Thursday, 1 August 2024

Kubernetes easy installation guide

 Install Kubernetes guide:



After lots of research, I've found a easy to follow tutorial to install Kubernetes cluster. Here's the link to the video: 

https://www.youtube.com/watch?v=I9goyp8mWfs

https://www.itsgeekhead.com/tuts/kubernetes-129-ubuntu-22-04-3/



UBUNTU SERVER LTS 24.04.0 - https://ubuntu.com/download/server

KUBERNETES 1.30.1         - https://kubernetes.io/releases/

CONTAINERD 1.7.18         - https://containerd.io/releases/

RUNC 1.2.0-rc.1               - https://github.com/opencontainers/runc/releases

CNI PLUGINS 1.5.0         - https://github.com/containernetworking/plugins/releases

CALICO CNI 3.28.0         - https://docs.tigera.io/calico/3.27/getting-started/kubernetes/quickstart


3 NODES, 2 vCPU, 8 GB RAM, 50GB Disk EACH

k8s-control   10.10.10.2

k8s-01         10.10.10.3

k8s-02         10.10.10.4




### ALL:


sudo su


printf "\n10.10.10.2 k8s-control\n10.10.10.3 k8s-1\n10.10.10.4 k8s-1\n\n" >> /etc/hosts


printf "overlay\nbr_netfilter\n" >> /etc/modules-load.d/containerd.conf


modprobe overlay

modprobe br_netfilter


printf "net.bridge.bridge-nf-call-iptables = 1\nnet.ipv4.ip_forward = 1\nnet.bridge.bridge-nf-call-ip6tables = 1\n" >> /etc/sysctl.d/99-kubernetes-cri.conf


sysctl --system


wget https://github.com/containerd/containerd/releases/download/v1.7.18/containerd-1.7.18-linux-amd64.tar.gz -P /tmp/

tar Cxzvf /usr/local /tmp/containerd-1.7.18-linux-amd64.tar.gz

wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service -P /etc/systemd/system/

systemctl daemon-reload

systemctl enable --now containerd


wget https://github.com/opencontainers/runc/releases/download/v1.2.0-rc.1/runc.amd64 /tmp/

install -m 755 /tmp/runc.amd64 /usr/local/sbin/runc


wget https://github.com/containernetworking/plugins/releases/download/v1.5.0/cni-plugins-linux-amd64-v1.5.0.tgz -P /tmp/

mkdir -p /opt/cni/bin

tar Cxzvf /opt/cni/bin /tmp/cni-plugins-linux-amd64-v1.5.0.tgz


mkdir -p /etc/containerd

containerd config default | tee /etc/containerd/config.toml   <<<<<<<<<<< manually edit and change SystemdCgroup to true (not systemd_cgroup)

vi /etc/containerd/config.toml

systemctl restart containerd



swapoff -a  <<<<<<<< just disable it in /etc/fstab instead


apt-get update

apt-get install -y apt-transport-https ca-certificates curl gpg


mkdir -p -m 755 /etc/apt/keyrings

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg

echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list



apt-get update


reboot


sudo su


  apt-get update

  apt-get install -y kubelet kubeadm kubectl

  apt-mark hold kubelet kubeadm kubectl


# check swap config, ensure swap is 0

free -m



### ONLY ON CONTROL NODE .. control plane install:

                kubeadm init --pod-network-cidr 10.10.0.0/16 --kubernetes-version 1.30.1 --node-name k8s-control


                export KUBECONFIG=/etc/kubernetes/admin.conf


                # add Calico 3.28.0 CNI

                kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.28.0/manifests/tigera-operator.yaml

                wget https://raw.githubusercontent.com/projectcalico/calico/v3.28.0/manifests/custom-resources.yaml

                vi custom-resources.yaml <<<<<< edit the CIDR for pods if its custom

                kubectl apply -f custom-resources.yaml


                # get worker node commands to run to join additional nodes into cluster

                kubeadm token create --print-join-command

                ###



### ONLY ON WORKER nodes

Run the command from the token create output above

Sunday, 9 June 2024

How to delete Local_lvm storage and resize local storage to use full disk space?

