diff options
| -rw-r--r-- | about/novels.gmi | 7 | ||||
| -rw-r--r-- | about/resources.gmi | 185 | ||||
| -rw-r--r-- | gemfeed/2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi | 10 | ||||
| -rw-r--r-- | gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-3.gmi | 6 | ||||
| -rw-r--r-- | gemfeed/atom.xml | 12 | ||||
| -rw-r--r-- | gemfeed/f3s-kubernetes-with-freebsd-part-4.gmi | 261 | ||||
| -rw-r--r-- | index.gmi | 2 | ||||
| -rw-r--r-- | uptime-stats.gmi | 2 |
8 files changed, 376 insertions, 109 deletions
diff --git a/about/novels.gmi b/about/novels.gmi index f94c4d23..97cbf0a3 100644 --- a/about/novels.gmi +++ b/about/novels.gmi @@ -14,7 +14,6 @@ * ⇢ ⇢ ⇢ Other authors * ⇢ ⇢ Currently reading * ⇢ ⇢ ⇢ Andreas Brandhorst -* ⇢ ⇢ ⇢ David Reimer * ⇢ ⇢ Unread books already in my shelf * ⇢ ⇢ ⇢ Alastair Reynolds * ⇢ ⇢ ⇢ Andreas Brandhorst @@ -97,6 +96,7 @@ _-" . ' + . . ,//////0\ | /00HHHHHHHMMMMM * 2022 - Die Anomalie in der Finsternis - Die Wächter des Wissens - Band 1 (german), (Audiobook) * 2022 - Der dunkle Reisende - Die Wächter des Wissens - Band 2 (german), (Audiobook) * 2022 - Das Signal der Schöpfer - Die Wächter des Wissens - Band 3 (german), (Audiobook) +* 2022 - Das Ende des Universums - Die Wächter des Wissens - Band 4 (german), (Audiobook) ### Ian Banks @@ -122,12 +122,9 @@ _-" . ' + . . ,//////0\ | /00HHHHHHHMMMMM ### Andreas Brandhorst +* 2023 - Oxygen: Welt ohne Sauerstoff, Audiobook (german) * 2024 - Der Riss (german) -### David Reimer - -* 2022 - Das Ende des Universums - Die Wächter des Wissens - Band 4 (german), (Audiobook) - ## Unread books already in my shelf ### Alastair Reynolds diff --git a/about/resources.gmi b/about/resources.gmi index 5af5c225..13a15b1c 100644 --- a/about/resources.gmi +++ b/about/resources.gmi @@ -35,100 +35,100 @@ You won't find any links on this site because, over time, the links will break. In random order: -* Funktionale Programmierung; Peter Pepper; Springer -* Think Raku (aka Think Perl 6); Laurent Rosenfeld, Allen B. Downey; O'Reilly -* Terraform Cookbook; Mikael Krief; Packt Publishing -* Effective awk programming; Arnold Robbins; O'Reilly -* Perl New Features; Joshua McAdams, brian d foy; Perl School -* Ultimate Go Notebook; Bill Kennedy -* Higher Order Perl; Mark Dominus; Morgan Kaufmann -* Programming Perl aka "The Camel Book"; Tom Christiansen, brian d foy, Larry Wall & Jon Orwant; O'Reilly -* The DevOps Handbook; Gene Kim, Jez Humble, Patrick Debois, John Willis; Audible -* Effective Java; Joshua Bloch; Addison-Wesley Professional -* The Practise of System and Network Administration; Thomas A. Limoncelli, Christina J. Hogan, Strata R. Chalup; Addison-Wesley Professional Pro Git; Scott Chacon, Ben Straub; Apress -* Java ist auch eine Insel; Christian Ullenboom; * Object-Oriented Programming with ANSI-C; Axel-Tobias Schreiner -* Data Science at the Command Line; Jeroen Janssens; O'Reilly -* Clusterbau mit Linux-HA; Michael Schwartzkopff; O'Reilly -* Concurrency in Go; Katherine Cox-Buday; O'Reilly -* Learn You a Haskell for Great Good!; Miran Lipovaca; No Starch Press -* 21st Century C: C Tips from the New School; Ben Klemens; O'Reilly -* Raku Fundamentals; Moritz Lenz; Apress +* C++ Programming Language; Bjarne Stroustrup; * Pro Puppet; James Turnbull, Jeffrey McCune; Apress -* The KCNA (Kubernetes and Cloud Native Associate) Book; Nigel Poulton +* Kubernetes Cookbook; Sameer Naik, Sébastien Goasguen, Jonathan Michaux; O'Reilly +* Clusterbau mit Linux-HA; Michael Schwartzkopff; O'Reilly * Go Brain Teasers - Exercise Your Mind; Miki Tebeka; The Pragmatic Programmers +* Programming Perl aka "The Camel Book"; Tom Christiansen, brian d foy, Larry Wall & Jon Orwant; O'Reilly +* Effective awk programming; Arnold Robbins; O'Reilly +* Raku Fundamentals; Moritz Lenz; Apress +* Amazon Web Services in Action; Michael Wittig and Andreas Wittig; Manning Publications * Raku Recipes; J.J. Merelo; Apress -* The Kubernetes Book; Nigel Poulton; Unabridged Audiobook -* Learn You Some Erlang for Great Good; Fred Herbert; No Starch Press -* Systemprogrammierung in Go; Frank Müller; dpunkt -* Polished Ruby Programming; Jeremy Evans; Packt Publishing -* The Go Programming Language; Alan A. A. Donovan; Addison-Wesley Professional -* Systems Performance Tuning; Gian-Paolo D. Musumeci and others...; O'Reilly -* The Docker Book; James Turnbull; Kindle -* 100 Go Mistakes and How to Avoid Them; Teiva Harsanyi; Manning Publications * DevOps And Site Reliability Engineering Handbook; Stephen Fleming; Audible +* Terraform Cookbook; Mikael Krief; Packt Publishing +* Leanring eBPF; Liz Rice; O'Reilly +* The Go Programming Language; Alan A. A. Donovan; Addison-Wesley Professional +* 97 things every SRE should know; Emil Stolarsky, Jaime Woo; O'Reilly +* The KCNA (Kubernetes and Cloud Native Associate) Book; Nigel Poulton +* Java ist auch eine Insel; Christian Ullenboom; * Distributed Systems: Principles and Paradigms; Andrew S. Tanenbaum; Pearson +* The Practise