Using TrueNAS to provide persistent storage for Kubernetes

A while ago I blogged about the possibilities of using Ceph to provide hyperconverged storage for Kubernetes. It works, but I never really liked the solution so I decided to look at dedicated storage solutions for my home lab and a small number of production sites, which would escape the single-node limitation of the MicroK8sContinue reading “Using TrueNAS to provide persistent storage for Kubernetes”

Load-balancing Ingress with MetalLB on MicroK8s

Out of the box, the MicroK8s distribution of ingress-nginx installed as the MicroK8s addon ingress binds to ports 80+443 on the node’s IP address using a hostPort, as we can see here on line 20: This is fine for a single-node deployment, but now MicroK8s supports clustering we need to find a way of load-balancing our Ingress, as a multi-node cluster willContinue reading “Load-balancing Ingress with MetalLB on MicroK8s”

Exposing the Kubernetes Dashboard with an Ingress

With MicroK8s it’s easy to enable the Kubernetes Dashboard by running If you’re running MicroK8s on a local PC or VM, you can access the dashboard with kube-proxy as described in the docs, but if you want to expose it properly then the best way to do this is with an Ingress resource. Firstly, makeContinue reading “Exposing the Kubernetes Dashboard with an Ingress”

Building a hyperconverged Kubernetes cluster with MicroK8s and Ceph

This guide explains how to build a highly-available, hyperconverged Kubernetes cluster using MicroK8s, Ceph and MetalLB on commodity hardware or virtual machines. This could be useful for small production deployments, dev/test clusters, or a nerdy toy. Other guides are available – this one is written from a sysadmin point of view, focusing on stability andContinue reading “Building a hyperconverged Kubernetes cluster with MicroK8s and Ceph”

Rethinking database architecture

Originally published 2015-09-02 on the UoB Unix blog The eduroam wireless network has a reliance on a database for the authorization and accounting parts of AAA (authentication, authorization and accounting – are you who you say you are, what access are you allowed, and what did you do while connected). When we started dabbling with database-backed AAA in 2007Continue reading “Rethinking database architecture”

Service availability monitoring with Nagios and BPI

Originally published  2016-11-21 on the UoB Unix blog Several times, senior management have asked Team Wireless to provide an uptime figure for eduroam. While we do have an awful lot of monitoring of systems and services, it has never been possible to give a single uptime figure because it needs some detailed knowledge to make sense ofContinue reading “Service availability monitoring with Nagios and BPI”

Merging SELinux policies

Originally published 2016-08-01 on the UoB Unix blog We make extensive use of SELinux on all our systems. We manage SELinux config and policy with the jfryman/selinux Puppet module, which means we store SELinux policies in plain text .te format – the same format that audit2allow generates them in. One of our SELinux policies that covers permissions for NRPE is a large file. When we generateContinue reading “Merging SELinux policies”

Fronting legacy services with Kubernetes

There are many benefits to Kubernetes but what’s not discussed so often is how to migrate your services from their legacy hosting to their new home in Kubernetes. Specifically, I’m looking at the case where you have a single server or a single public IP address and you want to run your services on thatContinue reading “Fronting legacy services with Kubernetes”

Finding 32-bit WAV audio files on Linux

I was trying to find a way to search my archive of recordings on Linux and return the filenames of 32-bit WAV audio files. It’s a little tricky, but I did it. You’ll need to install the ffprobe command (part of the ffmpeg package). I came up with this command. It’s quite long and maybe not the mostContinue reading “Finding 32-bit WAV audio files on Linux”

CD/DVD duplication on Linux with TurboJet

I was looking for easy methods of burning several CD or DVD images across several drives simultaneously on Linux, since burning 20+ CDs on one burner is pretty tedious. It’s possible to use some bash magic to loop cdrecord in parallel but I wanted a GUI app as an alternative to using Nero or AlcoholContinue reading “CD/DVD duplication on Linux with TurboJet”