Cloud/Shahed/AB: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== | {|class='wikitable' | ||
<syntaxhighlight lang= | |valign='top' style='width:50%'| | ||
ssh -qt shahed@shahed-ab.local bash | <syntaxhighlight lang='bash'> | ||
ssh -qt shahed@shahed-ab.local bash | |||
ssh -o 'PubkeyAuthentication=no' -qt shahed@shahed-ab.local bash | |||
cat <<'EXE' | sudo bash | cat <<'EXE' | sudo bash | ||
| Line 9: | Line 11: | ||
EXE | EXE | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign='top' style='width:50%'| | |||
<syntaxhighlight lang='bash'> | |||
ssh \ | |||
-i ${HOME}/.ssh/cid.chorke.org_ed25519 \ | |||
-qt shahed@shahed-ab.local bash | |||
ssh \ | |||
-o 'IdentitiesOnly=yes'\ | |||
-i ${HOME}/.ssh/cid.chorke.org_ed25519 \ | |||
-qt shahed@shahed-ab.local bash | |||
</syntaxhighlight> | |||
|- | |||
|valign='top' colspan='2'| | |||
<syntaxhighlight lang='bash'> | |||
cat <<'EXE' | bash | |||
mkdir -p ${HOME}/.ssh/ | |||
cat <<'INI' | tee -a ${HOME}/.ssh/authorized_keys >/dev/null | |||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDAIynnFVoAeticWIi7NfxaZLIS6PRVrntJBINsF/cW shahed.hossain+shahed.ab@chorke.org | |||
INI | |||
EXE | |||
</syntaxhighlight> | |||
|} | |||
==WOL== | ==WOL== | ||
<syntaxhighlight lang= | {|class='wikitable mw-collapsible' | ||
!scope='col' style='text-align:left'| | |||
WOL | |||
!scope='col' style='text-align:left'| WOL » MAC » Find | |||
|- | |||
|valign='top' style='width:50%'| | |||
<syntaxhighlight lang='bash'> | |||
cat <<'EXE'| sudo bash | cat <<'EXE'| sudo bash | ||
apt-get update;echo | apt-get update;echo | ||
| Line 19: | Line 50: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== | |valign='top' style='width:50%'| | ||
<syntaxhighlight lang= | <syntaxhighlight lang='bash'> | ||
WOL_HOST='shahed-an.local' | WOL_HOST='shahed-an.local' | ||
ping -q -c5 "${WOL_HOST}" >/dev/null | ping -q -c5 "${WOL_HOST}" >/dev/null | ||
| Line 27: | Line 58: | ||
printf '\n%s » %s » %s\n' "${WOL_HOST}" "${WOL_IPV4}" "${WOL_MACA}" | printf '\n%s » %s » %s\n' "${WOL_HOST}" "${WOL_IPV4}" "${WOL_MACA}" | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|- | |||
==WOL » Shahed » AE== | !scope='col' style='text-align:left'| WOL » Shahed » AE | ||
<syntaxhighlight lang= | !scope='col' style='text-align:left'| WOL » Shahed » AO | ||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
wakeonlan 8c:c6:81:94:70:91 | wakeonlan 8c:c6:81:94:70:91 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign='top'| | |||
==WOL » Shahed » AN== | <syntaxhighlight lang='bash'> | ||
<syntaxhighlight lang= | wakeonlan 60:eb:69:95:76:4a | ||
</syntaxhighlight> | |||
|- | |||
!scope='col' style='text-align:left'| WOL » Shahed » AN | |||
!scope='col' style='text-align:left'| | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
wakeonlan 84:47:09:3c:3e:0a | wakeonlan 84:47:09:3c:3e:0a | ||
wakeonlan 84:47:09:3c:3e:09 | wakeonlan 84:47:09:3c:3e:09 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign='top'| | |||
|} | |||
==Attach » NFS » Volume== | ==Attach » NFS » Volume== | ||
{|class='wikitable mw-collapsible' | {|class='wikitable mw-collapsible' | ||
!scope='col | !scope='col'| | ||
'''smb » shahed-an.local » shahed-ab''' | '''smb » shahed-an.local » shahed-ab''' | ||
|- | |- | ||
| Line 53: | Line 91: | ||
|- | |- | ||
|valign="top"| | |valign="top"| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