of System and Network Administration; Thomas A. Limoncelli, Christina J. Hogan, Strata R. Chalup; Addison-Wesley Professional Pro Git; Scott Chacon, Ben Straub; Apress +* Higher Order Perl; Mark Dominus; Morgan Kaufmann +* Funktionale Programmierung; Peter Pepper; Springer +* Modern Perl; Chromatic ; Onyx Neon Press +* Concurrency in Go; Katherine Cox-Buday; O'Reilly +* 100 Go Mistakes and How to Avoid Them; Teiva Harsanyi; Manning Publications * Site Reliability Engineering; How Google runs production systems; O'Reilly -* The Pragmatic Programmer; David Thomas; Addison-Wesley -* 97 things every SRE should know; Emil Stolarsky, Jaime Woo; O'Reilly -* DNS and BIND; Cricket Liu; O'Reilly -* Amazon Web Services in Action; Michael Wittig and Andreas Wittig; Manning Publications -* Tmux 2: Productive Mouse-free Development; Brain P. Hogan; The Pragmatic Programmers +* Learn You Some Erlang for Great Good; Fred Herbert; No Starch Press * Hands-on Infrastructure Monitoring with Prometheus; Joel Bastos, Pedro Araujo; Packt +* Learn You a Haskell for Great Good!; Miran Lipovaca; No Starch Press +* The Pragmatic Programmer; David Thomas; Addison-Wesley +* Data Science at the Command Line; Jeroen Janssens; O'Reilly +* The Kubernetes Book; Nigel Poulton; Unabridged Audiobook +* Systems Performance Tuning; Gian-Paolo D. Musumeci and others...; O'Reilly +* The DevOps Handbook; Gene Kim, Jez Humble, Patrick Debois, John Willis; Audible +* Effective Java; Joshua Bloch; Addison-Wesley Professional +* 21st Century C: C Tips from the New School; Ben Klemens; O'Reilly +* Systemprogrammierung in Go; Frank Müller; dpunkt +* The Docker Book; James Turnbull; Kindle * Developing Games in Java; David Brackeen and others...; New Riders -* Kubernetes Cookbook; Sameer Naik, Sébastien Goasguen, Jonathan Michaux; O'Reilly -* Modern Perl; Chromatic ; Onyx Neon Press -* C++ Programming Language; Bjarne Stroustrup; -* Leanring eBPF; Liz Rice; O'Reilly +* Ultimate Go Notebook; Bill Kennedy +* Perl New Features; Joshua McAdams, brian d foy; Perl School +* Tmux 2: Productive Mouse-free Development; Brain P. Hogan; The Pragmatic Programmers +* Think Raku (aka Think Perl 6); Laurent Rosenfeld, Allen B. Downey; O'Reilly +* DNS and BIND; Cricket Liu; O'Reilly +* Polished Ruby Programming; Jeremy Evans; Packt Publishing ## Technical references I didn't read them from the beginning to the end, but I am using them to look up things. The books are in random order: -* Implementing Service Level Objectives; Alex Hidalgo; O'Reilly -* BPF Performance Tools - Linux System and Application Observability, Brendan Gregg; Addison Wesley -* Relayd and Httpd Mastery; Michael W Lucas * Groovy Kurz & Gut; Joerg Staudemeier; O'Reilly -* The Linux Programming Interface; Michael Kerrisk; No Starch Press * Understanding the Linux Kernel; Daniel P. Bovet, Marco Cesati; O'Reilly +* Relayd and Httpd Mastery; Michael W Lucas +* Implementing Service Level Objectives; Alex Hidalgo; O'Reilly * Algorithms; Robert Sedgewick, Kevin Wayne; Addison Wesley +* The Linux Programming Interface; Michael Kerrisk; No Starch Press +* BPF Performance Tools - Linux System and Application Observability, Brendan Gregg; Addison Wesley ## Self-development and soft-skills books In random order: -* The Complete Software Developer's Career Guide; John Sonmez; Unabridged Audiobook * The Good Enough Job; Simone Stolzoff; Ebury Edge -* The Daily Stoic; Ryan Holiday, Stephen Hanselman; Profile Books -* Psycho-Cybernetics; Maxwell Maltz; Perigee Books -* So Good They Can't Ignore You; Cal Newport; Business Plus -* Ultralearning; Scott Young; Thorsons -* Influence without Authority; A. Cohen, D. Bradford; Wiley -* Time Management for System Administrators; Thomas A. Limoncelli; O'Reilly * The Bullet Journal Method; Ryder Carroll; Fourth Estate -* The Phoenix Project - A Novel About IT, DevOps, and Helping your Business Win; Gene Kim and Kevin Behr; Trade Select -* Soft Skills; John Sommez; Manning Publications -* The Power of Now; Eckhard Tolle; Yellow Kite +* Eat That Frog; Brian Tracy +* 101 Essays that change the way you think; Brianna Wiest; Audible * Solve for Happy; Mo Gawdat * The Joy of Missing Out; Christina Crook; New Society Publishers -* Ultralearning; Anna Laurent; Self-published via Amazon -* Never Split the Difference; Chris Voss, Tahl Raz; Random House Business -* Staff Engineer: Leadership beyond the management track; Will Larson; Audible -* Buddah and Einstein walk into a Bar; Guy Joseph Ale, Claire Bloom; Blackstone Publishing -* Stop starting, start finishing; Arne Roock; Lean-Kanban University -* Digital Minimalism; Cal Newport; Portofolio Penguin -* Slow Productivity; Cal Newport; Penguin Random House -* The Off Switch; Mark Cropley; Virgin Books +* Soft Skills; John Sommez; Manning Publications +* The Power of Now; Eckhard Tolle; Yellow Kite * Search Inside Yourself - The Unexpected path to Achieving Success, Happiness (and World Peace); Chade-Meng Tan, Daniel