Tiernan's Comms Closet networking

Day 21 of #100daysofhomelab

January 25, 2023 tiernano

0 Comments

Day 21 (slightly late, forgot to post this last night) of #100daysofhomelab and its a links day.

on a more different note, my Mikrotik RB5009UG+S+IN is finally on its way! Hopefully will have it next week! Happy days!

day 10 of #100daysofhomelab

January 12, 2023 tiernano

0 Comments

Day 10 of #100daysofhomelab and its mostly updates and monitoring.

Mikrotik released the stable version of 7.7 today. I have upgraded both my CHRs and so far, so good!
Even though my Kubernetes stuff failed (spectacularly) I am still reading about it.
Mastodon on K3s – Part 1 (zaher.dev)
Mastodon on K3s – Part 2 (zaher.dev)
Mastodon on K3s – Part 3 (zaher.dev)
MinIO | MinIO for Kubernetes
Deploy a MinIO Tenant — MinIO Object Storage for Kubernetes
Kubernetes Volumes Guide – Examples for NFS and Persistent Volume – Kubernetes Book (matthewpalmer.net)
Kubernetes Storage — Part 1 — NFS complete tutorial | by Saeid Bostandoust | ITNEXT

I think my next plan for the Kubernetes cluster is to rebuild the VMs and start from scratch. Currently, they ranged from 2-4 cores and 4-8Gb RAM. They also had a single disk on them and used an Ubuntu 22.04 cloud image. I think the plan going forward is to make sure each has similar RAM and Cores, none are going on the smaller VM Hosts I have, and I will be adding a new disk just for storage. Looks like Minio might work for me… More testing and reading are required though.

Day 2 of #100daysofhomelab

January 4, 2023 tiernano

0 Comments

Day 2 of #100daysofhomelab and more messing with Kubernetes… So far, I have built, torn down, rebuilt and torn down a second time… and now building for a third time! Techno Tims Ansible scripts for the Win! A couple of notes for today:

the script uses K3s version 1.24.8-k3s1. at some stage yesterday I tried changing this to 1.26.0-k3s1, the latest version from the K3s GitHub page… This was a bad idea. Rancher does not like this, and, well, I don’t know what I am doing, so I want to see what Rancher does…
ideally, you would have multiple master nodes, but, me being the lazy git that I am, only set up 1… but it does look like it could be changeable later on…
I have a total of 6 VMs running my K3S cluster: 3 are 4 Cores with 8GB RAM running on GodBoxV2, which is now running Proxmox. The other 3 are each running on my HP Micro Server, the Quad 2.5Gb Celeron Box and an 8th Gen Intel NUC… each is given 2 cores and 4GB RAM. That gives me a total of (roughly) 18 cores and 36GB RAM. Each VM has around 50 GB of storage and using Longhorn, I have around 250GB of space (master does not seem to contribute space). Replicas are set to 3, so not quite a full 250GB.
Why Kubernetes? Well, I have 2 VMs currently running my fleet of docker containers. I have lost count of how many i actually have. So, my plan is to use Kubernetes to move all them from those single docker boxes, and have them more distributed and more HA. This will allow me to move stuff around easier, or at least i think it will… At the very least, i get to play with new tech! 🙂

More work on the cluster is required. This blog is hosted in-house on one of the docker instances… Hopefully, at some stage, it will be moved to the K3s cluster! That would be the first major move!

Day 1 of #100daysofhomelab

January 3, 2023 tiernano

0 Comments

I have decided to start my #100daysofhomelab journey again, so today is day 1. I have been working on a K3s cluster in the house, and so far, I have to start again… going to rebuild it again tomorrow at some stage…

Lots of Links

some notes for myself:

Service Account for Dashboard

to create the Service account, create a file, ca.yml, and enter the following:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: <username>
  namespace: kube-system

next, create a file called cluster-role-binding.yml with the following:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: <username>
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: <username>
  namespace: kube-system

make sure username matches!

run the following commands:

kubectl apply -f sa.yml

kubectl apply -f cluster-role-binding.yml

kubectl -n kube-system create token <username>

Installing OpenSCSI and NFS (required for Longhorn) with Ansible

Ansible Script

---
- hosts: k3s
  become: true
  
  tasks:
  - name: Update and upgrade apt packages
    become: true
    apt:
      upgrade: yes
      update_cache: yes
      cache_valid_time: 600 
  - name: install packages
    become: true
    apt: 
      pkg:
      - nfs-common
      - open-iscsi

  - name: Make sure open-iscsi is enabled and running
    ansible.builtin.systemd:
      enabled: true
      state: started
      name: open-iscsi

Connecting to my car over ZeroTier

November 9, 2020 tiernano

1 Comment

I use ZeroTier on my network for a good few things, including internal network peering between BGP VMs, management of machines, and now, connecting to my car over LTE. This is one of those posts that sounds silly, but is very handy! First, the parts list:

Car…
3G/4G/5G modem of some sort. I am using a Huawei Wingle… Can be used without the Router below, but I wanted Zerotier, so I have it in modem only mode…
A router that supports Zerotier. I am using a modified TP-Link TL-WR703N upgraded to 16MB ROM and 64MB RAM. This is required for newer OpenWRT builds
a dashcam that connects over Wifi. I am using a BlackVue DR750S-2CH
Latest ROOter software from Of Modems and Men
Patients…

After installing the the latest copy of ROOter on the TPLink (or router of your choice) and getting the modem configured correctly (this took a while) you need to install the Zerotier software though the dashboard. Once installed, I joined my Zerotier network using the CLI (SSH into the router) and the approved it though the my.zerotier.com dashboard. Once its approved and connected, you can now go to the Zerotier IP and get to the router directly. From here, you can either setup a route in Zerotier to point at the internal network behind the router, or, in my case, setup a SSH tunnel to the dashcam. I found the IP given to the dashcam and used SSH forwarding to get to it. Finally, i used the URLs from Digital-Nebula’s hackview repo to get to the different URLs. I use this to download stuff like GPS logs, emergency videos, etc. I have to clean up some scripts at some stage for this, and plan to upload them at some stage.

If anyone has any questions, leave a comment!