cat <<'EXE'| sudo bash | cat <<'EXE'| sudo bash | ||
mkdir -p /var/all/backup | mkdir -p /var/all/backup | ||
| Line 68: | Line 106: | ||
|- | |- | ||
|valign="top"| | |valign="top"| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
cat <<'EXE'| sudo bash | cat <<'EXE'| sudo bash | ||
mkdir -p /var/nfs/backup | mkdir -p /var/nfs/backup | ||
| Line 101: | Line 139: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
cat << EXE | sudo bash | cat << EXE | sudo bash | ||
systemctl daemon-reload | systemctl daemon-reload | ||
| Line 112: | Line 150: | ||
==Cloudflare » Argo » Tunnel== | ==Cloudflare » Argo » Tunnel== | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -P ${HOME}/Downloads | wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -P ${HOME}/Downloads | ||
sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-amd64.deb; sudo apt install -f | sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-amd64.deb; sudo apt install -f | ||
| Line 149: | Line 187: | ||
[[Cloud/Hetzner/AA#LB » HAProxy » Install & Configure|Skipped » Find More » 👈]] | [[Cloud/Hetzner/AA#LB » HAProxy » Install & Configure|Skipped » Find More » 👈]] | ||
---- | ---- | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
sudo ufw status numbered | sudo ufw status numbered | ||
sudo iptables -S | sudo iptables -S | ||
| Line 181: | Line 219: | ||
|- | |- | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg >/dev/null | cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg >/dev/null | ||
| Line 222: | Line 260: | ||
|- | |- | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg >/dev/null | cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg >/dev/null | ||
| Line 280: | Line 318: | ||
==LB » HAProxy » Frontend » Kube API Config== | ==LB » HAProxy » Frontend » Kube API Config== | ||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
LB » HAProxy » Frontend » Kube API Config | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang="bash" highlight="3-4"> | <syntaxhighlight lang="bash" highlight="3-4"> | ||
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg >/dev/null | cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg >/dev/null | ||
| Line 301: | Line 344: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
vim /etc/haproxy/proxy-scripts/reconfig | vim /etc/haproxy/proxy-scripts/reconfig | ||
/etc/haproxy/proxy-scripts/reconfig | /etc/haproxy/proxy-scripts/reconfig | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
systemctl disable --now minikube.service | systemctl disable --now minikube.service | ||
vim /etc/systemd/system/minikube.service | vim /etc/systemd/system/minikube.service | ||
| Line 313: | Line 356: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
ssh -qt shahed@shahed-ab.local bash | ssh -qt shahed@shahed-ab.local bash | ||
sudo -i -u minikube | sudo -i -u minikube | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
# run this script on the minikube host. copy the generated output and | # run this script on the minikube host. copy the generated output and | ||
# execute it on your local machine's terminal to enable monitoring of | # execute it on your local machine's terminal to enable monitoring of | ||
| Line 366: | Line 409: | ||
LOG | LOG | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|} | |||
==Kubernetes » Minikube » Install & Configure== | ==Kubernetes » Minikube » Install & Configure== | ||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