1) Delete the Local_lvm from othe proxmox interface . "datacenter" > Storage. Select the local_lvm storage and click "Remove" button.

2) Change the local directory content options by clicking "Edit" button and select Disk Image (and/or Container and snippets)


3) Now open the "pve" or proxmox server "shell"  


     Check the volume group space using one of the commands: "vgs" or "lvs"

     Extend Logical volume(LV): If you have free space on the "pve"  volume group, you can extend the logical volume (LV) for the root file system. Using the following command add all the available space. 

 Now run these commands 

lvremove /dev/pve/data

lvresize -l +100%FREE /dev/pve/root

resize2fs /dev/mapper/pve-root



:) All done. Verify the increased local storage from 100gb to 500gb: 



Thursday, 16 May 2024

Ssh to linux machine without using password



To SSH connect to a linux machine, a raspberry pi in my example from a PC without using a username and password, you can set up SSH key-based authentication. This method involves generating a public and private key pair on your PC and copying the public key to the Raspberry Pi. Here’s a step-by-step guide to do this:

Step 1: Generate SSH Key Pair on Your PC

  1. Open a terminal on your PC.

    • On Linux or macOS, open the terminal.
    • On Windows, you can use PowerShell or Git Bash.
  2. Generate the key pair:

    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    • The -t rsa -b 4096 options specify the type of encryption (RSA) and the key size (4096 bits).
    • The -C option adds a comment (usually your email) to the key for identification purposes.
  3. Follow the prompts:

    • When prompted to "Enter file in which to save the key," you can press Enter to accept the default location (usually ~/.ssh/id_rsa).
    • Choose whether to set a passphrase. A passphrase adds an extra layer of security, but for passwordless login, you can leave it empty by pressing Enter.

Step 2: Copy the Public Key to the Raspberry Pi

  1. Transfer the public key:

    • Use the ssh-copy-id command to copy the public key to your Raspberry Pi. Replace pi@raspberrypi with your actual username and Raspberry Pi hostname or IP address:
      ssh-copy-id pi@raspberrypi
    • If you haven't changed the default user, pi is the username, and raspberrypi is the hostname. If you've changed them, use your custom values.
  2. Enter the password:

    • You will need to enter the password for the Raspberry Pi user one last time. After this, the public key will be added to the ~/.ssh/authorized_keys file on the Raspberry Pi.

Step 3: Connect to the Raspberry Pi Using SSH

  1. Initiate the SSH connection:
    ssh pi@raspberrypi
    • You should now be able to connect without being prompted for a password.

Step 4: (Optional) Adjust SSH Configuration for Convenience

  1. Edit your SSH config file:

    • Open the SSH config file in a text editor:
      nano ~/.ssh/config
    • Add the following configuration:
      Host raspberrypi HostName raspberrypi User pi IdentityFile ~/.ssh/id_rsa
    • Adjust HostName and User according to your setup.
  2. Save and exit:

    • Press Ctrl+X to exit, Y to confirm changes, and Enter to save.
  3. Now you can simply connect using:

    ssh raspberrypi

Troubleshooting Tips

  • Ensure SSH is enabled on the Raspberry Pi: You can enable SSH via the Raspberry Pi configuration tool or by placing an empty file named ssh (without any extension) on the boot partition of the SD card.
  • Correct file permissions: Ensure that your .ssh directory and files have the correct permissions:
    chmod 700 ~/.ssh chmod 600 ~/.ssh/id_rsa chmod 644 ~/.ssh/id_rsa.pub chmod 600 ~/.ssh/authorized_keys

By following these steps, you should be able to SSH into your Raspberry Pi from your PC without needing to enter a username and password each time.

How to use User-secret to protect secrets in dotnet application.

    Using user secrets in a .NET Web API project to securely manage your database password is an excellent practice. It keeps sensitive info...