Delmar/bikinibottom
3
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Delmar/bikinibottom:e3d39c10fa3b4bd5ba80c2cf298f4ca7e140a0a5
Branches Tags
Delmar/bikinibottom:main
...
compare: Delmar/bikinibottom:main
Branches Tags
Delmar/bikinibottom:main

14 Commits
e3d39c10fa ... main

Author SHA1 Message Date
julien f984d59bff "Updates" 2026-06-19 08:58:08 +02:00
julien 036ec2e9f3 "Updates" 2026-06-19 08:55:26 +02:00
julien fd7fed3f3e "Updates" 2026-06-12 16:29:57 +02:00
julien 9d84200a3d "Updates" 2026-06-12 16:29:44 +02:00
julien 73ad7b1d8f "Updates" 2026-06-12 16:29:02 +02:00
julien bc6eff61d2 "Updates" 2026-06-12 16:03:11 +02:00
julien 5dc22ef4c0 "Updates" 2026-06-12 16:02:16 +02:00
julien 3c7e026ef3 "Updates" 2026-06-12 15:36:17 +02:00
julien aa08cb17d6 "Updates" 2026-06-12 15:27:19 +02:00
julien e4701b45fe "Updates" 2026-06-12 14:17:46 +02:00
julien 88946739a2 "Updates" 2026-06-12 14:08:53 +02:00
julien 96e3b2971f "Updates" 2026-06-12 14:08:48 +02:00
julien 38684e47e9 "Updates" 2026-06-12 12:47:50 +02:00
julien 6f44d9cfa8 "Updates" 2026-06-11 08:03:43 +02:00
9 changed files with 451 additions and 809 deletions
Expand all files Collapse all files
Divers/OVH_Stalwart.md
+1 -2
View File
@@ -1,5 +1,5 @@
$TTL 3600 $TTL 3600
@ IN SOA dns106.ovh.net. tech.ovh.net. (2080213997 86400 3600 3600000 300) @ IN SOA dns106.ovh.net. tech.ovh.net. (2080297022 86400 3600 3600000 300)
IN NS dns106.ovh.net. IN NS dns106.ovh.net.
IN NS ns106.ovh.net. IN NS ns106.ovh.net.
IN MX 100 mx3.mail.ovh.net. IN MX 100 mx3.mail.ovh.net.
@@ -49,7 +49,6 @@ lai IN A 176.188.240.123
lghn IN A 176.188.240.123 lghn IN A 176.188.240.123
lnk IN A 176.188.240.123 lnk IN A 176.188.240.123
lud IN A 176.188.240.123 lud IN A 176.188.240.123
mailbear IN A 176.188.240.123
minio IN A 176.188.240.123 minio IN A 176.188.240.123
mmgr IN A 176.188.240.123 mmgr IN A 176.188.240.123
nds IN A 176.188.240.123 nds IN A 176.188.240.123
TuringPi/cm-jetson-orin-nano.md
+19
View File
@@ -0,0 +1,19 @@
Jetson Orin Nano
===
[![jetson-orin-nano.webp](./jetson-orin-nano.webp)](./jetson-orin-nano.webp)
[https://developer.nvidia.com/sdk-manager#host_os_comp_matrix](https://developer.nvidia.com/sdk-manager#host_os_comp_matrix)
[https://www.jetson-ai-lab.com/tutorials/initial-setup-sdk-manager/](https://www.jetson-ai-lab.com/tutorials/initial-setup-sdk-manager/)
---
### Documentation
[https://developer.nvidia.com/embedded/learn/get-started-jetson-orin-nano-devkit](https://developer.nvidia.com/embedded/learn/get-started-jetson-orin-nano-devkit)
##### Server World
[https://www.server-world.info/en/note?os=Debian\_12&p=download&f=1](https://www.server-world.info/en/note?os=Debian_12&p=download&f=1)
TuringPi/compute-modules.md → TuringPi/cm-pine64-soquartz.md
+1 -93
View File
@@ -1,10 +1,8 @@
Compute Modules Pine64 SoQuartz (RK3566)
=== ===
### Install OS / headless installation ### Install OS / headless installation
#### SoQuartz (RK3566)
[![soquartz-cm.webp](./soquartz-cm.webp)](./soquartz-cm.webp) [![soquartz-cm.webp](./soquartz-cm.webp)](./soquartz-cm.webp)
##### Specifications ##### Specifications
@@ -250,96 +248,6 @@ sudo apt install lm-sensors fancontrol read-edid i2c-tools libi2c-dev python3-sm
sudo sensors-detect sudo sensors-detect
``` ```
---
#### Turing RK1 (RK3588)
[![turing-rk1-cm.webp](./turing-rk1-cm.webp)](./turing-rk1-cm.webp)
##### Specifications
<table id="bkmrk-instruction-set-armv"><tbody><tr><td>**Instruction Set**</td><td>ARMv8-A (64-bit)</td></tr><tr><td>**OS Support**</td><td>Ubuntu Server 22.04 LTS</td></tr><tr><td>**CPUs**</td><td>8× | 4× ARM Cortex-A76 | 4× ARM Cortex-A55 | DynamIQ</td></tr><tr><td>**GPU**</td><td>G610 GPU
Support OpenGLES 1.1, 2.0, and 3.2, OpenCL up to 2.2 and Vulkan1.2
Proprietary 2D hardware acceleration engine</td></tr><tr><td>**NPU**</td><td>6 TOPS</td></tr><tr><td>**RAM**</td><td>LPDDR4 up to 32 GB</td></tr><tr><td>**Storage**</td><td>32 G eMMC 5.1, SD 3.0</td></tr><tr><td>**Ethernet**</td><td>1000Mbps</td></tr><tr><td>**USB**</td><td>2x USB 3.0, 2x USB 2.0</td></tr><tr><td>**PCIe**</td><td>PCIe Gen3</td></tr><tr><td>**MIPI**</td><td>4-Lane MIPI-DSI, 4-Lane MIPI-CSI</td></tr><tr><td>**Digital Audio port**</td><td>2× I2S</td></tr><tr><td>**HDMI**</td><td>HDMI 2.1, 8K@60fps</td></tr><tr><td>**Video input port**</td><td>2× MIPI-CSI RX 4× lanes
1× MIPI-CSI DPHY RX 4× lanes</td></tr><tr><td>**Display output port**</td><td>1× MIPI-DSI DPHY 2× lanes
1× HDMI 2.1
1× DP 1.4</td></tr><tr><td>**VPU**</td><td>VPU 2.0, supporting 8K video</td></tr><tr><td>**Video Encoder**</td><td>H264, 8K@30FPS
VP9/H265, 8k@60FPS