K8s » Minikube » Install » Configure | |||
|- | |||
|valign='top'| | |||
[[Cloud/Hetzner/AA#Kubernetes » Minikube » Install & Configure|Skipped » Find More » 👈]] | [[Cloud/Hetzner/AA#Kubernetes » Minikube » Install & Configure|Skipped » Find More » 👈]] | ||
- | |- | ||
<syntaxhighlight lang= | |valign='top'| | ||
<syntaxhighlight style='margin:3px 0' lang='bash'> | |||
if [ -x "$(command -v curl)" ];then \ | if [ -x "$(command -v curl)" ];then \ | ||
sudo apt -qq update;\ | sudo apt -qq update;\ | ||
| Line 379: | Line 429: | ||
else printf 'curl \033[0;31mnot found! \033[0m:(\n';fi | else printf 'curl \033[0;31mnot found! \033[0m:(\n';fi | ||
</syntaxhighlight> | </syntaxhighlight> | ||
- | |- | ||
|valign='top'| | |||
[[Minikube Systemd|Skipped » Find More » 👈]] | [[Minikube Systemd|Skipped » Find More » 👈]] | ||
|} | |||
==Kubernetes » Minikube » Tunnel » Create Service== | ==Kubernetes » Minikube » Tunnel » Create Service== | ||
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | |||
!scope='col' style='text-align:left'| | |||
K8s » Minikube » Tunnel » Service | |||
|- | |||
|valign='top'| | |||
[[Cloud/Hetzner/AA#Kubernetes » Minikube » Tunnel » Create Service|Skipped » Find More 👉 Minikube » Tunnel » Systemd]] | [[Cloud/Hetzner/AA#Kubernetes » Minikube » Tunnel » Create Service|Skipped » Find More 👉 Minikube » Tunnel » Systemd]] | ||
---- | ---- | ||
[[Minikube MetalLB#MetalLB » Forward » Route|Skipped » Find More 👉 Minikube » MetalLB » Forward » Route]] | [[Minikube MetalLB#MetalLB » Forward » Route|Skipped » Find More 👉 Minikube » MetalLB » Forward » Route]] | ||
|} | |||
==Kubernetes » Minikube » Ingress » Apply Dashboard== | ==Kubernetes » Minikube » Ingress » Apply Dashboard== | ||
{|class='wikitable mw-collapsible' | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style=' | !scope='col' style='text-align:left' colspan='2'| | ||
K8s » Dashboard » Ingress » Apply | |||
|- | |- | ||
|valign='top'| | |valign='top' style='width:50%'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='bash'> | ||
export KUBECONFIG=${HOME}/.kube/shahed-ab-kubeconfig.yaml | export KUBECONFIG=${HOME}/.kube/shahed-ab-kubeconfig.yaml | ||
kubectl config get-contexts | kubectl config get-contexts | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign='top' style='width:50%'| | |||
[[K8s/Ingress#CoreDNS|Skipped » Find More 👉 K8s » CoreDNS]] | |||
---- | ---- | ||
<syntaxhighlight lang= | [[K8s/Ingress#Ingress » Dashboard|Skipped » Find More 👉 K8s » Dashboard]] | ||
|- | |||
|valign='top'| | |||
<syntaxhighlight style='margin:3px 0' lang='yaml' highlight='14-16,20,30" lin'> | |||
cat << YML | kubectl -n kubernetes-dashboard apply -f - | cat << YML | kubectl -n kubernetes-dashboard apply -f - | ||
--- | --- | ||
| Line 440: | Line 505: | ||
YML | YML | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign='top'| | |||
|} | |} | ||
==Kubernetes » Minikube » Host » Ingress » Apache & Nginx== | ==Kubernetes » Minikube » Host » Ingress » Apache & Nginx== | ||
{|class='wikitable mw-collapsible' | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
!scope='col' style=' | !scope='col' style='text-align:left' colspan='3'| | ||
K8s » Host » Apache & Nginx » Ingress | |||
|- | |- | ||
|align='center'| | |style='width:34%' align='center'| | ||
