PhilipSchmid

Single-host Minio Setup

Docker-Compose single-host Minio S3 setup using Traefik (Let's Encrypt with DNS-01 challenge via Cloudflare) for TLS offloading.

Tested on Ubuntu 20.04.

Host Prerequisites

Run all commands shown here with root or prepend a sudo to the regarding commands which require higher privileges.

Install Docker

PhilipSchmid

kubeadm Cluster Setup

• kubeadm Cluster Setup
  • Prerequisites
  • Installation
    • Crictl
    • Containerd
    • Kubeadm
  • Cluster Creation
    • Init

PhilipSchmid

apiVersion: apps/v1
kind: Deployment
metadata:
  name: iperf3
spec:
  replicas: 2
  selector:
    matchLabels:
      app: iperf3
  template:

PhilipSchmid

Rancher K8s Cluster on VMware vSphere

Prerequisites

vCenter Configuration

• Configure the Network Protocol Profile on the vCenter according to: https://www.virtualthoughts.co.uk/2020/03/29/rancher-vsphere-network-protocol-profiles-and-static-ip-addresses-for-k8s-nodes/
• Ensure to create a service user with the regarding global and folder specific permissions: https://rancher.com/docs/rancher/v2.x/en/cluster-provisioning/rke-clusters/node-pools/vsphere/provisioning-vsphere-clusters/creating-credentials/
  • Beside the vCenter role permissions from the official Rancher documentation, the following ones need to be provided in order to configure the Nodes via vApp options:
    • Content Library: Read storage
    • Extension: Register extension
• vSphere Tagging: Assign or Unassign vSphere Tag on Object

PhilipSchmid

kubectl run -it --rm tshoot --overrides='
{
  "spec": {
    "containers": [
      {
        "name": "tshoot",
        "image": "nicolaka/netshoot:latest",
        "command": ["/bin/bash"],
        "stdin": true,
        "stdinOnce": true,

PhilipSchmid

# https://github.com/bloomberg/goldpinger
---
apiVersion: v1
kind: Namespace
metadata:
  name: goldpinger
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:

PhilipSchmid

Interface bonding

Configure a LACP active network interface bonding on Ubuntu 18.04 using netplan:

root@srv01:~# mv /etc/netplan/50-cloud-init.yaml /etc/netplan/01-netcfg.yaml
root@srv01:~# cat /etc/netplan/01-netcfg.yaml 
network:
    version: 2
    renderer: networkd
 ethernets:

PhilipSchmid

Quick & Dirty, Copy & Paste, Single-Host Kubernetes Setup

Tested on a Rocky Linux 8.4 VM on DigitalOcean. Run everything as root. Based on RKE2, Cilium, Nginx and Longhorn.

Disable SELinux & Swap

# SELinux
sestatus
setenforce 0
sed -i --follow-symlinks 's/^SELINUX=.*/SELINUX=permissive/g' /etc/sysconfig/selinux && cat /etc/sysconfig/selinux
sestatus

PhilipSchmid

Clientless Linux remote access with Apache Guacamole

Quick and dirty guide how to get Apache Guacamole in combination with VNC up and running.

Apache Guacamole

Prerequisites

sudo add-apt-repository -y ppa:remmina-ppa-team/freerdp-daily
sudo apt update
env DEBIAN_FRONTEND=noninteractive sudo apt install -y freerdp2-dev freerdp2-x11

PhilipSchmid

<!DOCTYPE NETSCAPE-Bookmark-file-1>
<!-- This is an automatically generated file.
     It will be read and overwritten.
     DO NOT EDIT! -->
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8">
<TITLE>Bookmarks</TITLE>
<H1>Bookmarks</H1>
<DL><p>
    <DT><H3 ADD_DATE="1639761932" LAST_MODIFIED="1639906307" PERSONAL_TOOLBAR_FOLDER="true">Bookmarks bar</H3>
    <DL><p>