AV1/AVS2, 4k@60FPS</td></tr><tr><td>**Video Decoder**</td><td>H265/H264/VP9/AV1/AVS2 up to 8K@60fps</td></tr><tr><td>**Power**</td><td>5V/3A via USB Type-C</td></tr><tr><td>**Operating Temp**</td><td>-20°C to 70°C</td></tr><tr><td>**Storage Temp**</td><td>-40°C to 85°C</td></tr><tr><td>**Weight**</td><td>17g</td></tr><tr><td>**Form Factor**</td><td>69.6mm x 45mm
260-pin SO-DIMM connector</td></tr></tbody></table>
##### Setup
[https://joshua-riek.github.io/ubuntu-rockchip-download/boards/turing-rk1.html](https://joshua-riek.github.io/ubuntu-rockchip-download/boards/turing-rk1.html)
> bob (192.168.1.11) | gary (192.168.1.13) | sandy (192.168.1.14) | sheldon (192.168.1.16) | pearl (192.168.1.19)
> pleb / transatlantique
```bash
sudo useradd pleb
sudo groupadd sudo
sudo usermod -aG sudo pleb
echo "pleb ALL=(ALL:ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/pleb
```
```bash
sudo hostnamectl set-hostname [hostname]
sudo dpkg-reconfigure tzdata
(. /etc/lsb-release &&
curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh |
sudo env os=ubuntu dist="${DISTRIB_CODENAME}" bash)
sudo apt update && sudo apt install -y git-all git-lfs curl wget screenfetch net-tools open-iscsi python3 python3-pip build-essential libssl-dev libffi-dev python3-dev wireguard
```
### GPU Drivers
```bash
cd /usr/lib && sudo wget https://github.com/JeffyCN/mirrors/raw/libmali/lib/aarch64-linux-gnu/libmali-valhall-g610-g6p0-x11-wayland-gbm.so
cd /lib/firmware && sudo wget https://github.com/JeffyCN/mirrors/raw/libmali/firmware/g610/mali_csffw.bin
sudo apt update && sudo apt install -y mesa-opencl-icd
sudo mkdir -p /etc/OpenCL/vendors && echo "/usr/lib/libmali-valhall-g610-g6p0-x11-wayland-gbm.so" | sudo tee /etc/OpenCL/vendors/mali.icd
sudo apt install -y ocl-icd-opencl-dev
sudo apt install -y libxcb-dri2-0 libxcb-dri3-0 libwayland-client0 libwayland-server0 libx11-xcb1
sudo apt install -y clinfo vulkan-tools
```
```bash
clinfo
vulkaninfo
```
**PS :** [Ubuntu Pro](https://ubuntu.com/pro/tutorial)
---
#### Jetson Orin Nano
[![jetson-orin-nano.webp](./jetson-orin-nano.webp)](./jetson-orin-nano.webp)
[https://developer.nvidia.com/sdk-manager#host_os_comp_matrix](https://developer.nvidia.com/sdk-manager#host_os_comp_matrix)
[https://www.jetson-ai-lab.com/tutorials/initial-setup-sdk-manager/](https://www.jetson-ai-lab.com/tutorials/initial-setup-sdk-manager/)
---
### Documentation
[https://docs.turingpi.com](https://docs.turingpi.com)
[https://developer.nvidia.com/embedded/learn/get-started-jetson-orin-nano-devkit](https://developer.nvidia.com/embedded/learn/get-started-jetson-orin-nano-devkit)
##### help.turingpi.com
jme69@pm.me
Ln4@iJMNn85h2Xrx
[https://help.turingpi.com/hc/en-us](https://help.turingpi.com/hc/en-us "https://help.turingpi.com/hc/en-us")
##### Server World ##### Server World
TuringPi/cm-turing-rk1.md
+189
View File
@@ -0,0 +1,189 @@
Turing RK1 (RK3588)
===
[![turing-rk1-cm.webp](./turing-rk1-cm.webp)](./turing-rk1-cm.webp)
##### Specifications
<table id="bkmrk-instruction-set-armv"><tbody><tr><td>**Instruction Set**</td><td>ARMv8-A (64-bit)</td></tr><tr><td>**OS Support**</td><td>Ubuntu Server 22.04 LTS</td></tr><tr><td>**CPUs**</td><td>8× | 4× ARM Cortex-A76 | 4× ARM Cortex-A55 | DynamIQ</td></tr><tr><td>**GPU**</td><td>G610 GPU
Support OpenGLES 1.1, 2.0, and 3.2, OpenCL up to 2.2 and Vulkan1.2
Proprietary 2D hardware acceleration engine</td></tr><tr><td>**NPU**</td><td>6 TOPS</td></tr><tr><td>**RAM**</td><td>LPDDR4 up to 32 GB</td></tr><tr><td>**Storage**</td><td>32 G eMMC 5.1, SD 3.0</td></tr><tr><td>**Ethernet**</td><td>1000Mbps</td></tr><tr><td>**USB**</td><td>2x USB 3.0, 2x USB 2.0</td></tr><tr><td>**PCIe**</td><td>PCIe Gen3</td></tr><tr><td>**MIPI**</td><td>4-Lane MIPI-DSI, 4-Lane MIPI-CSI</td></tr><tr><td>**Digital Audio port**</td><td>2× I2S</td></tr><tr><td>**HDMI**</td><td>HDMI 2.1, 8K@60fps</td></tr><tr><td>**Video input port**</td><td>2× MIPI-CSI RX 4× lanes
1× MIPI-CSI DPHY RX 4× lanes</td></tr><tr><td>**Display output port**</td><td>1× MIPI-DSI DPHY 2× lanes
1× HDMI 2.1
1× DP 1.4</td></tr><tr><td>**VPU**</td><td>VPU 2.0, supporting 8K video</td></tr><tr><td>**Video Encoder**</td><td>H264, 8K@30FPS
VP9/H265, 8k@60FPS
AV1/AVS2, 4k@60FPS</td></tr><tr><td>**Video Decoder**</td><td>H265/H264/VP9/AV1/AVS2 up to 8K@60fps</td></tr><tr><td>**Power**</td><td>5V/3A via USB Type-C</td></tr><tr><td>**Operating Temp**</td><td>-20°C to 70°C</td></tr><tr><td>**Storage Temp**</td><td>-40°C to 85°C</td></tr><tr><td>**Weight**</td><td>17g</td></tr><tr><td>**Form Factor**</td><td>69.6mm x 45mm
260-pin SO-DIMM connector</td></tr></tbody></table>
# TuringPi hosts
## Flash modules
https://armbian.com/fr
### First login
> root/1234
Add pleb user and change password to transatlantique
### Complete setup
```bash
sudo usermod -aG sudo pleb
echo "pleb ALL=(ALL:ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/pleb
sudo hostnamectl set-hostname ...
