I’m Working on writing and arranging a Bossa Nova. I need to get better before it sounds like it is supposed to.
Current Reading
Reply
Category Archives: Software
Updating a Minecraft Mod, Part Two: Exploding Anvils
Continuing my attempt to update what I know about modding minecraft from 1.8 to 1.15. Based on my experience from this book;
Updating a Minecraft Mod: Part One
I have not touched the mod code I wrote for a couple years now. When Arun and Aditya Gupta wrote their book, the current version of Minecraft was 1.8. That was five years ago, and the current version is 1.15. Some things have changed. I want to document what I need to do to get my old mods running again on the newer version.
My starting point is that I have a working version of Minecraft and the comparable version of forge. Lets take it from there.
Continue readingRefactoring in Ansible: extract Variable
“Let the complexity emerge.” Probably the best advice I ever got in coding. Do something in as straight-forward manner as possible. When you find your self repeating code, extract it. Here’s an example from an ansible playbook I’m working on.
Continue readingType in the Sample Code
Labs are designed for learning. I learn by doing. While I can read, as they say in the local vernacular in my propinquity “Wicked Fast,” I don’t process read information to the depth that I need in order to retain it. I need to type in the code in order to learn. Here’s a technique I use to do that.
Continue readingCreate a host and get a keytab from the CLI
Since I have to do this a lot, figured I would write it down here. Follow on to Kerberizing a Service in OpenShift.
Continue readingProtecting a Service in OpenShift using Kerberos
The same container image that can run HTTPD using Kerberos to authenticate in Podman can be used to do the same thing in OpenShift. Here’s the changes
Continue readingUsing mod_auth_gssapi via Podman
Kerberos is a cryptographically secure authentication mechanism in use in many large organizations. Developers may want to make their applications work with Kerberos while developing inside containers. Here is a quick proof-of-concept that shows how to set up a container to work with mod_auth_gssapi., the Apache module that makes use of Kerberos.
Continue readingkinit with a service keytab
Remote services are not You; they do work on your behalf. When a remote service authenticates to another service, it should not impersonate you. If you use a keytab issued to your princial (say yourname@YOUNGLOGIC.INFO) you are not going to be able to log in to things using password; The IdM server only allows on or the other credential to be active at any given time. Even if you do use the Keytab, if you need to have it in two locations, you need to copy it. Which becomes a nightmare if it gets compromised. So, we want to make service accounts to work on our behalf. Here’s what I have so far.
Continue readingKerberos Secured Web Call from a Podman container
What does it take to make a call to a Kerberized service from a container running in podman? Here are the steps I am going through to debug and troubleshoot.
Continue reading