mirrors.rit.edu
Installed Packages
ca-certificates.noarch 2014.1.98-65.1.el6 #base
Soutions tried and failed so far based from googling around
1) I have tried restarting the VPS, no good
2) Executing curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt without any luck
3) This solution was no good at all, as it relies on yum to solve the SSL problem that yum also suffers http://syslint.com/syslint/curl-77-problem-with-the-ssl-ca-cert-path-access-rights-solved/
Can I run these yum steps to install with wget?, would you think it would help?
# yum reinstall ca-certificates
# yum reinstall openssl
I think virtualmin had installed some updates in the last 24 hours, is there a log of updates it ran somewhere?
Can anyone please help get around this "Problem with the SSL CA cert (path? access rights?)" problem.
TIA
More easy solution for centos 6/7. Remove ca and reinstall certificate.
rm -f /etc/ssl/certs/ca-bundle.crt && yum reinstall -y ca-certificates
Problem that if you just only reinstall certs. This will dont replace ca-bundle. Leave it new with .rpmnew name.
this worked for me :
centos 6
mkdir /usr/src/ca-certificates && cd /usr/src/ca-certificates
wget
http://mirror.centos.org/centos/6/os/x86_64/Packages/ca-certificates-2015.2.6-65.0.1.el6_7.noarch.rpm
rpm2cpio ca-certificates-2015.2.6-65.0.1.el6_7.noarch.rpm | cpio -idmv
cp -pi ./etc/pki/tls/certs/ca-bundle.* /etc/pki/tls/certs/
do yes to override
to check :
curl -vvv https://www.unixy.net
Solution from here
https://www.virtualmin.com/node/35857
nss-softokn breaks yum/rpm in CentOS 6 In order to fix it do the following:
wget http://mirror.centos.org/centos/6/updates/x86_64/Packages/nss-softokn-fr...
rpm2cpio nss-softokn-freebl-3.14.3-19.el6_6.x86_64.rpm | cpio -idmv
cd lib64
cp libfreeblpriv3.* /lib64
yum update # sync new repo package