(. /etc/lsb-release &&
curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh |
sudo env os=ubuntu dist="${DISTRIB_CODENAME}" bash)
sudo apt update && sudo apt install -y vim git-all git-lfs curl wget cryptsetup dmsetup open-iscsi screenfetch net-tools open-iscsi python3 python3-pip build-essential libssl-dev libffi-dev python3-dev wireguard
sudo vim /etc/hosts
```
```
127.0.0.1 localhost
127.0.1.1 <hostname> <hostname>.local
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
#
192.168.1.11 bob
192.168.1.12 carlo
#
192.168.1.15 krabs
192.168.1.17 bernie
#
192.168.1.14 sandy
192.168.1.13 gary
192.168.1.16 sheldon
192.168.1.19 pearl
#
192.168.1.18 patrick
192.168.1.20 karen
#
192.168.1.53 retropie
```
#### On PC
```bash
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@192.168.1.xxx
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@<hostname>
```
#### On host
```bash
vim .ssh/authorized_keys
sudo vim /etc/ssh/sshd_config
```
```
# ----------------------------------------
PasswordAuthentication no
PermitEmptyPasswords no
# ----------------------------------------
```
```
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBLk24u7FT8PhAdM8EVUFGlOi0hle4CW8L284E1foUhS julien@julien-pc
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE6wr+DUbcfVTltoWT6gbPRY3geUYNhgN7/CLcMaMu0B eliot@toile-win
```
### Format and mount the disks
```bash
sudo fdisk -l
**With disk <xxx>**
sudo fdisk /dev/<xxx>
(create new primary partition)
sudo mkfs -t ext4 /dev/<xxxp1>
sudo blkid -s UUID -o value /dev/<xxxp1>
```
### UUIDs
```
sandy
nvme0n1p1 195a1632-e6b3-41a4-8b2b-eea2fde75cfc
sda1 8a758c09-3ad8-4681-bcb0-41ced1d316e1
gary
nvme0n1p1 7395f5ad-c422-4a09-9a1f-5c8bf96b00f5
sheldon
nvme0n1p1 0a52875c-41a6-419f-b322-33ed2cec9717
sda1 d4cad1ad-6154-4eb3-b1a1-2c613a6cbe51
sdb1 c445f17b-56b0-4606-9d14-db9728da0aa4
pearl
nvme0n1p1 da49c557-732e-4bbc-b002-f9c627e2cf82
```
### Add mount point to fstab
```bash
sudo mkdir -p /mnt/<folder>
echo "UUID=... /mnt/<folder> ext4 defaults 0 0" | sudo tee -a /etc/fstab
```
```bash
sudo mount -a
sudo systemctl daemon-reload
df -h /mnt/<folder>
```
---
# ?
### GPU Drivers
```bash
cd /usr/lib && sudo wget https://github.com/JeffyCN/mirrors/raw/libmali/lib/aarch64-linux-gnu/libmali-valhall-g610-g6p0-x11-wayland-gbm.so
cd /lib/firmware && sudo wget https://github.com/JeffyCN/mirrors/raw/libmali/firmware/g610/mali_csffw.bin
sudo apt update && sudo apt install -y mesa-opencl-icd
sudo mkdir -p /etc/OpenCL/vendors && echo "/usr/lib/libmali-valhall-g610-g6p0-x11-wayland-gbm.so" | sudo tee /etc/OpenCL/vendors/mali.icd
sudo apt install -y ocl-icd-opencl-dev
sudo apt install -y libxcb-dri2-0 libxcb-dri3-0 libwayland-client0 libwayland-server0 libx11-xcb1
sudo apt install -y clinfo vulkan-tools
```
```bash
clinfo
vulkaninfo
```
---
### Documentation
[https://docs.turingpi.com](https://docs.turingpi.com)
##### help.turingpi.com
jme69@pm.me
Ln4@iJMNn85h2Xrx
[https://help.turingpi.com/hc/en-us](https://help.turingpi.com/hc/en-us "https://help.turingpi.com/hc/en-us")
##### Server World
[https://www.server-world.info/en/note?os=Debian\_12&amp;p=download&amp;f=1](https://www.server-world.info/en/note?os=Debian_12&p=download&f=1)
TuringPi/disks.md
+16 -23
View File
@@ -75,41 +75,34 @@ UUID=6702c3b0-eb03-4c1f-9ddc-56f4f7736222 /mnt/ssd ext4 defaults
#### sandy (nvme0n1 / sda ) #### sandy (nvme0n1 / sda )
``` ```
# <file system> <mount point> <type> <options> <dump> <fsck> UUID=a92029d5-96be-47f6-8d45-ea81995e0a1b / ext4 defaults,commit=120,errors=remount-ro 0 1
UUID=1cf633ab-4f5f-42da-b347-31282732a446 / ext4 defaults,x-systemd.growfs 0 1 tmpfs /tmp tmpfs defaults,nosuid 0 0
# nvme UUID=195a1632-e6b3-41a4-8b2b-eea2fde75cfc /mnt/ssd ext4 defaults 0 0
UUID=e2e3a295-9731-4aa2-996f-c72c2b81f40f /mnt/ssd ext4 defaults 0 0 UUID=8a758c09-3ad8-4681-bcb0-41ced1d316e1 /mnt/hdd ext4 defaults 0 0
# hdd
UUID=755c7782-171b-4dab-8b06-31c02557141f /mnt/hdd ext4 defaults 0 0
