Cloud/Shahed/AC: Difference between revisions
Jump to navigation
Jump to search
| (9 intermediate revisions by the same user not shown) | |||
| Line 16: | Line 16: | ||
apt list -a --upgradable;echo | apt list -a --upgradable;echo | ||
apt-get install -y wakeonlan;echo | apt-get install -y wakeonlan;echo | ||
EXE | |||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="bash"> | |||
cat <<'EXE'| sudo bash | |||
ethtool -s eno1 wol g | |||
ethtool eno1 | |||
EXE | EXE | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 38: | Line 45: | ||
wakeonlan 84:47:09:3c:3e:09 | wakeonlan 84:47:09:3c:3e:09 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
==WOL » Shahed » AO== | |||
<syntaxhighlight lang="bash"> | |||
wakeonlan 60:eb:69:95:76:4a | |||
</syntaxhighlight> | |||
==Attach » NFS » Volume== | |||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='width:900px'| | |||
'''smb » shahed-an.local » shahed-ac''' | |||
|- | |||
|valign='top'| | |||
[[Cloud/Shahed/AA#Attach » NFS » Volume|Skipped » Find More 👉 Attach » NFS » Volume]] | |||
|- | |||
|valign="top"| | |||
<syntaxhighlight lang="bash"> | |||
cat <<'EXE'| sudo bash | |||
umount /var/nfs/backup | |||
mkdir -p /var/nfs/backup | |||
cat <<'FST'| tee -a /etc/fstab >/dev/null | |||
# shahed-an » nfs » attach » shahed-ac » 7.2tb | |||
//shahed-an.local/shahed-ac /var/nfs/backup cifs credentials=/etc/default/nfs-shahed-ac,uid=1000,gid=1000,file_mode=0640,dir_mode=0750,nofail,x-systemd.automount,_netdev,soft 0 0 | |||
FST | |||
systemctl daemon-reload | |||
mount -a && dmesg|tail -20 | |||
EXE | |||
</syntaxhighlight> | |||
|} | |||
==Cloudflare » VIRT== | ==Cloudflare » VIRT== | ||
| Line 124: | Line 160: | ||
==LB » HAProxy » Frontend » HTTP Config== | ==LB » HAProxy » Frontend » HTTP Config== | ||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='width:900px'| | |||
'''HAProxy » Frontend » HTTP''' | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg >/dev/null | cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg >/dev/null | ||
| Line 136: | Line 177: | ||
acl host-is-k8s-ac-shahed-shahed-biz hdr(host) -i k8s.ac.shahed.shahed.biz | acl host-is-k8s-ac-shahed-shahed-biz hdr(host) -i k8s.ac.shahed.shahed.biz | ||
acl host-is-apache-host-k8s-local hdr(host) -i apache.host.k8s.local | |||
acl host-is-shahed-biz-local hdr(host) -i shahed.biz.local | |||
acl host-is-host-k8s-local hdr(host) -i host.k8s.local | |||
acl host-is-nginx-host-k8s-local hdr(host) -i nginx.host.k8s.local | |||
acl host-is-minio-host-k8s-local hdr(host) -i minio.host.k8s.local | |||
acl host-is-s3-minio-host-k8s-local hdr(host) -i s3.minio.host.k8s.local | |||
use_backend bck_shahed_biz_shahed_ac_k8s if host-is-k8s-ac-shahed-shahed-biz | use_backend bck_shahed_biz_shahed_ac_k8s if host-is-k8s-ac-shahed-shahed-biz | ||
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-apache-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-shahed-biz-local | |||
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_nginx if host-is-nginx-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_minio_web if host-is-minio-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_minio_api if host-is-s3-minio-host-k8s-local | |||
default_backend bck_shahed_biz_shahed_ac_k8s | |||
CFG | |||
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg /etc/haproxy/proxy-enabled/ | |||
</syntaxhighlight> | |||
|} | |||
==LB » HAProxy » Frontend » HTTPS Config== | |||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='width:900px'| | |||
'''HAProxy » Frontend » HTTP''' | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang="bash"> | |||
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg >/dev/null | |||
# ############################################################################## | |||
# http frontend config for *.chorke.org, *.chorke.com, *.shahed.biz | |||
# this config added by chorke academia, inc | |||
frontend fnt_shahed_biz_ssl | |||