Goleman, Jon Kabat-Zinn; HarperOne -* Deep Work; Cal Newport; Piatkus * The Obstacle Is The Way; Ryan Holiday; Profile Books Ltd -* 101 Essays that change the way you think; Brianna Wiest; Audible * Consciousness: A Very Short Introduction; Susan Blackmore; Oxford Uiversity Press +* Buddah and Einstein walk into a Bar; Guy Joseph Ale, Claire Bloom; Blackstone Publishing +* Psycho-Cybernetics; Maxwell Maltz; Perigee Books +* The Phoenix Project - A Novel About IT, DevOps, and Helping your Business Win; Gene Kim and Kevin Behr; Trade Select +* So Good They Can't Ignore You; Cal Newport; Business Plus +* Ultralearning; Anna Laurent; Self-published via Amazon * Who Moved My Cheese?; Dr. Spencer Johnson; Vermilion -* Eat That Frog; Brian Tracy +* Time Management for System Administrators; Thomas A. Limoncelli; O'Reilly * Eat That Frog!; Brian Tracy; Hodder Paperbacks -* The 7 Habits Of Highly Effective People; Stephen R. Covey; Simon & Schuster UK +* Deep Work; Cal Newport; Piatkus +* The Complete Software Developer's Career Guide; John Sonmez; Unabridged Audiobook +* The Daily Stoic; Ryan Holiday, Stephen Hanselman; Profile Books +* Never Split the Difference; Chris Voss, Tahl Raz; Random House Business +* The Off Switch; Mark Cropley; Virgin Books * Atomic Habits; James Clear; Random House Business +* Influence without Authority; A. Cohen, D. Bradford; Wiley +* Stop starting, start finishing; Arne Roock; Lean-Kanban University +* Slow Productivity; Cal Newport; Penguin Random House +* Staff Engineer: Leadership beyond the management track; Will Larson; Audible +* Digital Minimalism; Cal Newport; Portofolio Penguin +* Ultralearning; Scott Young; Thorsons +* The 7 Habits Of Highly Effective People; Stephen R. Covey; Simon & Schuster UK => ../notes/index.gmi Here are notes of mine for some of the books @@ -136,30 +136,30 @@ In random order: Some of these were in-person with exams; others were online learning lectures only. In random order: -* AWS Immersion Day; Amazon; 1-day interactive online training -* Protocol buffers; O'Reilly Online * F5 Loadbalancers Training; 2-day on-site training; F5, Inc. -* Ultimate Go Programming; Bill Kennedy; O'Reilly Online -* The Ultimate Kubernetes Bootcamp; School of Devops; O'Reilly Online -* Apache Tomcat Best Practises; 3-day on-site training +* Developing IaC with Terraform (with Live Lessons); O'Reilly Online +* MySQL Deep Dive Workshop; 2-day on-site training * Algorithms Video Lectures; Robert Sedgewick; O'Reilly Online +* Apache Tomcat Best Practises; 3-day on-site training +* Structure and Interpretation of Computer Programs; Harold Abelson and more...; +* AWS Immersion Day; Amazon; 1-day interactive online training +* Protocol buffers; O'Reilly Online * Cloud Operations on AWS - Learn how to configure, deploy, maintain, and troubleshoot your AWS environments; 3-day online live training with labs; Amazon -* MySQL Deep Dive Workshop; 2-day on-site training -* Linux Security and Isolation APIs Training; Michael Kerrisk; 3-day on-site training +* Ultimate Go Programming; Bill Kennedy; O'Reilly Online +* The Well-Grounded Rubyist Video Edition; David. A. Black; O'Reilly Online * Red Hat Certified System Administrator; Course + certification (Although I had the option, I decided not to take the next course as it is more effective to self learn what I need) -* Functional programming lecture; Remote University of Hagen -* Developing IaC with Terraform (with Live Lessons); O'Reilly Online * Scripting Vim; Damian Conway; O'Reilly Online -* The Well-Grounded Rubyist Video Edition; David. A. Black; O'Reilly Online -* Structure and Interpretation of Computer Programs; Harold Abelson and more...; +* Linux Security and Isolation APIs Training; Michael Kerrisk; 3-day on-site training +* The Ultimate Kubernetes Bootcamp; School of Devops; O'Reilly Online +* Functional programming lecture; Remote University of Hagen ## Technical guides These are not whole books, but guides (smaller or larger) which I found very useful. in random order: -* How CPUs work at https://cpu.land * Advanced Bash-Scripting Guide * Raku Guide at https://raku.guide +* How CPUs work at https://cpu.land ## Podcasts @@ -167,45 +167,46 @@ These are not whole books, but guides (smaller or larger) which I found very use In random order: -* Dev Interrupted +* Maintainable * The ProdCast (Google SRE Podcast) -* The Changelog Podcast(s) -* Fallthrough [Golang] +* Cup o' Go [Golang] +* Dev Interrupted * Fork Around And Find Out +* Fallthrough [Golang] +* BSD Now +* The Pragmatic Engineer Podcast * Hidden Brain -* Cup o' Go [Golang] -* Backend Banter * Deep Questions with Cal Newport -* The Pragmatic Engineer Podcast -* Maintainable +* Backend Banter +* The Changelog Podcast(s) ### Podcasts I liked I liked them but am not listening to them anymore. The podcasts have either "finished" (no more episodes) or I stopped listening to them due to time constraints or a shift in my interests. -* FLOSS weekly * Go