``` ```
#### gary (nvme0n1) #### gary (nvme0n1)
``` ```
# <file system> <mount point> <type> <options> <dump> <fsck> UUID=a92029d5-96be-47f6-8d45-ea81995e0a1b / ext4 defaults,commit=120,errors=remount-ro 0 1
UUID=1cf633ab-4f5f-42da-b347-31282732a446 / ext4 defaults,x-systemd.growfs 0 1 tmpfs /tmp tmpfs defaults,nosuid 0 0
# nvme UUID=7395f5ad-c422-4a09-9a1f-5c8bf96b00f5 /mnt/ssd ext4 defaults 0 0
UUID=124046b7-f656-4691-933b-4673e5abbb17 /mnt/ssd ext4 defaults 0 0
``` ```
#### sheldon (nvme0n1 / sda / sdb) #### sheldon (nvme0n1 / sda / sdb)
``` ```
# <file system> <mount point> <type> <options> <dump> <fsck> UUID=a92029d5-96be-47f6-8d45-ea81995e0a1b / ext4 defaults,commit=120,errors=remount-ro 0 1
UUID=1cf633ab-4f5f-42da-b347-31282732a446 / ext4 defaults,x-systemd.growfs 0 1 tmpfs /tmp tmpfs defaults,nosuid 0 0
# nvme UUID=0a52875c-41a6-419f-b322-33ed2cec9717 /mnt/ssd ext4 defaults 0 0
UUID=fd0d6603-c6f1-43fe-a993-39f79b4e3eb8 /mnt/ssd ext4 defaults 0 0 # hdds
# hdds (LVM # sda1 d4cad1ad-6154-4eb3-b1a1-2c613a6cbe51
# sda a47b05b1-3bc6-45ba-bfb4-e0aca4761fe5 # sdb1 c445f17b-56b0-4606-9d14-db9728da0aa4
# sdb 8a54c53d-427f-4085-9922-76c9ecaf30fa
# lvm /dev/mapper/hdds-hdd
UUID=951bfd08-c684-4203-9dd3-d041f3b4606e /mnt/hdd ext4 defaults,nofail,user_xattr,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2
``` ```
#### pearl (nvme0n1) #### pearl (nvme0n1)
``` ```
# <file system> <mount point> <type> <options> <dump> <fsck> UUID=a92029d5-96be-47f6-8d45-ea81995e0a1b / ext4 defaults,commit=120,errors=remount-ro 0 1
UUID=1cf633ab-4f5f-42da-b347-31282732a446 / ext4 defaults,x-systemd.growfs 0 1 tmpfs /tmp tmpfs defaults,nosuid 0 0
# nvme UUID=da49c557-732e-4bbc-b002-f9c627e2cf82 /mnt/ssd ext4 defaults 0 0
UUID=6d255d62-eafe-4333-87b0-9e0c6bf6a44d /mnt/ssd ext4 defaults 0 0
``` ```
#### krabs (sad / sdb) (nfs server) #### krabs (sad / sdb) (nfs server)
TuringPi/hosts.md
+88 -73
View File
@@ -45,6 +45,26 @@ ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@192.168.1.xxx
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@<hostname> ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@<hostname>
``` ```
#### Keys
```
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBLk24u7FT8PhAdM8EVUFGlOi0hle4CW8L284E1foUhS julien@julien-pc
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE6wr+DUbcfVTltoWT6gbPRY3geUYNhgN7/CLcMaMu0B eliot@toile-win
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKmttayKqj6Z290hMCc97v4dMZTSUz4lYgXR0NtcRr8U delmar@thinkpad
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlta/YdJ0ztVpZsP/nh37Fn+H5Hxg/Mw+jR91f5Gf08 pleb@bob
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN9mn7tuYWTPLbH2MViAkiKSUkXj4NauCUgzj778LoQ2 pleb@carlo
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKL7A0xvHSfmWo+LUHdWWb03a5NXN1IlbLS5iSHxs3zw pleb@sandy
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHpnC0ftrLwzhsmonDtSvh38Oi5OGe1iOaQjlsm1RlD2 pleb@gary
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII9USnPFJx/PbV+KnlTN4o3f4SwiuHCWaAlE8aKcY4Ne pleb@sheldon
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMrWtBN3yRh3PHG+7UUeRUIvhuMcwtR88FzUn4xS5FyV pleb@pearl
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMfd7PrJ50jHrG6yjIJ5u7jKTyXi9mPn8/oa+HNAVNsf pleb@krabs
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJtrn0Oj2IstMwzheIZcJGBA8RNWTyNtksaK2LhvjNul pleb@bernie
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHh1LTS5PzsQ45xiRbyxBbCurI7JdEpdkCsbx3mlYaaR pleb@patrick
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAaOsYNLsoYcXDV3I7zbJABeIo7CJOdMxUN86rH1/IH9 pleb@karen