bind *:443 ssl crt /etc/haproxy/certs/ac.shahed.shahed.biz.pem alpn h2,http/1.1 ssl-min-ver TLSv1.2 ssl-max-ver TLSv1.3 | |||
mode http | |||
acl host-is-k8s-ac-shahed-shahed-biz hdr(host) -i k8s.ac.shahed.shahed.biz | |||
acl host-is-apache-host-k8s-local hdr(host) -i apache.host.k8s.local | |||
acl host-is-shahed-biz-local hdr(host) -i shahed.biz.local | |||
acl host-is-host-k8s-local hdr(host) -i host.k8s.local | |||
acl host-is-nginx-host-k8s-local hdr(host) -i nginx.host.k8s.local | |||
acl host-is-minio-host-k8s-local hdr(host) -i minio.host.k8s.local | |||
acl host-is-s3-minio-host-k8s-local hdr(host) -i s3.minio.host.k8s.local | |||
use_backend bck_shahed_biz_shahed_ac_k8s if host-is-k8s-ac-shahed-shahed-biz | |||
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-apache-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-shahed-biz-local | |||
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_nginx if host-is-nginx-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_minio_web if host-is-minio-host-k8s-local | |||
use_backend bck_shahed_biz_shahed_ac_minio_api if host-is-s3-minio-host-k8s-local | |||
default_backend bck_shahed_biz_shahed_ac_k8s | default_backend bck_shahed_biz_shahed_ac_k8s | ||
backend bck_shahed_biz_shahed_ac_k8s | backend bck_shahed_biz_shahed_ac_k8s | ||
server shahed_ac_k8s 192.168.49.2:80 | server shahed_ac_k8s 192.168.49.2:80 | ||
mode http | |||
backend bck_shahed_biz_shahed_ac_apache2 | |||
server localhost_apache 127.0.0.1:2013 | |||
mode http | |||
backend bck_shahed_biz_shahed_ac_nginx | |||
server localhost_nginx 127.0.0.1:2015 | |||
mode http | |||
backend bck_shahed_biz_shahed_ac_minio_web | |||
server localhost_minio_web 127.0.0.1:9801 | |||
mode http | |||
backend bck_shahed_biz_shahed_ac_minio_api | |||
server localhost_minio_api 127.0.0.1:9800 | |||
mode http | mode http | ||
CFG | CFG | ||
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz- | sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg /etc/haproxy/proxy-enabled/ | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|} | |||
==LB » HAProxy » Frontend » Kube API Config== | ==LB » HAProxy » Frontend » Kube API Config== | ||
| Line 251: | Line 361: | ||
==Kubernetes » Minikube » Tunnel » Create Service== | ==Kubernetes » Minikube » Tunnel » Create Service== | ||
[[Cloud/Hetzner/AA#Kubernetes » Minikube » Tunnel » Create Service|Skipped » Find More » | [[Cloud/Hetzner/AA#Kubernetes » Minikube » Tunnel » Create Service|Skipped » Find More 👉 Minikube » Tunnel » Systemd]] | ||
---- | |||
[[Minikube MetalLB#MetalLB » Forward » Route|Skipped » Find More 👉 Minikube » MetalLB » Forward » Route]] | |||
==Kubernetes » Minikube » Ingress » Apply Dashboard== | ==Kubernetes » Minikube » Ingress » Apply Dashboard== | ||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='width:700px'| | |||
'''K8s » Dashboard » Ingress » Apply''' | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
export KUBECONFIG=${HOME}/.kube/shahed-ac-kubeconfig.yaml | export KUBECONFIG=${HOME}/.kube/shahed-ac-kubeconfig.yaml | ||
| Line 259: | Line 376: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang="yaml" highlight="14-16,20" line> | <syntaxhighlight lang="yaml" highlight="14-16,20,30" line> | ||
cat << YML | kubectl -n kubernetes-dashboard apply -f - | cat << YML | kubectl -n kubernetes-dashboard apply -f - | ||
--- | --- | ||
| Line 280: | Line 397: | ||
rules: | rules: | ||
- host: k8s.ac.shahed.shahed.biz | - host: k8s.ac.shahed.shahed.biz | ||
http: | |||
paths: | |||
- path: / | |||
pathType: Prefix | |||
backend: | |||
service: | |||
name: kubernetes-dashboard | |||
port: | |||
number: 80 | |||
- host: www.k8s.local | |||
http: | http: | ||
paths: | paths: | ||
| Line 295: | Line 422: | ||
---- | ---- | ||
[[K8s/Ingress#Ingress » Dashboard|Skipped » Find More 👉 K8s » Dashboard]] | [[K8s/Ingress#Ingress » Dashboard|Skipped » Find More 👉 K8s » Dashboard]] | ||
|} | |||
