Cloud/Shahed/AB: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
← Older editNewer edit →
VisualWikitext
Line 244: Line 244:
* [[Cloud/Shahed/AL|Cloud » Shahed » AL]]
* [[Cloud/Shahed/AL|Cloud » Shahed » AL]]
* [[Cloud/Shahed/VA|Cloud » Shahed » VA]]
* [[Cloud/Shahed/VA|Cloud » Shahed » VA]]
|valign="top"|


|valign="top"|
|valign="top"|
Line 250: Line 252:


|-
|-
| colspan="3" |
|colspan="4"|
----
----
|-
|-
|valign="top"|
|valign="top"|
* [[OpenLDAP/BackSQL|OpenLDAP » BackSQL]]
* [[Minikube Ingress DNS| Minikube » Ingress » DNS]]
* [[Google Cloud CLI]]
* [[Minikube Systemd|Minikube » Systemd]]
* [[EKSctl|AWS » EKS » CLI]]
* [[Minikube MetalLB|Minikube » MetalLB]]
* [[Swap Space]]
* [[Minikube Registry|Minikube » Registry]]
* [[Online App]]
* [[Minikube Tunnel|Minikube » Tunnel]]
* [[OpenLDAP]]
* [[Minikube]]
* [[Terraform]]
* [[CIDR]]
* [[AWS CLI]]
* [[UFW]]
* [[CLI App]]
* [[YQ Tool|YQ]]
* [[Kubectl]]
* [[JQ Tool|JQ]]


|valign="top"|
|valign="top"|
* [[Cloudflare/WARP Host|Cloudflare » Host]]
* [[K8s/Academia/Ingress|K8s » Academia » Ingress]]
* [[Cloudflare]]
* [[K8s/HAProxy/Ingress|K8s » HAProxy » Ingress]]
* [[HAProxy]]
* [[K8s/Apache/Ingress|K8s » Apache » Ingress]]
* [[Jasypt]]
* [[K8s/Nginx/Ingress|K8s » Nginx » Ingress]]
* [[CURL]]
* [[K8s/Swiss Knife|K8s » Swiss Knife]]
* [[K8s/Storage|K8s » Storage]]
* [[K8s/Ingress|K8s » Ingress]]
* [[K8s/Service|K8s » Service]]
* [[K8s/Run|K8s » Run]]
* [[K8s]]
* [[K8s]]
* [[K9s]]


|valign="top"|
|valign="top"|
* [[Helm/Prometheus Stack|Helm » Prometheus Stack]]
* [[Helm/Cert Manager|Helm » Cert Manager]]
* [[Helm/Elasticsearch|Helm » Elasticsearch]]
* [[Minikube MetalLB|Helm » MetalLB]]
* [[Helm/Jenkins|Helm » Jenkins]]
* [[Helm/GitLab|Helm » GitLab]]
* [[Helm/Nexus|Helm » Nexus]]
* [[Helm/MinIO|Helm » MinIO]]
* [[Helm/Kafka|Helm » Kafka]]
* [[Helm/Redis|Helm » Redis]]
|valign="top"|
* [[Security/Container/Snyk|Security » Container » Snyk]]
* [[Security/Container/Trivy|Security » Container » Trivy]]
* [[Security/Certificate/TLS|Security » Certificate » TLS]]
* [[Java Key Store|Security » Java » Key Store]]
* [[Java Mail API|Security » Java » Mail API]]
* [[Security/Password|Security » Password]]
* [[ZA Proxy|Security » ZA Proxy]]
* [[Security/Domain|Security » Domain]]
* [[Jasypt|Security » Jasypt]]
* [[HTTP Security|Security » HTTP]]


|-
|-
| colspan="3" |
|colspan="4"|
----
----
|-
|-
|valign="top"|
|valign="top"|
* [[Ubuntu/Raspberry Pi]]
* [[Benchmarks]]
* [[Ubuntu Upgrade]]
* [[IPTables]]
* [[ActiveMQ]]
* [[Kubectl]]
* [[Minikube]]
* [[Keycloak]]
* [[Hadoop]]
* [[Jenkins]]
* [[WildFly]]
* [[Spark]]
* [[MinIO]]
 