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCiAt5dNKbcaYmmsMGitBTaYoKkfEMJ5dGBzbSIDF4WdmPQGFmNf3urAxM1MDjlW7ifzfia7I49pc+Sndo0+b/FiS9FIMWwlNmOrr5c24XXZvYhPvk2M9ghEhXgLGDO3N/xPG6M+rrEzeRFXCdlHZuan6/iUdGcDQtgS2q4ciAMCk8V0QptmvWYqgs/CMsnU3WULUA+abKdx605zzG0inF6pNFaIO50mRraPQsWq34SxXknkJnTBHFogj9NyV/Y9BhiKBm3IXn2f9cVK5/+8Af91w5uI07kpLnPXSDkEZFKK4J48dCdDLhOk2H1/PzapkwW5pF8dhBeKVW2W7oyvuWplKj7cS2dS9ODqqae5kgI83IBdOxQ3VONRCHiUVbezREON66xpOncmWq/YhegWCCHviHUzO0DtpxQXPnZTcX6LwiWhZ9vzGdostJ72i2PxtU155S5PBqaXF+u01cbD0yOuA364LIri2mJxgXHqQH6VwgUJYA7G3Ln4KTueHc9oQxZS5+zZA6LfIu0AB0o7RGcvRV2F+434svy9aXceOUQ2n/5qWo6jmqtOsx2IGkiBkCCHBK8G/83mWBWcfbzXdfPDj7a2xeMoiAU5Rr99JIJkiplDMVrR48diGtCxRYjitWUBigbz6Yy0ozowT6TUvK2PaPUgfhxVK2lhi/et37+/w== NVIDIA-SDK-Manager
```
=== ===
### Map ### Map
@@ -117,48 +137,45 @@ ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@<hostname>
### gary ### gary
```bash ```bash
./+o+- hostname: gary _,met$$$$$gg. pleb@gary
yyyyy- -yyyyyy+ OS: Ubuntu 25.10 questing ,g$$$$$$$$$$$$$$$P. OS: Debian 13 trixie
://+//////-yyyyyyo Kernel: aarch64 Linux 6.11.0-1006-rockchip ,g$$P"" """Y$$.". Kernel: aarch64 Linux 6.18.35-current-rockchip64
.++ .:/++++++/-.+sss/` Uptime: ,$$P' `$$$. Uptime: 2m
.:++o: /++++++++/:--:/- Packages: 1447 ',$$P ,ggs. `$$b: Packages: 309
o:+o+:++.`..```.-/oo+++++/ Shell: bash 5.2.37 `d$$' ,$P"' . $$$ Shell: bash 5.2.37
.:+o:+o/. `+sssoo+/ Disk: 1TB $$P d$' , $$P Disk: 1,7G / 974G (1%)
.++/+:+oo+o:` /sssooo. CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1.8GHz $$: $$. - ,d$$' CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1,8GHz
/+++//+:`oo+o /::--:. GPU: Mali G610 $$\; Y$b._ _,d$P' RAM: 441MiB / 15713MiB
\+/+o+++`o++o ++////. RAM: 15959MiB Y$$. `.`"Y$$$$P"'
.++.o+++oo+:` /dddhhh. `$$b "-.__
.+.o+oo:. `oddhhhh+ `Y$$
\+.++o+o``-````.:ohdhhhhh+ `Y$$.
`:o+++ `ohhhhhhhhyo++os: `$$b.
.o:`.syhhhhhhh/.oo++o` `Y$$b.
/osyyyyyyo++ooo+++/ `"Y$b._
````` +oo+++o\: `""""
`oo++.
``` ```
### sandy ### sandy
```bash ```bash
./+o+- hostname: sandy _,met$$$$$gg. pleb@sandy
yyyyy- -yyyyyy+ OS: Ubuntu 25.10 questing ,g$$$$$$$$$$$$$$$P. OS: Debian 13 trixie
://+//////-yyyyyyo Kernel: aarch64 Linux 6.11.0-1006-rockchip ,g$$P"" """Y$$.". Kernel: aarch64 Linux 6.18.35-current-rockchip64
.++ .:/++++++/-.+sss/` Uptime: ,$$P' `$$$. Uptime: 2m
.:++o: /++++++++/:--:/- Packages: 1262 ',$$P ,ggs. `$$b: Packages: 309
o:+o+:++.`..```.-/oo+++++/ Shell: bash 5.2.37 `d$$' ,$P"' . $$$ Shell: bash 5.2.37
.:+o:+o/. `+sssoo+/ Disk: 1TB / 1TB $$P d$' , $$P Disk: 1,7G / 970G (1%)
.++/+:+oo+o:` /sssooo. CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1.8GHz $$: $$. - ,d$$' CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1,8GHz
/+++//+:`oo+o /::--:. RAM: 7929MiB $$\; Y$b._ _,d$P' RAM: 402MiB / 7683MiB
\+/+o+++`o++o ++////. Y$$. `.`"Y$$$$P"'
.++.o+++oo+:` /dddhhh. `$$b "-.__
.+.o+oo:. `oddhhhh+ `Y$$
\+.++o+o``-````.:ohdhhhhh+ `Y$$.
`:o+++ `ohhhhhhhhyo++os: `$$b.
.o:`.syhhhhhhh/.oo++o` `Y$$b.
/osyyyyyyo++ooo+++/ `"Y$b._
````` +oo+++o\: `""""
`oo++.
``` ```
### krabs ([NFS Server](https://bookstack.delmar.bzh/books/turing-pi/page/nfs-server "NFS Server")) ### krabs ([NFS Server](https://bookstack.delmar.bzh/books/turing-pi/page/nfs-server "NFS Server"))
@@ -186,46 +203,44 @@ ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@<hostname>
### sheldon ### sheldon
```bash ```bash
./+o+- hostname: sheldon _,met$$$$$gg. pleb@sheldon
yyyyy- -yyyyyy+ OS: Ubuntu 25.10 questing ,g$$$$$$$$$$$$$$$P. OS: Debian 13 trixie
://+//////-yyyyyyo Kernel: aarch64 Linux 6.11.0-1006-rockchip ,g$$P"" """Y$$.". Kernel: aarch64 Linux 6.18.35-current-rockchip64
.++ .:/++++++/-.+sss/` Uptime: ,$$P' `$$$. Uptime: 3m
.:++o: /++++++++/:--:/- Packages: 1053 ',$$P ,ggs. `$$b: Packages: 309
o:+o+:++.`..```.-/oo+++++/ Shell: bash 5.2.37 `d$$' ,$P"' . $$$ Shell: bash 5.2.37
.:+o:+o/. `+sssoo+/ Disk: 1TB / 1.8TB $$P d$' , $$P Disk: 1,7G / 974G (1%)
.++/+:+oo+o:` /sssooo. CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1.8GHz $$: $$. - ,d$$' CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1,8GHz
/+++//+:`oo+o /::--:. RAM: 15959MiB $$\; Y$b._ _,d$P' RAM: 445MiB / 15713MiB
\+/+o+++`o++o ++////. Y$$. `.`"Y$$$$P"'
.++.o+++oo+:` /dddhhh. `$$b "-.__
.+.o+oo:. `oddhhhh+ `Y$$
\+.++o+o``-````.:ohdhhhhh+ `Y$$.