Time (predecessor of fallthrough) -* Ship It (predecessor of Fork Around And Find Out) -* CRE: Chaosradio Express [german] * Java Pub House +* CRE: Chaosradio Express [german] +* Ship It (predecessor of Fork Around And Find Out) * Modern Mentor +* FLOSS weekly ## Newsletters I like This is a mix of tech and non-tech newsletters I am subscribed to. In random order: -* Applied Go Weekly Newsletter -* Changelog News -* Monospace Mentor +* Golang Weekly * Register Spill +* The Imperfectionist +* Ruby Weekly +* Monospace Mentor +* Changelog News +* Applied Go Weekly Newsletter * byteSizeGo * The Valuable Dev -* Ruby Weekly -* Golang Weekly -* The Pragmatic Engineer -* VK Newsletter * Andreas Brandhorst Newsletter (Sci-Fi author) -* The Imperfectionist +* VK Newsletter +* The Pragmatic Engineer # Formal education diff --git a/gemfeed/2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi b/gemfeed/2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi index d727985b..05014e11 100644 --- a/gemfeed/2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi +++ b/gemfeed/2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi @@ -10,6 +10,7 @@ These are all the posts so far: => ./2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi 2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage (You are currently reading this) => ./2024-12-03-f3s-kubernetes-with-freebsd-part-2.gmi 2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation +=> ./f3s-kubernetes-with-freebsd-part-4.gmi f3s-kubernetes-with f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4 => ./f3s-kubernetes-with-freebsd-part-1/f3slogo.png f3s logo @@ -38,7 +39,7 @@ Let's begin... My previous setup was great for learning Terraform and AWS, but it is too expensive. Costs are under control there, but only because I am shutting down all containers after use (so they are offline ninety percent of the time and still cost around $20 monthly). With the new setup, I could run all containers 24/7 at home, which would still be cheaper in terms of electricity consumption. I have a 50 MBit/s uplink (I could have more if I wanted, but it is plenty for my use case already). -=> https://foo.zone/gemfeed/2024-02-04-from-babylon5.buetow.org-to-.cloud.html From `babylon5.buetow.org` to `.cloud` +=> ./2024-02-04-from-babylon5.buetow.org-to-.cloud.html From `babylon5.buetow.org` to `.cloud` Migrating off all my containers from AWS ECS means I need a reliable and scalable environment to host my workloads. I wanted something: @@ -96,8 +97,8 @@ All of this (every Linux VM to every OpenBSD box) will be connected via WireGuar So, when I want to access a service running in k3s, I will hit an external DNS endpoint (with the authoritative DNS servers being the OpenBSD boxes). The DNS will resolve to the master OpenBSD VM (see my KISS highly-available with OpenBSD blog post), and from there, the `relayd` process (with a Let's Encrypt certificate—see my Let's Encrypt with OpenBSD and Rex blog post) will accept the TCP connection and forward it through the WireGuard tunnel to a reachable node port of one of the k3s nodes, thus serving the traffic. -=> https://foo.zone/gemfeed/2024-04-01-KISS-high-availability-with-OpenBSD.html KISS high-availability with OpenBSD -=> https://foo.zone/gemfeed/2022-07-30-lets-encrypt-with-openbsd-and-rex.html Let's Encrypt with OpenBSD and Rex +=> ./2024-04-01-KISS-high-availability-with-OpenBSD.html KISS high-availability with OpenBSD +=> ./2022-07-30-lets-encrypt-with-openbsd-and-rex.html Let's Encrypt with OpenBSD and Rex The OpenBSD setup described here already exists and is ready to use. The only thing that does not yet exist is the configuration of `relayd` to forward requests to k3s through the WireGuard tunnel(s). @@ -137,7 +138,7 @@ For visualization, Grafana will be deployed alongside Prometheus. Grafana lets m Alerts generated by Prometheus are forwarded to Alertmanager, which I will configure to work with Gogios, a lightweight monitoring and alerting system I wrote myself. Gogios runs on one of my OpenBSD VMs. At regular intervals, Gogios scrapes the alerts generated in the k3s cluster and notifies me via Email. -=> https://foo.zone/gemfeed/2023-06-01-kiss-server-monitoring-with-gogios.html KISS server monitoring with Gogios +=> ./2023-06-01-kiss-server-monitoring-with-gogios.html KISS server monitoring with Gogios Ironically, I implemented Gogios to avoid using more complex alerting systems like Prometheus, but here we go—it integrates well now. @@ -165,6 +166,7 @@ Other *BSD-related posts: => ./2024-04-01-KISS-high-availability-with-OpenBSD.gmi 2024-04-01 KISS high-availability with OpenBSD => ./2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi 2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage (You are currently reading this) => ./2024-12-03-f3s-kubernetes-with-freebsd-part-2.gmi 2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation +=> ./f3s-kubernetes-with-freebsd-part-4.gmi f3s-kubernetes-with