[[Cloud/Shahed/AB#LB » HAProxy » Frontend » HTTP Config|Find More 👉 HAProxy » Frontend » HTTP]] | [[Cloud/Shahed/AB#LB » HAProxy » Frontend » HTTP Config|Find More 👉 HAProxy » Frontend » HTTP]] | ||
|align='center'| | |style='width:33%' align='center'| | ||
[[K8s/Service#Internal|Find More 👉 K8s » Service » Internal]] | [[K8s/Service#Internal|Find More 👉 K8s » Service » Internal]] | ||
|align='center'| | |style='width:33%' align='center'| | ||
[[K8s/Ingress#Internal|Find More 👉 K8s » Ingress » Internal]] | [[K8s/Ingress#Internal|Find More 👉 K8s » Ingress » Internal]] | ||
|- | |- | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='yaml'> | ||
cat << YML | kubectl apply -n internal -f - | cat << YML | kubectl apply -n internal -f - | ||
--- | --- | ||
| Line 493: | Line 557: | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='yaml'> | ||
cat << YML | kubectl apply -n internal -f - | cat << YML | kubectl apply -n internal -f - | ||
--- | --- | ||
| Line 524: | Line 588: | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='yaml'> | ||
cat << YML | kubectl apply -n internal -f - | cat << YML | kubectl apply -n internal -f - | ||
--- | --- | ||
| Line 556: | Line 620: | ||
|- | |- | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='yaml'> | ||
cat << YML | kubectl apply -n internal -f - | cat << YML | kubectl apply -n internal -f - | ||
--- | --- | ||
| Line 589: | Line 653: | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='yaml' highlight='14,18'> | ||
cat << YML | kubectl apply -n internal -f - | cat << YML | kubectl apply -n internal -f - | ||
--- | --- | ||
| Line 622: | Line 686: | ||
|valign='top'| | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight style='margin:3px 0' lang='yaml' highlight='14,18'> | ||
cat << YML | kubectl apply -n internal -f - | cat << YML | kubectl apply -n internal -f - | ||
--- | --- | ||
| Line 657: | Line 721: | ||
==References== | ==References== | ||
{| | {|class='wikitable mw-collapsible' style='width:100%;margin:3px 0' | ||
|valign= | !scope='col' style='text-align:left' colspan='4'| | ||
References | |||
|- | |||
|valign='top' style='width:25%'| | |||
* [[Cloud/Hetzner/AA|Cloud » Hetzner » AA]] | * [[Cloud/Hetzner/AA|Cloud » Hetzner » AA]] | ||
* [[Cloud/Hetzner/AB|Cloud » Hetzner » AB]] | * [[Cloud/Hetzner/AB|Cloud » Hetzner » AB]] | ||
| Line 670: | Line 737: | ||
* [[Cloud/Shahed/AG|Cloud » Shahed » AG]] | * [[Cloud/Shahed/AG|Cloud » Shahed » AG]] | ||
|valign= | |valign='top' style='width:25%'| | ||
* [[Cloud/Shahed/AH|Cloud » Shahed » AH]] | * [[Cloud/Shahed/AH|Cloud » Shahed » AH]] | ||
* [[Cloud/Shahed/AI|Cloud » Shahed » AI]] | * [[Cloud/Shahed/AI|Cloud » Shahed » AI]] | ||
| Line 680: | Line 747: | ||
* [[Cloud/Shahed/VA|Cloud » Shahed » VA]] | * [[Cloud/Shahed/VA|Cloud » Shahed » VA]] | ||
|valign= | |valign='top' style='width:25%'| | ||
|valign= | |valign='top' style='width:25%'| | ||
|- | |- | ||
|valign='top'| | |||
|valign= | |||
* [[Minikube Ingress DNS| Minikube » Ingress » DNS]] | * [[Minikube Ingress DNS| Minikube » Ingress » DNS]] | ||
* [[Minikube Systemd|Minikube » Systemd]] | * [[Minikube Systemd|Minikube » Systemd]] | ||
| Line 700: | Line 764: | ||
* [[JQ Tool|JQ]] | * [[JQ Tool|JQ]] | ||
|valign= | |valign='top'| | ||
* [[K8s/Academia/Ingress|K8s » Academia » Ingress]] | * [[K8s/Academia/Ingress|K8s » Academia » Ingress]] | ||
* [[K8s/HAProxy/Ingress|K8s » HAProxy » Ingress]] | * [[K8s/HAProxy/Ingress|K8s » HAProxy » Ingress]] | ||
| Line 712: | Line 776: | ||
