thunerbl/Clustallations
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
17 commits 8 branches 0 tags 206 KiB
Find a file
Exact
Codatte 01e907b7c4 add Mautic
2023-11-17 15:05:57 +01:00
Cert-Manager Inital commit. Nextcloud+Matrix 2021-12-08 23:15:01 +01:00
Dashboard Inital commit. Nextcloud+Matrix 2021-12-08 23:15:01 +01:00
Matrix add Mautic 2023-11-17 15:05:57 +01:00
Mautic add Mautic 2023-11-17 15:05:57 +01:00
Nextcloud add Mautic 2023-11-17 15:05:57 +01:00
Nginx-ingress Stroodle SSD et longhorn 2021-11-15 23:44:17 +00:00
Postgres Inital commit. Nextcloud+Matrix 2021-12-08 23:15:01 +01:00
Redis_helm add Mautic 2023-11-17 15:05:57 +01:00
Website add Mautic 2023-11-17 15:05:57 +01:00
.gitignore initial commit 2021-02-23 11:22:10 +01:00
get_helm.sh Stroodle SSD et longhorn 2021-11-15 23:44:17 +00:00
notes.txt Instructions for VPN next, Main2 modifs 2021-04-17 20:28:56 +01:00
README.md add Mautic 2023-11-17 15:05:57 +01:00

README.md 

          _              _         __ ___ _  _
  /\  |  |_) |_|  /\    /  |  | | (_   | |_ |_)
 /--\ |_ |   | | /--\   \_ |_ |_| __)  | |_ | \

Cluster Alpha

Opensource hybrid cluster.

Composition

Hardware

  • 2 x Wyset 4 go RAM
  • 500 GO HDD + 100 GO HD

Software

  • K3S - Rancher Lite Kubernetes

Alternative node

  • Debian Latest - amd64 Node

Accomplished

  • Working K3S
  • SSL certification with cert-manager and Let's encrypt

Known Issues

Preconfig

SSH Config

After copying the pub key in the server edit: /etc/ssh/sshd_config with:

ChallengeResponseAuthentication no
PasswordAuthentication no
PubkeyAuthentication yes
UsePAM no

Updates, lights behavior

sudo apt update && sudo apt dist-upgrade

sudo nano /etc/hostname
#Then inside-> save all ip-hostnames of all cluster computers 

leader ->  wyset@xx.xx.xx.xx
pass = T3st1ngd2!

worker -> wyset@xx.xx.xx.xx
pass = T3st1ngd1!

sudo nano /etc/hosts
#Then inside->
127.0.0.1	leaderXXX

sudo nano /boot/cmdline.txt 
#Then add at the end of the line->

in Debian amd64 :
sudo nano /etc/default/grub
change GRUB_CMDLINE_LINUX=""
by
GRUB_CMDLINE_LINUX="cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory"

#Finally
sudo reboot

->

sudo nano /etc/hostname
sudo nano /etc/hosts

sudo apt update && sudo apt dist-upgrade -y

echo -n " cgroup_memory=1 cgroup_enable=memory" >> /boot/cmdline.txt ### ça non plutot ajouter la ligne suivante en pi 3b+
cgroup_enable=cpuset cgroup_enable=memory cgroup_memory=1 swapaccount=1

sudo apt install git open-iscsi nfs-common iptables arptables ebtables openresolv nfs-common-y


sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo update-alternatives --set arptables /usr/sbin/arptables-legacy
sudo update-alternatives --set ebtables /usr/sbin/ebtables-legacy
sudo reboot

## Install sur leader


curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--no-deploy traefik" sh -s -

** to get token -> cat /var/lib/rancher/k3s/server/node-token


## Install sur WorkerX


curl -sfL https://get.k3s.io | K3S_URL="https://leader:6443" K3S_TOKEN="K100909a6b8a115351572ad872d26f42f89a17d184c78991a55ed2d2d4383d8b24b::server:323025a35eadde1ca5f17c2cbe9909b1" sh -

#### ATTENDRE....
C'est fini quand es READY sur
sudo kubectl get nodes -o wide

kubectl label nodes <node-name> <label-key>=<label-value>


curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
chmod 700 get_helm.sh
sudo ./get_helm.sh
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
sudo chown root:pi /etc/rancher/k3s/k3s.yaml
sudo chmod g+r /etc/rancher/k3s/k3s.yaml





### Dashboard Token

eyJhbGciOiJSUzI1NiIsImtpZCI6IkJ4WGs2MlNfdzEtTGkyQnY0QlFjY0hKblV6a1BlbHdXTGRna0lDZjgxelkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWdwaHFzIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIzYzk0MzIwMi0yNmE0LTQ1MGUtODY0MC01OGVkMzkyNjIxZGEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.pDBHH96PAVigSLYSOKJkiz1xH1KLVlBiLdlZDFnlO0mQmGbvloeG3Ajof00-sNeL4t5IXGZNPwvkhplxztQ4tFp44VaBNDfJIpuCNUk_gs66KEjxCoW0F-KgPMtmgc8noVtyNYOPYKX_mFRzxjw6m5pPASRo1QptT3HIOtWOWNpPeBq-tQMKKgFHVEzGLh-d546s9v4vqRHN8yu9_vGK3uGyV48MdNFwk2_9tTZlcmV0Z10EcPd5M0CGNEvNVmp9MM8Pr2DCm2kqjD36oUextckBfxzy7K5ItCpeuTOXxXj5IRP_u50fy20nUNyWb4kfHFLJHHWaUp5a7C2wVB97Lg

sudo mkfs.ext4 /dev/sdX

Installation of fan shim

git clone https://github.com/pimoroni/fanshim-python
cd fanshim-python/
sudo ./install.sh 
sudo apt install python3-pip
sudo ./install-service.sh --on-threshold 75 --off-threshold 60 --delay 10
vcgencmd measure_temp

sudo systemctl < stop, disable, enable, start> pimoroni-fanshim.service
sudo nano /etc/systemd/system/pimoroni-fanshim.service

This will reference the file/path of ./examples/automatic.py

/etc/hosts 127.0.1.1 leadert 10.13.13.2 leaderj 10.13.13.4 leadert2

sudo mkdir /mnt/ssd UUID=XXXXXXXXXXXX /mnt/ssd ext4 defaults 0 1

apt install nfs-kernel-server nfs-common wireguard

systemctl enable --now nfs-server.service

edit /etc/exports --> /mnt/cloudd worker1(rw,sync,no_root_squash,no_subtree_check) leader(rw,sync,no_root_squash,no_subtree_check)

edit ->

[Interface]
Address = 10.13.13.2
PrivateKey = 6MRRgQFEWgPrSdfpgLThX0KwGLBF1mynS0eEVdrV6Vw=
ListenPort = 51820
DNS = 10.13.13.1

[Peer]
PublicKey = 26DLluAx8ZoA8mMop8uwBrqAG3PoAt6FIOjuvXMwxyM=
Endpoint = dadavision.codatte.dev:51820
AllowedIPs = 10.13.13.0/24

sudo systemctl enable wg-quick@wg0