==Kubernetes » Minikube » Host » Ingress » Apache & Nginx== | |||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='width:1400px' colspan='3'| | |||
'''K8s » Host » Apache & Nginx » Ingress''' | |||
|- | |||
|align='center'| | |||
[[Cloud/Shahed/AB#LB » HAProxy » Frontend » HTTP Config|Find More 👉 HAProxy » Frontend » HTTP]] | |||
|align='center'| | |||
[[K8s/Service#Internal|Find More 👉 K8s » Service » Internal]] | |||
|align='center'| | |||
[[K8s/Ingress#Internal|Find More 👉 K8s » Ingress » Internal]] | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang="yaml"> | |||
cat << YML | kubectl apply -n internal -f - | |||
--- | |||
apiVersion: networking.k8s.io/v1 | |||
kind: Ingress | |||
metadata: | |||
name: haproxy | |||
namespace: internal | |||
labels: | |||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | |||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | |||
spec: | |||
ingressClassName: nginx | |||
rules: | |||
- host: host.k8s.local | |||
http: | |||
paths: | |||
- path: / | |||
pathType: ImplementationSpecific | |||
backend: | |||
service: | |||
name: host | |||
port: | |||
number: 80 | |||
YML | |||
xdg-open http://host.k8s.local &>/dev/null & | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang="yaml"> | |||
cat << YML | kubectl apply -n internal -f - | |||
--- | |||
apiVersion: networking.k8s.io/v1 | |||
kind: Ingress | |||
metadata: | |||
name: apache | |||
namespace: internal | |||
labels: | |||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | |||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | |||
spec: | |||
ingressClassName: nginx | |||
rules: | |||
- host: apache.host.k8s.local | |||
http: | |||
paths: | |||
- path: / | |||
pathType: ImplementationSpecific | |||
backend: | |||
service: | |||
name: host | |||
port: | |||
number: 80 | |||
YML | |||
xdg-open http://apache.host.k8s.local &>/dev/null & | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang="yaml"> | |||
cat << YML | kubectl apply -n internal -f - | |||
--- | |||
apiVersion: networking.k8s.io/v1 | |||
kind: Ingress | |||
metadata: | |||
name: nginx | |||
namespace: internal | |||
labels: | |||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | |||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | |||
spec: | |||
ingressClassName: nginx | |||
rules: | |||
- host: nginx.host.k8s.local | |||
http: | |||
paths: | |||
- path: / | |||
pathType: ImplementationSpecific | |||
backend: | |||
service: | |||
name: host | |||
port: | |||
number: 80 | |||
YML | |||
xdg-open http://nginx.host.k8s.local &>/dev/null & | |||
</syntaxhighlight> | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang="yaml"> | |||
cat << YML | kubectl apply -n internal -f - | |||
--- | |||
apiVersion: networking.k8s.io/v1 | |||
kind: Ingress | |||
metadata: | |||
name: shahed | |||
namespace: internal | |||
labels: | |||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | |||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | |||
spec: | |||
ingressClassName: nginx | |||
rules: | |||
- host: shahed.biz.local | |||
http: | |||
paths: | |||
- path: / | |||
pathType: ImplementationSpecific | |||
backend: | |||
service: | |||
name: host | |||
port: | |||
number: 80 | |||
YML | |||
xdg-open http://shahed.biz.local &>/dev/null & | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang="yaml" highlight="14,18"> | |||
cat << YML | kubectl apply -n internal -f - | |||
--- | |||
apiVersion: networking.k8s.io/v1 | |||
kind: Ingress | |||
metadata: | |||
name: minio-web | |||
namespace: internal | |||
labels: | |||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | |||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | |||
annotations: | |||
nginx.ingress.kubernetes.io/proxy-body-size: '0' | |||
spec: | |||
ingressClassName: nginx | |||
rules: | |||
- host: minio.host.k8s.local | |||
http: | |||
paths: | |||
- path: / | |||
pathType: ImplementationSpecific | |||
backend: | |||
service: | |||
name: host | |||
port: | |||
number: 80 | |||
YML | |||