* [[K8s]] | * [[K8s]] | ||
|valign= | |valign='top'| | ||
* [[Helm/Prometheus Stack|Helm » Prometheus Stack]] | * [[Helm/Prometheus Stack|Helm » Prometheus Stack]] | ||
* [[Helm/Cert Manager|Helm » Cert Manager]] | * [[Helm/Cert Manager|Helm » Cert Manager]] | ||
| Line 724: | Line 788: | ||
* [[Helm/Redis|Helm » Redis]] | * [[Helm/Redis|Helm » Redis]] | ||
|valign= | |valign='top'| | ||
* [[Security/Container/Snyk|Security » Container » Snyk]] | * [[Security/Container/Snyk|Security » Container » Snyk]] | ||
* [[Security/Container/Trivy|Security » Container » Trivy]] | * [[Security/Container/Trivy|Security » Container » Trivy]] | ||
| Line 737: | Line 801: | ||
|- | |- | ||
|valign='top'| | |||
|valign= | |||
* [[Benchmarks]] | * [[Benchmarks]] | ||
* [[IPTables]] | * [[IPTables]] | ||
| Line 752: | Line 813: | ||
* [[Tar]] | * [[Tar]] | ||
|valign= | |valign='top| | ||
* [[Ubuntu Upgrade|Linux » Ubuntu Upgrade]] | * [[Ubuntu Upgrade|Linux » Ubuntu Upgrade]] | ||
* [[Linux Service Creation|Linux » Service Creation]] | * [[Linux Service Creation|Linux » Service Creation]] | ||
| Line 764: | Line 825: | ||
* [[K9s]] | * [[K9s]] | ||
|valign= | |valign='top'| | ||
* [[Cloudflare/WARP Host|Cloudflare » Host]] | * [[Cloudflare/WARP Host|Cloudflare » Host]] | ||
* [[Cloudflare]] | * [[Cloudflare]] | ||
| Line 776: | Line 837: | ||
* [[Port]] | * [[Port]] | ||
|valign= | |valign='top'| | ||
* [[Private Enterprise Number]] | * [[Private Enterprise Number]] | ||
* [[Chorke Academia Backup]] | * [[Chorke Academia Backup]] | ||
| Line 782: | Line 843: | ||
* [[Cloud/Cost/Chorke|Cost » Cloud » Chorke]] | * [[Cloud/Cost/Chorke|Cost » Cloud » Chorke]] | ||
* [[YouTube/Channel]] | * [[YouTube/Channel]] | ||
|} | |} | ||
Latest revision as of 16:13, 18 January 2026
ssh -qt shahed@shahed-ab.local bash
ssh -o 'PubkeyAuthentication=no' -qt shahed@shahed-ab.local bash
cat <<'EXE' | sudo bash
free -th && echo && systemd-analyze && echo
df -h && echo && lsblk && echo
swapon --show
EXE
|
ssh \
-i ${HOME}/.ssh/cid.chorke.org_ed25519 \
-qt shahed@shahed-ab.local bash
ssh \
-o 'IdentitiesOnly=yes'\
-i ${HOME}/.ssh/cid.chorke.org_ed25519 \
-qt shahed@shahed-ab.local bash
|
cat <<'EXE' | bash
mkdir -p ${HOME}/.ssh/
cat <<'INI' | tee -a ${HOME}/.ssh/authorized_keys >/dev/null
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDAIynnFVoAeticWIi7NfxaZLIS6PRVrntJBINsF/cW shahed.hossain+shahed.ab@chorke.org
INI
EXE
| |
WOL
|
WOL |
WOL » MAC » Find |
|---|---|
cat <<'EXE'| sudo bash
apt-get update;echo
apt list -a --upgradable;echo
apt-get install -y wakeonlan;echo
EXE
|
WOL_HOST='shahed-an.local'
ping -q -c5 "${WOL_HOST}" >/dev/null
WOL_IPV4="$(getent hosts "${WOL_HOST}"|awk '{print $1}')"
WOL_MACA="$(arp -n "${WOL_IPV4}"|awk 'NR==2 {print $3}')"
printf '\n%s » %s » %s\n' "${WOL_HOST}" "${WOL_IPV4}" "${WOL_MACA}"
|
| WOL » Shahed » AE | WOL » Shahed » AO |
wakeonlan 8c:c6:81:94:70:91
|
wakeonlan 60:eb:69:95:76:4a
|
| WOL » Shahed » AN | |
wakeonlan 84:47:09:3c:3e:0a
wakeonlan 84:47:09:3c:3e:09
|
Attach » NFS » Volume
|
smb » shahed-an.local » shahed-ab |
|---|
cat <<'EXE'| sudo bash
mkdir -p /var/all/backup
umount /var/all/backup
cat <<'FST'| tee -a /etc/fstab >/dev/null
# shahed-an » nfs » attach » syspool » 7.2tb
//shahed-an.local/syspool /var/all/backup cifs credentials=/etc/default/nfs-shahed-ab,uid=1000,gid=1000,file_mode=0440,dir_mode=0550,ro,mfsymlinks,nofail,x-systemd.automount,_netdev,soft 0 0
