Deploying an IPv6 Test Service on Kubernetes

From 8a78337ea4dcb0b154bd1c754218ca01c8f9015d Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Sun, 8 Mar 2026 18:17:20 +0200 Subject: Update content for html --- gemfeed/DRAFT-ipv6test-deployment.html | 146 +++++++++++++++++---------------- 1 file changed, 76 insertions(+), 70 deletions(-) (limited to 'gemfeed/DRAFT-ipv6test-deployment.html') diff --git a/gemfeed/DRAFT-ipv6test-deployment.html b/gemfeed/DRAFT-ipv6test-deployment.html index 9bc33ffb..f74e27f7 100644 --- a/gemfeed/DRAFT-ipv6test-deployment.html +++ b/gemfeed/DRAFT-ipv6test-deployment.html @@ -2,12 +2,17 @@ + Deploying an IPv6 Test Service on Kubernetes - + +

@@ -43,15 +48,15 @@ Client → relayd (OpenBSD) → Traefik (k3s) → Apache + CGI (Pod) by Lorenzo Bettini http://www.lorenzobettini.it http://www.gnu.org/software/src-highlite --> -

#!/usr/bin/perl
-use strict;
-use warnings;
+#!/usr/bin/perl
+use strict;
+use warnings;
 
-print "Content-type: text/html\n\n";
+print "Content-type: text/html\n\n";
 
-my $is_ipv4 = ($ENV{REMOTE_ADDR} =~ /(?:\d+\.){3}\d/);
-print "You are using: " . ($is_ipv4 ? "IPv4" : "IPv6") . "\n";
-print "Client address: $ENV{REMOTE_ADDR}\n";
+my $is_ipv4 = ($ENV{REMOTE_ADDR} =~ /(?:\d+\.){3}\d/);
+print "You are using: " . ($is_ipv4 ? "IPv4" : "IPv6") . "\n";
+print "Client address: $ENV{REMOTE_ADDR}\n";
 
 

 Docker Image


@@ -148,17 +153,17 @@ http protocol "https" {
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-<% for my $host (@$f3s_hosts) {
-     my $is_ipv6_only = $host =~ /^ipv6\./;
-     my $is_ipv4_only = $host =~ /^ipv4\./;
--%>
-<% unless ($is_ipv6_only) { -%>
-<%= $host %>.         300 IN A <%= $ips->{current_master}{ipv4} %>
-<% } -%>
-<% unless ($is_ipv4_only) { -%>
-<%= $host %>.         300 IN AAAA <%= $ips->{current_master}{ipv6} %>
-<% } -%>
-<% } -%>
+<% for my $host (@$f3s_hosts) {
+     my $is_ipv6_only = $host =~ /^ipv6\./;
+     my $is_ipv4_only = $host =~ /^ipv4\./;
+-%>
+<% unless ($is_ipv6_only) { -%>
+<%= $host %>.         300 IN A <%= $ips->{current_master}{ipv4} %>
+<% } -%>
+<% unless ($is_ipv4_only) { -%>
+<%= $host %>.         300 IN AAAA <%= $ips->{current_master}{ipv6} %>
+<% } -%>
+<% } -%>
 
 

 This ensures:

@@ -179,22 +184,22 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-<% for my $host (@$acme_hosts) {
-     # Skip ipv4/ipv6 subdomains - they're included as SANs in parent cert
-     next if $host =~ /^(ipv4|ipv6)\./;
--%>
-<%   my @alt_names = ("www.$host");
-     for my $sub_host (@$acme_hosts) {
-         if ($sub_host =~ /^(ipv4|ipv6)\.\Q$host\E$/) {
-             push @alt_names, $sub_host;
-         }
-     }
--%>
-domain <%= $host %> {
-    alternative names { <%= join(' ', @alt_names) %> }
-    ...
-}
-<% } -%>
+<% for my $host (@$acme_hosts) {
+     # Skip ipv4/ipv6 subdomains - they're included as SANs in parent cert
+     next if $host =~ /^(ipv4|ipv6)\./;
+-%>
+<%   my @alt_names = ("www.$host");
+     for my $sub_host (@$acme_hosts) {
+         if ($sub_host =~ /^(ipv4|ipv6)\.\Q$host\E$/) {
+             push @alt_names, $sub_host;
+         }
+     }
+-%>
+domain <%= $host %> {
+    alternative names { <%= join(' ', @alt_names) %> }
+    ...
+}
+<% } -%>
 