|valign="top"|
* [[Alpine/Morefine]]
* [[Ruby on Rails]]
* [[TensorFlow]]
* [[Homebrew]]
* [[Linuxbrew]]
* [[PyEnv]]
* [[PyEnv]]
* [[CURL]]
* [[TMux]]
* [[TMux]]
* [[7Zip]]
* [[7Zip]]
* [[Linux Containers|LXC]]
* [[Zip]]
* [[Zip]]
* [[Tar]]
* [[Tar]]
Line 306: Line 321:
|valign="top"|
|valign="top"|
* [[Linux Service Creation]]
* [[Linux Service Creation]]
* [[Bash/Port/Forward]]
* [[Linux User Creation]]
* [[Linux Mount Drive]]
* [[Linux Mount Drive]]
* [[YouTube/Channel]]
* [[YouTube/Channel]]
* [[Bash/Network]]
* [[Ubuntu Upgrade]]
* [[Bash/RAM]]
* [[EKSctl|CLI » AWS » EKS]]
* [[Bash/CPU]]
* [[AWS CLI|CLI » AWS]]
* [[Bash/Port]]
* [[Google Cloud CLI|CLI » GCP]]
* [[CLI App|CLI]]
* [[K9s]]
 
|valign="top"|
* [[Cloudflare/WARP Host|Cloudflare » Host]]
* [[Cloudflare]]
* [[Terraform]]
* [[ActiveMQ]]
* [[Keycloak]]
* [[Hadoop]]
* [[Jenkins]]
* [[Spark]]
* [[Bash]]
* [[Bash]]
* [[Port]]
* [[Port]]
|valign="top"|
* [[Private Enterprise Number]]
* [[Chorke Academia Backup]]
* [[Cloud Computing Cost]]
* [[Swap Space]]


|-
|-
|colspan="3"|
|colspan="4"|
----
----
|-
|-
|valign="top"|
|valign="top"|
* [[Private Enterprise Number]]
* [[Linux User Creation]]
* [[Linux Containers]]
* [[PostgreSQL]]
* [[IPTables]]
* [[MySQL]]
* [[CIDR]]
* [[UFW]]
* [[YQ Tool|YQ]]
* [[JQ Tool|JQ]]


|valign="top"|
|valign="top"|
* [[Chorke Academia Backup]]
 
* [[Cloud Computing Cost]]
|valign="top"|
* [[Cloud/Cost/Chorke|Cloud » Cost » Chorke]]
* [[Helm/PostgreSQL|Helm » PostgreSQL]]
* [[Helm/MariaDB|Helm » MariaDB]]
* [[Benchmarks]]
* [[Online App]]
* [[Helm]]


|valign="top"|
|valign="top"|


|}
|}

Revision as of 07:10, 16 June 2025

SSH

ssh -qt shahed@shahed_ab.local bash

cat <<'EXE' | sudo bash
free -th && echo && systemd-analyze && echo
df -h    && echo && lsblk && echo
swapon --show
EXE

WOL

cat <<'EXE'| sudo bash
apt-get update;echo
apt list -a --upgradable;echo
apt-get install -y wakeonlan;echo
EXE

WOL » MAC » Find

WOL_HOST='shahed-an.local'
ping -q -c5 "${WOL_HOST}" >/dev/null
WOL_IPV4="$(getent hosts "${WOL_HOST}"|awk '{print $1}')"
WOL_MACA="$(arp -n "${WOL_IPV4}"|awk 'NR==2 {print $3}')"
printf '\n%s » %s » %s\n' "${WOL_HOST}" "${WOL_IPV4}" "${WOL_MACA}"

WOL » Shahed » AE

wakeonlan 8c:c6:81:94:70:91

WOL » Shahed » AN

wakeonlan 84:47:09:3c:3e:0a
wakeonlan 84:47:09:3c:3e:09

Cloudflare » VIRT

cat << INI | sudo tee /etc/systemd/system/warp0.service >/dev/null
[Unit]
Description=Cloudflared WARP Routing Virtual Interface
After=network.target
[Service]
Type=oneshot
ExecStart=/usr/sbin/ip link add warp0 type dummy
ExecStartPost=/usr/sbin/ip addr add 10.20.40.2/32 dev warp0
ExecStartPost=/usr/sbin/ip link set warp0 up
ExecStop=/usr/sbin/ip link delete warp0
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
INI

cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable --now warp0.service
systemctl status       warp0.service
EXE

ip a

Cloudflare » Argo » Tunnel

wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -P ${HOME}/Downloads
sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-amd64.deb; sudo apt install -f
      rm -rf ${HOME}/Downloads/cloudflared-linux-amd64.deb

cat <<'SYS' | sudo tee -a /etc/sysctl.conf >/dev/null

###################################################################
# Cloudflared Tunnel Private Network Config
# This config added by Chorke Academia, Inc
# ICMP Group ID Range 0 to 10,000 Users
net.ipv4.ping_group_range = 0 10000