FST
systemctl daemon-reload
mount -a && dmesg|tail -20
EXE
|
cat <<'EXE'| sudo bash
mkdir -p /var/nfs/backup
umount /var/nfs/backup
cat <<'FST'| tee -a /etc/fstab >/dev/null
# shahed-an » nfs » attach » shahed-ab » 7.2tb
//shahed-an.local/shahed-ab /var/nfs/backup cifs credentials=/etc/default/nfs-shahed-ab,uid=1000,gid=1000,file_mode=0640,dir_mode=0750,rw,mfsymlinks,nofail,x-systemd.automount,_netdev,soft 0 0
FST
systemctl daemon-reload
mount -a && dmesg|tail -20
EXE
|
Cloudflare » VIRT
cat << INI | sudo tee /etc/systemd/system/warp0.service >/dev/null
[Unit]
Description=Cloudflared WARP Routing Virtual Interface
After=network.target
[Service]
Type=oneshot
ExecStart=/usr/sbin/ip link add warp0 type dummy
ExecStartPost=/usr/sbin/ip addr add 10.20.40.2/32 dev warp0
ExecStartPost=/usr/sbin/ip link set warp0 up
ExecStop=/usr/sbin/ip link delete warp0
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
INI
cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable --now warp0.service
systemctl status warp0.service
EXE
ip a
Cloudflare » Argo » Tunnel
wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -P ${HOME}/Downloads
sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-amd64.deb; sudo apt install -f
rm -rf ${HOME}/Downloads/cloudflared-linux-amd64.deb
cat <<'SYS' | sudo tee -a /etc/sysctl.conf >/dev/null
###################################################################
# Cloudflared Tunnel Private Network Config
# This config added by Chorke Academia, Inc
# ICMP Group ID Range 0 to 10,000 Users
net.ipv4.ping_group_range = 0 10000
# 208 KiB Default RX Buffer
net.core.rmem_default=212992
# 208 KiB Default TX Buffer
net.core.wmem_default=212992
# 8 MB Maximum RX Buffer
net.core.rmem_max=8388608
# 8 MB Maximum TX Buffer
net.core.wmem_max=8388608
SYS
sudo sysctl -p
LB » HAProxy » Install & Configure
sudo ufw status numbered
sudo iptables -S
cat << EXE | sudo bash
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow OpenSSH
ufw allow 8443/tcp
ufw allow in on lxdbr0
ufw route allow in on lxdbr0
ufw route allow out on lxdbr0
EXE
# on demand, not mandatory
cat << EXE | sudo bash
ufw allow from 192.168.49.2/32 to any port 8443 proto tcp
ufw allow from 10.20.0.0/24 to any port 8443 proto tcp
ufw allow from 10.20.13.0/24 to any port 8443 proto tcp
ufw allow from 10.20.31.0/24 to any port 8443 proto tcp
EXE
sudo ufw status numbered
sudo iptables -S
LB » HAProxy » Frontend » HTTP Config
|
HAProxy » Frontend » HTTP |
|---|
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg >/dev/null
# ##############################################################################
# http frontend config for *.chorke.org, *.chorke.com, *.shahed.biz
# this config added by chorke academia, inc
frontend fnt_shahed_biz
bind *:80
mode http
acl host-is-k8s-ab-shahed-shahed-biz hdr(host) -i k8s.ab.shahed.shahed.biz
acl host-is-apache-host-k8s-ops hdr(host) -i apache.host.k8s.ops
acl host-is-shahed-biz-ops hdr(host) -i shahed.biz.ops
acl host-is-host-k8s-ops hdr(host) -i host.k8s.ops
acl host-is-nginx-host-k8s-ops hdr(host) -i nginx.host.k8s.ops
acl host-is-minio-host-k8s-ops hdr(host) -i minio.host.k8s.ops
acl host-is-s3-minio-host-k8s-ops hdr(host) -i s3.minio.host.k8s.ops
acl host-is-id-host-k8s-ops hdr(host) -i id.finology.group.ops
use_backend bck_shahed_biz_shahed_ab_k8s if host-is-k8s-ab-shahed-shahed-biz