`:o+++ `ohhhhhhhhyo++os: `$$b.
.o:`.syhhhhhhh/.oo++o` `Y$$b.
/osyyyyyyo++ooo+++/ `"Y$b._
````` +oo+++o\: `""""
`oo++.
``` ```
### pearl ### pearl
```bash ```bash
./+o+- pleb@pearl _,met$$$$$gg. pleb@pearl
yyyyy- -yyyyyy+ OS: Ubuntu 25.10 questing ,g$$$$$$$$$$$$$$$P. OS: Debian 13 trixie
://+//////-yyyyyyo Kernel: aarch64 Linux 6.11.0-1006-rockchip ,g$$P"" """Y$$.". Kernel: aarch64 Linux 6.18.35-current-rockchip64
.++ .:/++++++/-.+sss/` Uptime: 1h 36m ,$$P' `$$$. Uptime: 3m
.:++o: /++++++++/:--:/- Packages: 878 ',$$P ,ggs. `$$b: Packages: 309
o:+o+:++.`..```.-/oo+++++/ Shell: bash 5.2.37 `d$$' ,$P"' . $$$ Shell: bash 5.2.37
.:+o:+o/. `+sssoo+/ Disk: 3.7G / 29G (14%) $$P d$' , $$P Disk: 1,7G / 952G (1%)
.++/+:+oo+o:` /sssooo. CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1.8GHz $$: $$. - ,d$$' CPU: ARM Cortex-A55 Cortex-A76 @ 8x 1,8GHz
/+++//+:`oo+o /::--:. GPU: $$\; Y$b._ _,d$P' RAM: 473MiB / 15713MiB
\+/+o+++`o++o ++////. RAM: 550MiB / 15959MiB Y$$. `.`"Y$$$$P"'
.++.o+++oo+:` /dddhhh. `$$b "-.__
.+.o+oo:. `oddhhhh+ `Y$$
\+.++o+o``-````.:ohdhhhhh+ `Y$$.
`:o+++ `ohhhhhhhhyo++os: `$$b.
.o:`.syhhhhhhh/.oo++o` `Y$$b.
/osyyyyyyo++ooo+++/ `"Y$b._
````` +oo+++o\: `""""
`oo++.
``` ```
### bernie ### bernie
TuringPi/k3sup.md → TuringPi/kubernetes-k3sup.md
+127 -80
View File
@@ -1,4 +1,7 @@
#### Installation de kubectl Kubernetes (K3Sup)
===
### Installation de kubectl ?
```bash ```bash
sudo apt-get update && sudo apt-get install -y apt-transport-https ca-certificates curl gnupg sudo apt-get update && sudo apt-get install -y apt-transport-https ca-certificates curl gnupg
@@ -11,7 +14,7 @@ sudo apt-get update
sudo apt-get install -y kubectl sudo apt-get install -y kubectl
``` ```
#### Installation de k3sup : ### Installation de k3sup :
```bash ```bash
# Avec curl # Avec curl
@@ -24,19 +27,6 @@ chmod +x k3sup
sudo mv k3sup /usr/local/bin/ sudo mv k3sup /usr/local/bin/
``` ```
#### Configuration sudo sans mot de passe :
```bash
# Ajout de l'utilisateur au groupe sudo
sudo usermod -aG sudo pleb
# Configuration pour éviter la saisie de mot de passe
# debian
echo "pleb ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/pleb
# ubuntu
echo "pleb ALL=(ALL:ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/90-cloud-init-users
```
#### Premier déploiement : #### Premier déploiement :
```bash ```bash
@@ -62,18 +52,31 @@ kubectl get nodes -o wide
kubectl get pods -n kube-system kubectl get pods -n kube-system
``` ```
#### Validation : #### Setting labels:
```bash
# sudo k3s kubectl label nodes xxx kubernetes.io/role=worker
kubectl label nodes gary kubernetes.io/role=worker
kubectl label nodes sheldon kubernetes.io/role=worker
kubectl label nodes pearl kubernetes.io/role=worker
# sudo k3s kubectl label nodes sandy node-type=worker
kubectl label nodes gary node-type=worker
kubectl label nodes sheldon node-type=worker
kubectl label nodes pearl node-type=worker
```
```bash ```bash
kubectl get nodes kubectl get nodes
NAME STATUS ROLES AGE VERSION
gary Ready <none> 77s v1.34.4+k3s1
sandy Ready control-plane 39m v1.34.4+k3s1
sheldon Ready <none> 48s v1.34.4+k3s1
pearl Ready <none> 48s v1.34.4+k3s1
``` ```
```
NAME STATUS ROLES AGE VERSION
gary Ready worker 82m v1.35.5+k3s1
pearl Ready worker 81m v1.35.5+k3s1
sandy Ready control-plane 84m v1.35.5+k3s1
sheldon Ready worker 82m v1.35.5+k3s1
```
### Helm ### Helm
@@ -119,63 +122,6 @@ kubectl --namespace kube-system port-forward $POD_NAME 8080:$CONTAINER_PORT
kubectl create token bb-headlamp --namespace kube-system kubectl create token bb-headlamp --namespace kube-system
``` ```
#### [longhorn](https://longhorn.io)
```bash
USER=admin; PASSWORD=v5bB4OQRDfY5tFJ1; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth
sudo k3s kubectl -n longhorn-system create secret generic basic-auth --from-file=auth
vim longhorn-ingress.yml
```
```
---
apiVersion: v1
kind: Secret
metadata:
name: longhorn-basic-auth-secret
namespace: longhorn-system
data:
users: |2
YWRtaW46JGFwcjEkMmp5TzMwYmskRE5IV0VEQW1VQXFVajVGOHNvdXNVMAoK
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: longhorn-basic-auth-middleware
spec:
basicAuth:
secret: longhorn-basic-auth-secret
realm: "Longhorn Dashboard"
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: longhorn-ingress
namespace: longhorn-system
annotations:
spec.ingressClassName: traefik
traefik.ingress.kubernetes.io/router.middlewares: longhorn-system-longhorn-basic-auth-middleware@kubernetescrd
spec:
rules:
- http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: longhorn-frontend
port:
number: 80
```
```bash
sudo k3s kubectl -n longhorn-system apply -f longhorn-ingress.yml
```
#### metallb #### metallb
```bash ```bash
@@ -213,7 +159,7 @@ metadata:
namespace: metallb-system namespace: metallb-system
spec: spec:
addresses: addresses:
- 192.168.1.21-192.168.1.40 - 192.168.1.21-192.168.1.30
--- ---
apiVersion: metallb.io/v1beta1 apiVersion: metallb.io/v1beta1
@@ -326,3 +272,104 @@ spec:
```bash ```bash
sudo k3s kubectl -n kube-system apply -f traefik-ingress.yml sudo k3s kubectl -n kube-system apply -f traefik-ingress.yml