f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4 E-Mail your comments to `paul@nospam.buetow.org` :-) diff --git a/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-3.gmi b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-3.gmi index e9ef4724..e4068de2 100644 --- a/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-3.gmi +++ b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-3.gmi @@ -4,6 +4,7 @@ This is the third blog post about my f3s series for my self-hosting demands in m => ./2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi 2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage => ./2024-12-03-f3s-kubernetes-with-freebsd-part-2.gmi 2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation +=> ./f3s-kubernetes-with-freebsd-part-4.gmi f3s-kubernetes-with f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4 => ./f3s-kubernetes-with-freebsd-part-1/f3slogo.png f3s logo @@ -212,6 +213,8 @@ So far, so good. Host `f0` would shut down itself when short on power. But what Of course, this won't work when `f0` is down. In this case, no operational node would be connected to the UPS via USB; therefore, the current power status would not be known. However, I consider this a rare circumstance. Furthermore, in case of an `f0` system crash, sudden power outages on the two other nodes would occur at different times, making real data loss (the main concern here) effectively impossible. +And if `f0` is down and `f1` and `f2` receive new data and crash midway, it's likely that a client (e.g., an Android app or another laptop) still has the data stored on it, making data loss recoverable. I'd receive an alert if any of the nodes go down (more on monitoring later in this blog series). + ### Installation on partners To do this, I installed `apcupsd` via `doas pkg install apcupsd` on `f1` and `f2`, and then I could connect to it this way: @@ -320,7 +323,7 @@ And after almost 60 minutes (`f1` and `f2` a bit earlier, `f0` a bit later due t Broadcast Message from root@f0.lan.buetow.org (no tty) at 15:08 EET... - *** FINAL System shutdown message from paul@f1.lan.buetow.org *** + *** FINAL System shutdown message from root@f0.lan.buetow.org *** System going down IMMEDIATELY @@ -354,6 +357,7 @@ Other BSD related posts are: => ./2024-04-01-KISS-high-availability-with-OpenBSD.gmi 2024-04-01 KISS high-availability with OpenBSD => ./2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi 2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage => ./2024-12-03-f3s-kubernetes-with-freebsd-part-2.gmi 2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation +=> ./f3s-kubernetes-with-freebsd-part-4.gmi f3s-kubernetes-with f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4 E-Mail your comments to `paul@nospam.buetow.org` :-) diff --git a/gemfeed/atom.xml b/gemfeed/atom.xml index 76b3f8bd..f3cc94e2 100644 --- a/gemfeed/atom.xml +++ b/gemfeed/atom.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="utf-8"?> <feed xmlns="http://www.w3.org/2005/Atom"> - <updated>2025-01-19T13:21:25+02:00</updated> + <updated>2025-01-29T08:02:28+02:00</updated> <title>foo.zone feed</title> <subtitle>To be in the .zone!</subtitle> <link href="gemini://foo.zone/gemfeed/atom.xml" rel="self" /> @@ -1061,6 +1061,7 @@ dev.cpu.<font color="#000000">0</font>.freq: <font color="#000000">2922</font> <br /> <a class='textlink' href='./2024-11-17-f3s-kubernetes-with-freebsd-part-1.html'>2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage (You are currently reading this)</a><br /> <a class='textlink' href='./2024-12-03-f3s-kubernetes-with-freebsd-part-2.html'>2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation</a><br /> +<a class='textlink' href='./f3s-kubernetes-with-freebsd-part-4.html'>f3s-kubernetes-with f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4</a><br /> <br /> <a href='./f3s-kubernetes-with-freebsd-part-1/f3slogo.png'><img alt='f3s logo' title='f3s logo' src='./f3s-kubernetes-with-freebsd-part-1/f3slogo.png' /></a><br /> <br /> @@ -1090,7 +1091,7 @@ dev.cpu.<font color="#000000">0</font>.freq: <font color="#000000">2922</font> <br /> <span>My previous setup was great for learning Terraform and AWS, but it is too expensive. Costs are under control there, but only because I am shutting down all containers after use (so they are offline ninety percent of the time and still cost around $20 monthly). With the new setup, I could run all containers 24/7 at home, which would still be cheaper in terms of electricity consumption. I have a 50 MBit/s uplink (I could have more if I wanted, but it is plenty for my use case already).</span><br /> <br /> -<a class='textlink' href='https://foo.zone/gemfeed/2024-02-04-from-babylon5.buetow.org-to-.cloud.html'>From <span class='inlinecode'>babylon5.buetow.org</span> to <span class='inlinecode'>.cloud</span></a><br /> +<a class='textlink' href='./2024-02-04-from-babylon5.buetow.org-to-.cloud.html'>From <span class='inlinecode'>babylon5.buetow.org</span> to <span class='inlinecode'>.cloud</span></a><br /> <br /> <span>Migrating off all my containers from AWS ECS means I need a reliable and scalable environment to host my workloads. I wanted something:</span><br /> <br /> @@ -1149,8 +1150,8 @@ dev.cpu.