xdg-open http://minio.host.k8s.local &>/dev/null & | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang="yaml" highlight="14,18"> | |||
cat << YML | kubectl apply -n internal -f - | |||
--- | |||
apiVersion: networking.k8s.io/v1 | |||
kind: Ingress | |||
metadata: | |||
name: minio-api | |||
namespace: internal | |||
labels: | |||
app.kubernetes.io/name: host | |||
app.kubernetes.io/version: 1.0.0 | |||
app.kubernetes.io/instance: host | |||
app.kubernetes.io/managed-by: kubectl | |||
annotations: | |||
nginx.ingress.kubernetes.io/proxy-body-size: '0' | |||
spec: | |||
ingressClassName: nginx | |||
rules: | |||
- host: s3.minio.host.k8s.local | |||
http: | |||
paths: | |||
- path: / | |||
pathType: ImplementationSpecific | |||
backend: | |||
service: | |||
name: host | |||
port: | |||
number: 80 | |||
YML | |||
xdg-open http://s3.minio.host.k8s.local &>/dev/null & | |||
</syntaxhighlight> | |||
|} | |||
==References== | ==References== | ||
Latest revision as of 13:52, 24 August 2025
SSH
ssh -qt shahed@shahed-ac.local bash
cat <<'EXE' | sudo bash
free -th && echo && systemd-analyze && echo
df -h && echo && lsblk && echo
swapon --show
EXE
WOL
cat <<'EXE'| sudo bash
apt-get update;echo
apt list -a --upgradable;echo
apt-get install -y wakeonlan;echo
EXE
cat <<'EXE'| sudo bash
ethtool -s eno1 wol g
ethtool eno1
EXE
WOL » MAC » Find
WOL_HOST='shahed-an.local'
ping -q -c5 "${WOL_HOST}" >/dev/null
WOL_IPV4="$(getent hosts "${WOL_HOST}"|awk '{print $1}')"
WOL_MACA="$(arp -n "${WOL_IPV4}"|awk 'NR==2 {print $3}')"
printf '\n%s » %s » %s\n' "${WOL_HOST}" "${WOL_IPV4}" "${WOL_MACA}"
WOL » Shahed » AE
wakeonlan 8c:c6:81:94:70:91
WOL » Shahed » AN
wakeonlan 84:47:09:3c:3e:0a
wakeonlan 84:47:09:3c:3e:09
WOL » Shahed » AO
wakeonlan 60:eb:69:95:76:4a
Attach » NFS » Volume
|
smb » shahed-an.local » shahed-ac |
|---|
cat <<'EXE'| sudo bash
umount /var/nfs/backup
mkdir -p /var/nfs/backup
cat <<'FST'| tee -a /etc/fstab >/dev/null
# shahed-an » nfs » attach » shahed-ac » 7.2tb
//shahed-an.local/shahed-ac /var/nfs/backup cifs credentials=/etc/default/nfs-shahed-ac,uid=1000,gid=1000,file_mode=0640,dir_mode=0750,nofail,x-systemd.automount,_netdev,soft 0 0
FST
systemctl daemon-reload
mount -a && dmesg|tail -20
EXE
|
Cloudflare » VIRT
cat << INI | sudo tee /etc/systemd/system/warp0.service >/dev/null
[Unit]
Description=Cloudflared WARP Routing Virtual Interface
After=network.target
[Service]
Type=oneshot
ExecStart=/usr/sbin/ip link add warp0 type dummy
ExecStartPost=/usr/sbin/ip addr add 10.20.40.3/32 dev warp0
ExecStartPost=/usr/sbin/ip link set warp0 up
ExecStop=/usr/sbin/ip link delete warp0
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
INI
cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable --now warp0.service
systemctl status warp0.service
EXE
ip a
Cloudflare » Argo » Tunnel
wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -P ${HOME}/Downloads
sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-amd64.deb; sudo apt install -f
rm -rf ${HOME}/Downloads/cloudflared-linux-amd64.deb
cat <<'SYS' | sudo tee -a /etc/sysctl.conf >/dev/null
###################################################################
# Cloudflared Tunnel Private Network Config
# This config added by Chorke Academia, Inc
# ICMP Group ID Range 0 to 10,000 Users
net.ipv4.ping_group_range = 0 10000
# 208 KiB Default RX Buffer
net.core.rmem_default=212992
# 208 KiB Default TX Buffer
net.core.wmem_default=212992
# 8 MB Maximum RX Buffer
net.core.rmem_max=8388608
# 8 MB Maximum TX Buffer
net.core.wmem_max=8388608
SYS
sudo sysctl -p
LB » HAProxy » Install & Configure
sudo ufw status numbered
sudo iptables -S
cat << EXE | sudo bash
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow OpenSSH
ufw allow 8443/tcp
ufw allow in on lxdbr0
ufw route allow in on lxdbr0
ufw route allow out on lxdbr0
EXE
sudo ufw status numbered
sudo iptables -S
LB » HAProxy » Frontend » HTTP Config
|
HAProxy » Frontend » HTTP |
|---|