``` ```
#### [longhorn](https://longhorn.io)
```bash
helm repo add longhorn https://charts.longhorn.io
helm repo update
kubectl create namespace longhorn-system
helm install longhorn longhorn/longhorn --namespace longhorn-system
USER=admin; PASSWORD=v5bB4OQRDfY5tFJ1; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth
kubectl -n longhorn-system create secret generic basic-auth --from-file=auth
vim longhorn/longhorn-middelwares.yaml
````
```
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: longhorn-auth
namespace: longhorn-system
spec:
basicAuth:
secret: basic-auth
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: longhorn-buffering
namespace: longhorn-system
spec:
buffering:
# Allows backing image uploads up to 10,000MB
maxRequestBodyBytes: 10485760000
```
```bash
kubectl apply -f longhorn-middlewares.yml
```
```bash
vim longhorn/longhorn-ingress.yaml
```
```
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: longhorn-ingress
namespace: longhorn-system
annotations:
# Connect the middlewares defined in step 2
traefik.ingress.kubernetes.io/router.middlewares:
longhorn-system-longhorn-auth@kubernetescrd,
longhorn-system-longhorn-buffering@kubernetescrd
spec:
ingressClassName: traefik
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: longhorn-frontend
port:
number: 80
```
```bash
kubectl -n longhorn-system get pod
kubectl get storageclass
```
```
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
local-path (default) rancher.io/local-path Delete WaitForFirstConsumer false 93m
longhorn (default) driver.longhorn.io Delete Immediate true 59m
longhorn-static driver.longhorn.io Delete Immediate true 59m
```
##### Unset default for "local-path" (emmc)
```bash
kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"false"}}}'
```
##### Mark longhorn as "default"
```bash
kubectl patch storageclass longhorn -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
```
##### Apply ingress
```bash
kubectl -n longhorn-system apply -f longhorn/longhorn-ingress.yaml
kubectl -n longhorn-system get ingress
```
TuringPi/kubernetes.md
-517
View File
@@ -1,517 +0,0 @@
# Kubernetes
## 1. Compute Modules
### Install OS / headless installation
1. Flash the Plebian image to a SD card/ EMMC.
2. Boot.
3. ssh as "pleb/pleb" and complete setup
```bash
sudo useradd pleb
sudo groupadd sudo
sudo usermod -aG sudo pleb
# Configuration pour éviter la saisie de mot de passe
# debian
echo "pleb ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/pleb
# ubuntu
echo "pleb ALL=(ALL:ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/90-cloud-init-users
```
```bash
sudo apt update && sudo apt install -y curl
# curl -O https://overviewer.org/~pillow/up/75bea78e59/devicetrees-plebian-quartz64-20230601130309-arm64.deb
# sudo dpkg -i devicetrees-plebian-quartz64-20230601130309-arm64.deb
# sudo sysctl -w net.core.rmem_max=2500000
sudo apt update && sudo apt -y upgrade
sudo hostnamectl set-hostname < hostname >
sudo apt install -y git wget screenfetch net-tools open-iscsi python3 python3-pip build-essential libssl-dev libffi-dev python3-dev
# sudo apt install -y docker docker-compose
```
#### Reboot
```bash
sudo mkfs.ext4 /dev/nvme0n1
sudo mkdir -p /mnt/ssd
sudo blkid -s UUID -o value /dev/nvme0n1
> sandy UUID=e2e3a295-9731-4aa2-996f-c72c2b81f40f
> gary UUID=124046b7-f656-4691-933b-4673e5abbb17
> sheldon UUID=fd0d6603-c6f1-43fe-a993-39f79b4e3eb8
> pearl UUID=6d255d62-eafe-4333-87b0-9e0c6bf6a44d
echo "UUID=... /mnt/ssd ext4 defaults 0 0" | sudo tee -a /etc/fstab
cat /etc/fstab
sudo mount -a
sudo systemctl daemon-reload
df -h /mnt/ssd
```
`sudo vim /etc/hosts`
```
# ----------------------------------------
# Host addresses
127.0.0.1 localhost
# Nodes
192.168.1.13 gary gary.local
192.168.1.14 sandy sandy.local
192.168.1.16 sheldon sheldon.local
192.168.1.19 pearl pearl.local
# ----------------------------------------
```
#### On remote (PC) :
```bash
ssh-keygen -t ed25519
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@gary
ssh pleb@gary
vim /etc/ssh/sshd_config
```
```
# ----------------------------------------
PasswordAuthentication no
# ----------------------------------------
```
#### Restart service
```bash
sudo systemctl restart sshd
```
#### On sandy :
```bash
ssh-keygen -t ed25519
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@gary
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@sandy
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub plebsheldon
ssh-copy-id -f -i ~/.ssh/id_ed25519.pub pleb@pearl
ssh pleb@sandy
ssh pleb@sheldon
ssh pleb@pearl
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3 get-pip.py --user
python3 -m pip install --user ansible
```
`vim hosts.ini`
```ini
[master]
sandy ansible_connection=local
[workers]
gary ansible_connection=ssh
sheldon ansible_connection=ssh
pearl ansible_connection=ssh
[k3s_cluster:children]
master
workers
```
## UFW
```bash
sudo apt install -y ufw
sudo ufw allow "OpenSSH"
sudo ufw enable
sudo ufw allow 6443/tcp
sudo ufw allow 2379:2380/tcp
sudo ufw allow 10250/tcp
sudo ufw allow 10259/tcp