<font color="#000000">0</font>.freq: <font color="#000000">2922</font> <br /> <span>So, when I want to access a service running in k3s, I will hit an external DNS endpoint (with the authoritative DNS servers being the OpenBSD boxes). The DNS will resolve to the master OpenBSD VM (see my KISS highly-available with OpenBSD blog post), and from there, the <span class='inlinecode'>relayd</span> process (with a Let's Encrypt certificate—see my Let's Encrypt with OpenBSD and Rex blog post) will accept the TCP connection and forward it through the WireGuard tunnel to a reachable node port of one of the k3s nodes, thus serving the traffic.</span><br /> <br /> -<a class='textlink' href='https://foo.zone/gemfeed/2024-04-01-KISS-high-availability-with-OpenBSD.html'>KISS high-availability with OpenBSD</a><br /> -<a class='textlink' href='https://foo.zone/gemfeed/2022-07-30-lets-encrypt-with-openbsd-and-rex.html'>Let's Encrypt with OpenBSD and Rex</a><br /> +<a class='textlink' href='./2024-04-01-KISS-high-availability-with-OpenBSD.html'>KISS high-availability with OpenBSD</a><br /> +<a class='textlink' href='./2022-07-30-lets-encrypt-with-openbsd-and-rex.html'>Let's Encrypt with OpenBSD and Rex</a><br /> <br /> <span>The OpenBSD setup described here already exists and is ready to use. The only thing that does not yet exist is the configuration of <span class='inlinecode'>relayd</span> to forward requests to k3s through the WireGuard tunnel(s).</span><br /> <br /> @@ -1190,7 +1191,7 @@ dev.cpu.<font color="#000000">0</font>.freq: <font color="#000000">2922</font> <br /> <span>Alerts generated by Prometheus are forwarded to Alertmanager, which I will configure to work with Gogios, a lightweight monitoring and alerting system I wrote myself. Gogios runs on one of my OpenBSD VMs. At regular intervals, Gogios scrapes the alerts generated in the k3s cluster and notifies me via Email.</span><br /> <br /> -<a class='textlink' href='https://foo.zone/gemfeed/2023-06-01-kiss-server-monitoring-with-gogios.html'>KISS server monitoring with Gogios</a><br /> +<a class='textlink' href='./2023-06-01-kiss-server-monitoring-with-gogios.html'>KISS server monitoring with Gogios</a><br /> <br /> <span>Ironically, I implemented Gogios to avoid using more complex alerting systems like Prometheus, but here we go—it integrates well now.</span><br /> <br /> @@ -1219,6 +1220,7 @@ dev.cpu.<font color="#000000">0</font>.freq: <font color="#000000">2922</font> <a class='textlink' href='./2024-04-01-KISS-high-availability-with-OpenBSD.html'>2024-04-01 KISS high-availability with OpenBSD</a><br /> <a class='textlink' href='./2024-11-17-f3s-kubernetes-with-freebsd-part-1.html'>2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage (You are currently reading this)</a><br /> <a class='textlink' href='./2024-12-03-f3s-kubernetes-with-freebsd-part-2.html'>2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation</a><br /> +<a class='textlink' href='./f3s-kubernetes-with-freebsd-part-4.html'>f3s-kubernetes-with f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4</a><br /> <br /> <span>E-Mail your comments to <span class='inlinecode'>paul@nospam.buetow.org</span> :-)</span><br /> <br /> diff --git a/gemfeed/f3s-kubernetes-with-freebsd-part-4.gmi b/gemfeed/f3s-kubernetes-with-freebsd-part-4.gmi new file mode 100644 index 00000000..bcac5d74 --- /dev/null +++ b/gemfeed/f3s-kubernetes-with-freebsd-part-4.gmi @@ -0,0 +1,261 @@ +# f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4 + +This is the thourth blog post about my f3s series for my self-hosting demands in my home lab. f3s? The "f" stands for FreeBSD, and the "3s" stands for k3s, the Kubernetes distribution we will use on FreeBSD-based physical machines. + +=> ./2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi 2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage +=> ./2024-12-03-f3s-kubernetes-with-freebsd-part-2.gmi 2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation + +=> ./f3s-kubernetes-with-frhyveeebsd-part-1/f3slogo.png f3s logo + +## Table of Contents + +* ⇢ f3s: Kubernetes with FreeBSD - Rocky Linux Bhyve VMs - Part 4 +* ⇢ ⇢ Introduction +* ⇢ ⇢ Basic Bhyve setup +* ⇢ ⇢ Rocky Linux VMs +* ⇢ ⇢ ⇢ ISO download +* ⇢ ⇢ ⇢ VM configuration +* ⇢ ⇢ ⇢ VM installation +* ⇢ ⇢ ⇢ Increase of the disk image +* ⇢ ⇢ ⇢ Connect to VPN +* ⇢ ⇢ After install +* ⇢ ⇢ ⇢ VM auto-start after host reboot +* ⇢ ⇢ ⇢ Static IP configuration +* ⇢ ⇢ ⇢ Permitting root login +* ⇢ ⇢ ⇢ Install latest updates + +## Introduction + +In this blog post, we are going to install the Bhyve hypervisor. + +The FreeBSD Bhyve hypervisor is a lightweight, modern hypervisor that enables virtualization on FreeBSD systems. Bhyve's strengths include