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg >/dev/null
# ##############################################################################
# http frontend config for *.chorke.org, *.chorke.com, *.shahed.biz
# this config added by chorke academia, inc
frontend fnt_shahed_biz
bind *:80
mode http
acl host-is-k8s-ac-shahed-shahed-biz hdr(host) -i k8s.ac.shahed.shahed.biz
acl host-is-apache-host-k8s-local hdr(host) -i apache.host.k8s.local
acl host-is-shahed-biz-local hdr(host) -i shahed.biz.local
acl host-is-host-k8s-local hdr(host) -i host.k8s.local
acl host-is-nginx-host-k8s-local hdr(host) -i nginx.host.k8s.local
acl host-is-minio-host-k8s-local hdr(host) -i minio.host.k8s.local
acl host-is-s3-minio-host-k8s-local hdr(host) -i s3.minio.host.k8s.local
use_backend bck_shahed_biz_shahed_ac_k8s if host-is-k8s-ac-shahed-shahed-biz
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-apache-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-shahed-biz-local
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_nginx if host-is-nginx-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_minio_web if host-is-minio-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_minio_api if host-is-s3-minio-host-k8s-local
default_backend bck_shahed_biz_shahed_ac_k8s
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg /etc/haproxy/proxy-enabled/
|
LB » HAProxy » Frontend » HTTPS Config
|
HAProxy » Frontend » HTTP |
|---|
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg >/dev/null
# ##############################################################################
# http frontend config for *.chorke.org, *.chorke.com, *.shahed.biz
# this config added by chorke academia, inc
frontend fnt_shahed_biz_ssl
bind *:443 ssl crt /etc/haproxy/certs/ac.shahed.shahed.biz.pem alpn h2,http/1.1 ssl-min-ver TLSv1.2 ssl-max-ver TLSv1.3
mode http
acl host-is-k8s-ac-shahed-shahed-biz hdr(host) -i k8s.ac.shahed.shahed.biz
acl host-is-apache-host-k8s-local hdr(host) -i apache.host.k8s.local
acl host-is-shahed-biz-local hdr(host) -i shahed.biz.local
acl host-is-host-k8s-local hdr(host) -i host.k8s.local
acl host-is-nginx-host-k8s-local hdr(host) -i nginx.host.k8s.local
acl host-is-minio-host-k8s-local hdr(host) -i minio.host.k8s.local
acl host-is-s3-minio-host-k8s-local hdr(host) -i s3.minio.host.k8s.local
use_backend bck_shahed_biz_shahed_ac_k8s if host-is-k8s-ac-shahed-shahed-biz
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-apache-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-shahed-biz-local
use_backend bck_shahed_biz_shahed_ac_apache2 if host-is-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_nginx if host-is-nginx-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_minio_web if host-is-minio-host-k8s-local
use_backend bck_shahed_biz_shahed_ac_minio_api if host-is-s3-minio-host-k8s-local
default_backend bck_shahed_biz_shahed_ac_k8s
backend bck_shahed_biz_shahed_ac_k8s
server shahed_ac_k8s 192.168.49.2:80
mode http
backend bck_shahed_biz_shahed_ac_apache2
server localhost_apache 127.0.0.1:2013
mode http
backend bck_shahed_biz_shahed_ac_nginx
server localhost_nginx 127.0.0.1:2015
mode http
backend bck_shahed_biz_shahed_ac_minio_web
server localhost_minio_web 127.0.0.1:9801
mode http
backend bck_shahed_biz_shahed_ac_minio_api
server localhost_minio_api 127.0.0.1:9800
mode http
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg /etc/haproxy/proxy-enabled/
|
LB » HAProxy » Frontend » Kube API Config
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg >/dev/null
# ##############################################################################
# tcp frontend config for 10.20.40.3:8443
# this config added by chorke academia, inc
frontend fnt_shahed_biz_shahed_ac
bind *:8443
mode tcp
option tcplog
option dontlognull
default_backend bck_shahed_biz_shahed_ac
backend bck_shahed_biz_shahed_ac
server shahed_ac_k8s 192.168.49.2:8443
mode tcp
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg /etc/haproxy/proxy-enabled/