use_backend bck_shahed_biz_shahed_ab_apache2 if host-is-apache-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_apache2 if host-is-shahed-biz-ops
use_backend bck_shahed_biz_shahed_ab_apache2 if host-is-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_nginx if host-is-nginx-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_minio_web if host-is-minio-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_minio_api if host-is-s3-minio-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_oauth_web if host-is-id-host-k8s-ops
default_backend bck_shahed_biz_shahed_ab_k8s
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg /etc/haproxy/proxy-enabled/
|
LB » HAProxy » Frontend » HTTPS Config
|
HAProxy » Frontend » HTTPS |
|---|
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg >/dev/null
# ##############################################################################
# http frontend config for *.chorke.org, *.chorke.com, *.shahed.biz
# this config added by chorke academia, inc
frontend fnt_shahed_biz_ssl
bind *:443 ssl crt /etc/haproxy/certs/ab.shahed.shahed.biz.pem alpn h2,http/1.1 ssl-min-ver TLSv1.2 ssl-max-ver TLSv1.3
mode http
acl host-is-k8s-ab-shahed-shahed-biz hdr(host) -i k8s.ab.shahed.shahed.biz
acl host-is-apache-host-k8s-ops hdr(host) -i apache.host.k8s.ops
acl host-is-shahed-biz-ops hdr(host) -i shahed.biz.ops
acl host-is-host-k8s-ops hdr(host) -i host.k8s.ops
acl host-is-nginx-host-k8s-ops hdr(host) -i nginx.host.k8s.ops
acl host-is-minio-host-k8s-ops hdr(host) -i minio.host.k8s.ops
acl host-is-s3-minio-host-k8s-ops hdr(host) -i s3.minio.host.k8s.ops
use_backend bck_shahed_biz_shahed_ab_k8s if host-is-k8s-ab-shahed-shahed-biz
use_backend bck_shahed_biz_shahed_ab_apache2 if host-is-apache-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_apache2 if host-is-shahed-biz-ops
use_backend bck_shahed_biz_shahed_ab_apache2 if host-is-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_nginx if host-is-nginx-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_minio_web if host-is-minio-host-k8s-ops
use_backend bck_shahed_biz_shahed_ab_minio_api if host-is-s3-minio-host-k8s-ops
default_backend bck_shahed_biz_shahed_ab_k8s
backend bck_shahed_biz_shahed_ab_k8s
server shahed_ab_k8s 192.168.49.2:80
mode http
backend bck_shahed_biz_shahed_ab_apache2
server localhost_apache 127.0.0.1:2013
mode http
backend bck_shahed_biz_shahed_ab_nginx
server localhost_nginx 127.0.0.1:2015
mode http
backend bck_shahed_biz_shahed_ab_minio_web
server localhost_minio_web 127.0.0.1:9801
mode http
backend bck_shahed_biz_shahed_ab_minio_api
server localhost_minio_api 127.0.0.1:9800
mode http
backend bck_shahed_biz_shahed_ab_oauth_web
server localhost_oauth_web 127.0.0.1:9080
mode http
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg /etc/haproxy/proxy-enabled/
|
LB » HAProxy » Frontend » Kube API Config
|
LB » HAProxy » Frontend » Kube API Config |
|---|
cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg >/dev/null
# ##############################################################################
# tcp frontend config for 10.20.40.2:8443
# this config added by chorke academia, inc
frontend fnt_shahed_biz_shahed_ab
bind *:8443
mode tcp
option tcplog
option dontlognull
default_backend bck_shahed_biz_shahed_ab
backend bck_shahed_biz_shahed_ab
server shahed_ab_k8s 192.168.49.2:8443
mode tcp
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg /etc/haproxy/proxy-enabled/