its minimal overhead, which allows it to achieve near-native performance for virtual machines. It is designed to be efficient and lightweight, leveraging the capabilities of the FreeBSD operating system for performance and network management. + +Bhyve supports running a variety of guest operating systems, including FreeBSD, Linux, and Windows, on hardware platforms that support hardware virtualization extensions (such as Intel VT-x or AMD-V). In our case, we are going to virtualize Rocky Linux, which later on in this series will be used to run k3s. + +## Basic Bhyve setup + +For the management of the Bhyve VMs, we are using `vm-bhyve`, a tool not part of the FreeBSD operating system but available as a ready-to-use package. It eases VM management and reduces a lot of the overhead. We also install the required package to make Bhyve work with the UEFI firmware. + +=> https://github.com/churchers/vm-bhyve + +The following commands are executed on all three hosts `f0`, `f1`, and `f2`, where `re0` is the name of the Ethernet interface (which may need to be adjusted if your hardware is different): + +```sh +paul@f0:~ % doas pkg install vm-bhyve bhyve-firmware +paul@f0:~ % doas sysrc vm_enable=YES +vm_enable: -> YES +paul@f0:~ % doas sysrc vm_dir=zfs:zroot/bhyve +vm_dir: -> zfs:zroot/bhyve +paul@f0:~ % doas zfs create zroot/bhyve +paul@f0:~ % doas vm init +paul@f0:~ % doas vm switch create public +paul@f0:~ % doas vm switch add public re0 +``` + +Bhyve stores all it's data in the `/bhyve` of the `zroot` ZFS pool: + +```sh +paul@f0:~ % zfs list | grep bhyve +zroot/bhyve 1.74M 453G 1.74M /zroot/bhyve +``` + +For convenience, we also create this symlink: + +```sh +paul@f0:~ % doas ln -s /zroot/bhyve/ /bhyve + +``` + +Now, Bhyve is ready to rumble, but no VMs are there yet: + +```sh +paul@f0:~ % doas vm list +NAME DATASTORE LOADER CPU MEMORY VNC AUTO STATE +``` + +## Rocky Linux VMs + +### ISO download + +We're going to install the Rocky Linux from the latest minimal iso: + +```sh +paul@f0:~ % doas vm iso \ + https://download.rockylinux.org/pub/rocky/9/isos/x86_64/Rocky-9.5-x86_64-minimal.iso +/zroot/bhyve/.iso/Rocky-9.5-x86_64-minimal.iso 1808 MB 4780 kBps 06m28s +paul@f0:/bhyve % doas vm create rocky +``` +### VM configuration + +The default configuration looks like this now: + +```sh +paul@f0:/bhyve/rocky % cat rocky.conf +loader="bhyveload" +cpu=1 +memory=256M +network0_type="virtio-net" +network0_switch="public" +disk0_type="virtio-blk" +disk0_name="disk0.img" +uuid="1c4655ac-c828-11ef-a920-e8ff1ed71ca0" +network0_mac="58:9c:fc:0d:13:3f" +``` + +Whereas the `uuid` and the `network0_mac` differ on each of the 3 hosts. + +but in order to make Rocky Linux boot it (plus some other adjustments, e.g. as I am intending to run the majority of the workload in the k3s cluster running on those linux VMs, I give them beefy specs like 4 CPU cores and 14GB RAM), I run `doas vm configure rocky` and modified it to: + +``` +guest="linux" +loader="uefi" +uefi_vars="yes" +cpu=4 +memory=14G +network0_type="virtio-net" +network0_switch="public" +disk0_type="virtio-blk" +disk0_name="disk0.img" +graphics="yes" +graphics_vga=io +uuid="1c45400b-c828-11ef-8871-e8ff1ed71cac" +network0_mac="58:9c:fc:0d:13:3f" +``` + +### VM installation + +To start the installer from the downloaded ISO, I run: + +```sh +paul@f0:~ % doas vm install rocky Rocky-9.5-x86_64-minimal.iso +Starting rocky + * found guest in /zroot/bhyve/rocky + * booting... + +paul@f0:/bhyve/rocky % doas vm list +NAME DATASTORE LOADER CPU MEMORY VNC AUTO STATE +rocky default uefi 4 14G 0.0.0.0:5900 No Locked (f0.lan.buetow.org) + +paul@f0:/bhyve/rocky % doas sockstat -4 | grep 5900 +root bhyve 6079 8 tcp4 *:5900 *:* +``` + +Port 5900 now also opened for VNC connections, so I connected to it with a VNC client and run through the installation dialogs. I'm sure this could be done unattended or more automated, there are only 3 VMs to install, and the automation doesn't seem worth it as we are doing it only once in a year or less often. + +### Increase of the disk image + +By default the VMs disk image is only 20G, which is a bit small for my purposes, so I stopped the VMs again and run `truncate` on the image file to enlarge them to 100G, and re-started the installation: + +```sh +paul@f0:/bhyve/rocky % doas vm stop rocky +paul@f0:/bhyve/rocky % doas truncate -s 100G disk0.img +paul@f0:/bhyve/rocky % doas vm install rocky Rocky-9.5-x86_64-minimal.iso +``` + +### Connect to VPN + +For the installation, I opened the VPN client on my Fedora laptop (GNOME comes with a simple VPN client) and ran through the base installation for each of the VMs manually. Again, I am sure this could have been automated a bit more, but there were just 3 VMs, and it wasn't worth the effort. The three VNC addresses of the VMs were: `vnc://f0:5900`, `vnc://f1:5900`, and `vnc://f0:5900`. + +I mostly selected the default settings (auto partitioning on the 100GB drive and a root user password). After