vim /etc/haproxy/proxy-scripts/reconfig
/etc/haproxy/proxy-scripts/reconfig
systemctl disable --now minikube.service
vim /etc/systemd/system/minikube.service
# append --apiserver-ips=10.20.40.3 with ExecStart
systemctl enable --now minikube.service
ssh -qt shahed@shahed-ac.local bash
sudo -i -u minikube
# run this script on the minikube host. copy the generated output and
# execute it on your local machine's terminal to enable monitoring of
# the minikube cluster.
cat << LOG
$(cat <<'YML'| tee ~/.kube/shahed-ac-kubeconfig.yaml >/dev/null
apiVersion: v1
kind: Config
clusters:
- name: minikube
cluster:
server: https://10.20.40.3:8443
certificate-authority: ../.minikube/ca.crt
contexts:
- name: shahed-ac
context:
cluster: minikube
namespace: default
user: minikube
users:
- name: minikube
user:
client-certificate: ../.minikube/profiles/minikube/client.crt
client-key: ../.minikube/profiles/minikube/client.key
current-context: shahed-ac
YML
)
cat <<'YML'| tee ~/.kube/shahed-ac-kubeconfig.yaml >/dev/null
$(export KUBECONFIG=${HOME}/.kube/shahed-ac-kubeconfig.yaml;\
kubectl config view --flatten;\
rm ${KUBECONFIG};\
)
YML
chmod 600 ~/.kube/shahed-ac-kubeconfig.yaml
ls -alh ~/.kube/
export KUBECONFIG=~/.kube/shahed-ac-kubeconfig.yaml
kubectl config get-contexts
kubectl get namespace
$(echo -n)
LOG
Kubernetes » Minikube » Install & Configure
if [ -x "$(command -v curl)" ];then \
sudo apt -qq update;\
export MINIKUBE_CPU_USE=12;\
export MINIKUBE_RAM_USE=27849;\
export MINIKUBE_INGRESS_HOST='k8s.ac.shahed.shahed.biz';\
bash <(curl -s 'https://cdn.chorke.org/exec/cli/bash/install/minikube/1.0.01-ubuntu-24.04-amd64.sh.txt');\
else printf 'curl \033[0;31mnot found! \033[0m:(\n';fi
Kubernetes » Minikube » Tunnel » Create Service
Skipped » Find More 👉 Minikube » Tunnel » Systemd
Skipped » Find More 👉 Minikube » MetalLB » Forward » Route
Kubernetes » Minikube » Ingress » Apply Dashboard
|
K8s » Dashboard » Ingress » Apply |
|---|
export KUBECONFIG=${HOME}/.kube/shahed-ac-kubeconfig.yaml
kubectl config get-contexts
cat << YML | kubectl -n kubernetes-dashboard apply -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kubernetes-dashboard
namespace: kubernetes-dashboard
labels:
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/name: kubernetes-dashboard
app.kubernetes.io/instance: kubernetes-dashboard
annotations:
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-realm: Authentication Required
nginx.ingress.kubernetes.io/auth-secret: kubernetes-dashboard-auth
spec:
ingressClassName: nginx
rules:
- host: k8s.ac.shahed.shahed.biz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 80
- host: www.k8s.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 80
YML
Skipped » Find More 👉 K8s » CoreDNS |
Kubernetes » Minikube » Host » Ingress » Apache & Nginx
|
K8s » Host » Apache & Nginx » Ingress | ||
|---|---|---|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: haproxy
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: host.k8s.local
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://host.k8s.local &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: apache
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: apache.host.k8s.local
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://apache.host.k8s.local &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: nginx.host.k8s.local
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://nginx.host.k8s.local &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: shahed
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: shahed.biz.local
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://shahed.biz.local &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio-web
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
ingressClassName: nginx
rules:
- host: minio.host.k8s.local
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://minio.host.k8s.local &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio-api
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
ingressClassName: nginx
rules:
- host: s3.minio.host.k8s.local
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://s3.minio.host.k8s.local &>/dev/null &
|
References
|
| |||
|
| |||
|
| |||