# 208 KiB Default RX Buffer
net.core.rmem_default=212992

# 208 KiB Default TX Buffer
net.core.wmem_default=212992

# 8 MB Maximum RX Buffer
net.core.rmem_max=8388608

# 8 MB Maximum TX Buffer
net.core.wmem_max=8388608

SYS

sudo sysctl -p

Skipped » Find More » 👈

LB » HAProxy » Install & Configure

Skipped » Find More » 👈 

sudo ufw status numbered
sudo iptables -S

cat << EXE | sudo bash
ufw       allow 80/tcp
ufw       allow 443/tcp
ufw       allow OpenSSH
ufw       allow 8443/tcp
ufw       allow in  on lxdbr0
ufw route allow in  on lxdbr0
ufw route allow out on lxdbr0
EXE

sudo ufw status numbered
sudo iptables -S

LB » HAProxy » Frontend » HTTP Config

cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg >/dev/null

# ##############################################################################
# http frontend config for *.chorke.org, *.chorke.com, *.shahed.biz
# this config added by chorke academia, inc

frontend           fnt_shahed_biz
   bind            *:80
   mode            http

   acl             host-is-k8s-ab-shahed-shahed-biz     hdr(host) -i k8s.ab.shahed.shahed.biz

   use_backend     bck_shahed_biz_shahed_ab_k8s         if host-is-k8s-ab-shahed-shahed-biz
   default_backend bck_shahed_biz_shahed_ab_k8s

backend            bck_shahed_biz_shahed_ab_k8s
   server          shahed_ab_k8s 192.168.49.2:80
   mode            http
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-http-all.cfg /etc/haproxy/proxy-enabled/

LB » HAProxy » Frontend » Kube API Config

cat <<'CFG'| sudo tee /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg >/dev/null

# ##############################################################################
# tcp frontend config for 10.20.40.2:8443
# this config added by chorke academia, inc

frontend           fnt_shahed_biz_shahed_ab
   bind            *:8443
   mode            tcp
   option          tcplog
   option          dontlognull
   default_backend bck_shahed_biz_shahed_ab

backend            bck_shahed_biz_shahed_ab
   server          shahed_ab_k8s 192.168.49.2:8443
   mode            tcp
CFG
sudo ln -s /etc/haproxy/proxy-configs/shahed.biz-tcp-kube.cfg /etc/haproxy/proxy-enabled/

vim /etc/haproxy/proxy-scripts/reconfig
    /etc/haproxy/proxy-scripts/reconfig

systemctl disable --now minikube.service
vim /etc/systemd/system/minikube.service
# append --apiserver-ips=10.20.40.1 with ExecStart
systemctl enable --now minikube.service

ssh -qt shahed@shahed_ab.local bash
sudo -i -u minikube

# run this script on the minikube host. copy the generated output and
# execute it on your local machine's terminal to enable monitoring of
# the minikube cluster.

cat << LOG
$(cat <<'YML'| tee ~/.kube/shahed-ab-kubeconfig.yaml >/dev/null
apiVersion: v1
kind: Config
clusters:
- name: minikube
  cluster:
    server: https://10.20.40.2:8443
    certificate-authority: /home/system/minikube/.minikube/ca.crt

contexts:
- name: shahed-ab
  context:
    cluster: minikube
    namespace: default
    user: minikube

users:
- name: minikube
  user:
    client-certificate: /home/system/minikube/.minikube/profiles/minikube/client.crt
    client-key: /home/system/minikube/.minikube/profiles/minikube/client.key

current-context: shahed-ab
YML
)

cat <<'YML'| tee ~/.kube/shahed-ab-kubeconfig.yaml >/dev/null
$(export KUBECONFIG=${HOME}/.kube/shahed-ab-kubeconfig.yaml;\
kubectl config view --flatten;\
rm ${KUBECONFIG};\
)
YML

chmod 600 ~/.kube/shahed-ab-kubeconfig.yaml
  ls -alh ~/.kube/

export KUBECONFIG=~/.kube/shahed-ab-kubeconfig.yaml
kubectl config get-contexts
kubectl get    namespace
$(echo -n)
LOG

References

Retrieved from "https://wiki.chorke.org/index.php?title=Cloud/Shahed/AB&oldid=14907"