 

 This generates a single certificate for ipv6test.f3s.buetow.org that includes:

@@ -211,19 +216,19 @@ domain <%= $host %> {
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-our @f3s_hosts = qw/
-    ...
-    ipv6test.f3s.buetow.org
-    ipv4.ipv6test.f3s.buetow.org
-    ipv6.ipv6test.f3s.buetow.org
-/;
+our @f3s_hosts = qw/
+    ...
+    ipv6test.f3s.buetow.org
+    ipv4.ipv6test.f3s.buetow.org
+    ipv6.ipv6test.f3s.buetow.org
+/;
 
-our @acme_hosts = qw/
-    ...
-    ipv6test.f3s.buetow.org
-    ipv4.ipv6test.f3s.buetow.org
-    ipv6.ipv6test.f3s.buetow.org
-/;
+our @acme_hosts = qw/
+    ...
+    ipv6test.f3s.buetow.org
+    ipv4.ipv6test.f3s.buetow.org
+    ipv6.ipv6test.f3s.buetow.org
+/;
 
 

 Running rex nsd httpd acme acme_invoke relayd deploys the DNS zone, configures httpd for ACME challenges, obtains the certificates, and reloads relayd.

@@ -236,17 +241,17 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-$ dig ipv4.ipv6test.f3s.buetow.org A +short
-46.23.94.99
+$ dig ipv4.ipv6test.f3s.buetow.org A +short
+46.23.94.99
 
-$ dig ipv4.ipv6test.f3s.buetow.org AAAA +short
-(no output - IPv4 only)
+$ dig ipv4.ipv6test.f3s.buetow.org AAAA +short
+(no output - IPv4 only)
 
-$ dig ipv6.ipv6test.f3s.buetow.org AAAA +short
-2a03:6000:6f67:624::99
+$ dig ipv6.ipv6test.f3s.buetow.org AAAA +short
+2a03:6000:6f67:624::99
 
-$ dig ipv6.ipv6test.f3s.buetow.org A +short
-(no output - IPv6 only)
+$ dig ipv6.ipv6test.f3s.buetow.org A +short
+(no output - IPv6 only)
 
 

 Verify the application shows the correct test type:

@@ -255,8 +260,8 @@ $ dig ipv6.ipv6test.f3s.buetow.org A +short
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-$ curl -s https://ipv4.ipv6test.f3s.buetow.org/cgi-bin/index.pl | grep "Test Results"
-<h3>IPv4 Only Test Results:</h3>
+$ curl -s https://ipv4.ipv6test.f3s.buetow.org/cgi-bin/index.pl | grep "Test Results"
+<h3>IPv4 Only Test Results:</h3>
 
 

 The displayed IP should be the real client IP, not an internal cluster address.

@@ -273,15 +278,15 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-sub html_escape {
-    my $str = shift;
-    $str =~ s/&/&amp;/g;
-    $str =~ s/</&lt;/g;
-    $str =~ s/>/&gt;/g;
-    return $str;
-}
+sub html_escape {
+    my $str = shift;
+    $str =~ s/&/&amp;/g;
+    $str =~ s/</&lt;/g;
+    $str =~ s/>/&gt;/g;
+    return $str;
+}
 
-my $digremote = html_escape(`dig -x $ENV{REMOTE_ADDR}`);
+my $digremote = html_escape(`dig -x $ENV{REMOTE_ADDR}`);
 
 

 You can verify the output passes validation:

@@ -312,11 +317,12 @@ http://www.gnu.org/software/src-highlite -->
 

 ← Back to the index

 
-	Generated with Gemtexter 3.0.1-develop |
-	served by OpenBSD/relayd(8)+httpd(8) |
-	Site Mirrors
-	

-	Webring: previous | shring | next
+    Generated with Gemtexter 3.0.1-develop |
+    served by OpenBSD/relayd(8)+httpd(8) |
+    Site Mirrors
+    

+    Webring: previous | shring | next
 
+
 
 
-- 
cgit v1.2.3