the installation, the VMs were rebooted. + +## After install + +I performed the following steps for all 3 VMs. In the following, the examples are all executed on `f0` (bzw the VM `r0` running on `f0`): + +### VM auto-start after host reboot + +To automatically start the VM on the servers I added the following to the `rc.conf` on the FreeBSD hosts: + +```sh + +paul@f0:/bhyve/rocky % cat <<END | doas tee -a /etc/rc.conf +vm_list="rocky" +vm_delay="5" +``` + +The `vm_delay` isn't really required. It is used to wait 5 seconds before starting each VM, but as of now, there is only one VM per host. Maybe later, when there are more, this will be useful to have. After adding, there's now a `Yes` indicator in the `AUTO` column. + +```sh +paul@f0:~ % doas vm list +NAME DATASTORE LOADER CPU MEMORY VNC AUTO STATE +rocky default uefi 4 14G 0.0.0.0:5900 Yes [1] Running (2063) +``` + +### Static IP configuration + +After that, I changed the network configuration of the VMs to be static (from DHCP) here. As per previous post of this series, the 3 FreeBSD hosts were already in my `/etc/hosts` file: + +``` +192.168.1.130 f0 f0.lan f0.lan.buetow.org +192.168.1.131 f1 f1.lan f1.lan.buetow.org +192.168.1.132 f2 f2.lan f2.lan.buetow.org +``` + +For the Rocky VMs I added those to the FreeBSD hosts systems as well: + +```sh +paul@f0:/bhyve/rocky % cat <<END | doas tee -a /etc/hosts +192.168.1.120 r0 r0.lan r0.lan.buetow.org +192.168.1.121 r1 r1.lan r1.lan.buetow.org +192.168.1.122 r2 r2.lan r2.lan.buetow.org +END +``` + +and configured the IPs accordingly on the VMs themselves by opening a root shell via RDP to the VMs and entering the following commands on each of the VMs: + +```sh +[root@r0 ~] % dnmcli connection modify enp0s5 ipv4.address 192.168.1.120/24 +[root@r0 ~] % dnmcli connection modify enp0s5 ipv4.gateway 192.168.1.1 +[root@r0 ~] % dnmcli connection modify enp0s5 ipv4.dns 192.168.1.1 +[root@r0 ~] % dnmcli connection modify enp0s5 ipv4.method manual +[root@r0 ~] % dnmcli connection down enp0s5 +[root@r0 ~] % dnmcli connection up enp0s5 +[root@r0 ~] % hostnamectl set-hostname r0.lan.buetow.org +[root@r0 ~] % cat <<END >>/etc/hosts +192.168.1.120 r0 r0.lan r0.lan.buetow.org +192.168.1.121 r1 r1.lan r1.lan.buetow.org +192.168.1.122 r2 r2.lan r2.lan.buetow.org +END +```` + +Whereas: + +* `192.168.1.120` is the IP of the VM itself (here: `r0.lan.buetow.org`) +* `192.168.1.1` is the address of my home router, which also does DNS. + +### Permitting root login + +As these VMs arent directly reachable via SSH from the internet, I enabled `root` login by adding a line with `PermitRootLogin yes` to `/etc/sshd/sshd_config`. + +Once done, I rebooted the VM by running `reboot` inside of the vm to test whether everything was configured and persisted correctly. + +After reboot, I copied my public key from my Laptop to the 3 VMs: + +```sh +% for i in 0 1 2; do ssh-copy-id root@r$i.lan.buetow.org; done +``` + +And then I edited the `/etc/ssh/sshd_config` file again on all 3 VMs and configured `PasswordAuthentication no`, to only allow SSH key authentication from now on. + +### Install latest updates + +```sh +[root@r0 ~] % dnf update +[root@r0 ~] % dreboot +``` + +CPU STRESS TESTER VM VS NOT VM + +Other *BSD-related posts: + +=> ./2016-04-09-jails-and-zfs-on-freebsd-with-puppet.gmi 2016-04-09 Jails and ZFS with Puppet on FreeBSD +=> ./2022-07-30-lets-encrypt-with-openbsd-and-rex.gmi 2022-07-30 Let's Encrypt with OpenBSD and Rex +=> ./2022-10-30-installing-dtail-on-openbsd.gmi 2022-10-30 Installing DTail on OpenBSD +=> ./2024-01-13-one-reason-why-i-love-openbsd.gmi 2024-01-13 One reason why I love OpenBSD +=> ./2024-04-01-KISS-high-availability-with-OpenBSD.gmi 2024-04-01 KISS high-availability with OpenBSD +=> ./2024-11-17-f3s-kubernetes-with-freebsd-part-1.gmi 2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage +=> ./2024-12-03-f3s-kubernetes-with-freebsd-part-2.gmi 2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation + +E-Mail your comments to `paul@nospam.buetow.org` :-) + +=> ../ Back to the main site @@ -1,6 +1,6 @@ # foo.zone -> This site was generated at 2025-01-19T13:21:25+02:00 by `Gemtexter` +> This site was generated at 2025-01-29T08:02:28+02:00 by `Gemtexter` Welcome to the foo.zone. Everything you read on this site is my personal opinion and experience. You can call me a Linux/*BSD enthusiast and hobbyist. I mainly write about tech, IT, programming and sometimes also about self-improvement here. And I also like coding. diff --git a/uptime-stats.gmi b/uptime-stats.gmi index df9fa3ef..ed062af9 100644 --- a/uptime-stats.gmi +++ b/uptime-stats.gmi @@ -1,6 +1,6 @@ # My machine uptime stats -> This site was last updated at 2025-01-19T13:21:25+02:00 +> This site was last updated at 2025-01-29T08:02:28+02:00 The following stats were collected via `uptimed` on all of my personal computers over many years and the output was generated by `guprecords`, the global uptime records stats analyser of mine. |