vim /etc/haproxy/proxy-scripts/reconfig
/etc/haproxy/proxy-scripts/reconfig
systemctl disable --now minikube.service
vim /etc/systemd/system/minikube.service
# append --apiserver-ips=10.20.40.2 with ExecStart
systemctl enable --now minikube.service
ssh -qt shahed@shahed-ab.local bash
sudo -i -u minikube
# run this script on the minikube host. copy the generated output and
# execute it on your local machine's terminal to enable monitoring of
# the minikube cluster.
cat << LOG
$(cat <<'YML'| tee ~/.kube/shahed-ab-kubeconfig.yaml >/dev/null
apiVersion: v1
kind: Config
clusters:
- name: minikube
cluster:
server: https://10.20.40.2:8443
certificate-authority: ../.minikube/ca.crt
contexts:
- name: shahed-ab
context:
cluster: minikube
namespace: default
user: minikube
users:
- name: minikube
user:
client-certificate: ../.minikube/profiles/minikube/client.crt
client-key: ../.minikube/profiles/minikube/client.key
current-context: shahed-ab
YML
)
cat <<'YML'| tee ~/.kube/shahed-ab-kubeconfig.yaml >/dev/null
$(export KUBECONFIG=${HOME}/.kube/shahed-ab-kubeconfig.yaml;\
kubectl config view --flatten;\
rm ${KUBECONFIG};\
)
YML
chmod 600 ~/.kube/shahed-ab-kubeconfig.yaml
ls -alh ~/.kube/
export KUBECONFIG=~/.kube/shahed-ab-kubeconfig.yaml
kubectl config get-contexts
kubectl get namespace
$(echo -n)
LOG
|
Kubernetes » Minikube » Install & Configure
|
K8s » Minikube » Install » Configure |
|---|
if [ -x "$(command -v curl)" ];then \
sudo apt -qq update;\
export MINIKUBE_CPU_USE=17;\
export MINIKUBE_RAM_USE=27600;\
export MINIKUBE_INGRESS_HOST='k8s.ab.shahed.shahed.biz';\
bash <(curl -s 'https://cdn.chorke.org/exec/cli/bash/install/minikube/1.0.01-ubuntu-24.04-amd64.sh.txt');\
else printf 'curl \033[0;31mnot found! \033[0m:(\n';fi
|
Kubernetes » Minikube » Tunnel » Create Service
|
K8s » Minikube » Tunnel » Service |
|---|
|
Skipped » Find More 👉 Minikube » Tunnel » Systemd |
Kubernetes » Minikube » Ingress » Apply Dashboard
|
K8s » Dashboard » Ingress » Apply | |
|---|---|
export KUBECONFIG=${HOME}/.kube/shahed-ab-kubeconfig.yaml
kubectl config get-contexts
|
Skipped » Find More 👉 K8s » CoreDNS |
cat << YML | kubectl -n kubernetes-dashboard apply -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kubernetes-dashboard
namespace: kubernetes-dashboard
labels:
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/name: kubernetes-dashboard
app.kubernetes.io/instance: kubernetes-dashboard
annotations:
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/auth-realm: Authentication Required
nginx.ingress.kubernetes.io/auth-secret: kubernetes-dashboard-auth
spec:
ingressClassName: nginx
rules:
- host: k8s.ab.shahed.shahed.biz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 80
- host: www.k8s.ops
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 80
YML
|
|
Kubernetes » Minikube » Host » Ingress » Apache & Nginx
|
K8s » Host » Apache & Nginx » Ingress | ||
|---|---|---|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: haproxy
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: host.k8s.ops
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://host.k8s.ops &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: apache
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: apache.host.k8s.ops
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://apache.host.k8s.ops &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: nginx.host.k8s.ops
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://nginx.host.k8s.ops &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: shahed
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
spec:
ingressClassName: nginx
rules:
- host: shahed.biz.ops
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://shahed.biz.ops &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio-web
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
ingressClassName: nginx
rules:
- host: minio.host.k8s.ops
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://minio.host.k8s.ops &>/dev/null &
|
cat << YML | kubectl apply -n internal -f -
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio-api
namespace: internal
labels:
app.kubernetes.io/name: host
app.kubernetes.io/version: 1.0.0
app.kubernetes.io/instance: host
app.kubernetes.io/managed-by: kubectl
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
spec:
ingressClassName: nginx
rules:
- host: s3.minio.host.k8s.ops
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: host
port:
number: 80
YML
xdg-open http://s3.minio.host.k8s.ops &>/dev/null &
|
References
|
References | |||
|---|---|---|---|