sudo ufw allow 10257/tcp
sudo ufw allow 179/tcp
sudo ufw allow 4789/udp
sudo ufw allow 4789/tcp
sudo ufw allow 2379/tcp
sudo ufw allow 30000:32767/tcp
sudo ufw status
```
```bash
for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo service docker start
sudo docker run hello-world
sudo chmod 666 /var/run/docker.sock
sudo groupadd docker
sudo usermod -aG docker $USER
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
```
```bash
docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ee:latest
```
## 2. Install Kubernetes (via Ansible)
### k3s-ansible
#### Install Ansible
- [https://wiki.archlinux.org/title/Ansible#Installation](https://wiki.archlinux.org/title/Ansible#Installation "https://wiki.archlinux.org/title/Ansible#Installation")
- [https://docs.ansible.com/ansible/latest/installation\_guide/index.html](https://docs.ansible.com/ansible/latest/installation_guide/index.html "https://docs.ansible.com/ansible/latest/installation_guide/index.html")
#### On remote (PC):
`apt install -y ansible`
#### Clone Git repo : [https://github.com/k3s-io/k3s-ansible](https://github.com/k3s-io/k3s-ansible "https://github.com/k3s-io/k3s-ansible")
```bash
cd www
git clone https://github.com/k3s-io/k3s-ansible.git
cp -R k3s-ansible/inventory-sample.yml k3s-ansible/inventory/bikiniBottom.yaml
```
`vim www/k3s-ansible/inventory/bikiniBottom.yaml`
```ini
[master]
192.168.1.14 ansible_connection=ssh var_hostname=sandy var_disk=nvme0n1 var_uuid=e2e3a295-9731-4aa2-996f-c72c2b81f40f
[workers]
192.168.1.13 ansible_connection=ssh var_hostname=gary var_disk=nvme0n1 var_uuid=124046b7-f656-4691-933b-4673e5abbb17
192.168.1.16 ansible_connection=ssh var_hostname=shedon var_disk=nvme0n1 var_uuid=fd0d6603-c6f1-43fe-a993-39f79b4e3eb8
192.168.1.19 ansible_connection=ssh var_hostname=pearl var_disk=nvme0n1 var_uuid=6d255d62-eafe-4333-87b0-9e0c6bf6a44d
[k3s_cluster:children]
master
workers
```
`vim www/k3s-ansible/inventory/sandy/group_vars/all.yml`
> > change ansible\_user to pleb
#### Install playbook
```bash
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -m ping
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -m apt -a "name=iptables state=present" --become
ansible-playbook ~/delmar.bzh/ansible/k3s-ansible/playbooks/site.yml -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml
```
#### On master:
```bash
sudo chmod 644 /etc/rancher/k3s/k3s.yaml
mkdir ~/.kube
$ sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
$ sudo chown $USER: ~/.kube/config
$ export KUBECONFIG=~/.kube/config
```
#### On PC :
```bash
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256"
echo "$(cat kubectl.sha256) kubectl" | sha256sum --check
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
kubectl version --client
scp pleb@sandy:~/.kube/config ~/.kube/config
export KUBECONFIG=~/.kube/config
kubectl get nodes
kubectl cluster-info
```
#### Setting labels:
```bash
# sudo k3s kubectl label nodes xxx kubernetes.io/role=worker
sudo k3s kubectl label nodes gary kubernetes.io/role=worker
sudo k3s kubectl label nodes sheldon kubernetes.io/role=worker
sudo k3s kubectl label nodes pearl kubernetes.io/role=worker
# sudo k3s kubectl label nodes sandy node-type=worker
sudo k3s kubectl label nodes gary node-type=worker
sudo k3s kubectl label nodes sheldon node-type=worker
sudo k3s kubectl label nodes pearl node-type=worker
```
#### ! Ping !
`ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -m ping`
#### ! Reset !
```bash
ansible-playbook ~/delmar.bzh/ansible/k3s-ansible/reset.yml -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml
```
#### ! Restart !
`ansible all -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml -a "shutdown -r now" -b`
## 3. Helm
#### On master
```bash
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
helm version
```
## 4. MetalLb
```bash
helm repo add metallb https://metallb.github.io/metallb
helm search repo metallb
helm upgrade --install metallb metallb/metallb --create-namespace --namespace metallb-system --wait
```
```bash
cat << 'EOF' | kubectl apply -f -
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: default-pool
namespace: metallb-system
spec:
addresses:
- 192.168.1.21-192.168.1.49
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: default
namespace: metallb-system
spec:
ipAddressPools:
- default-pool
EOF
```
## 5. Local Storage Provider (Longhorn)
```bash
sudo systemctl enable iscsid.service
sudo systemctl start iscsid.service
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -b -m apt -a "name=nfs-common state=present"
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -b -m apt -a "name=open-iscsi state=present"
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -b -m apt -a "name=util-linux state=present"
```
```bash
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -b -m shell -a "lsblk -f"
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -b -m shell -a "blkid -s UUID -o value /dev/nvme0n1"
```
#### Ansible mount:
```bash
ansible -i ~/delmar.bzh/ansible/k3s-ansible/inventory/bikiniBottom.yaml k3s_cluster -m ansible.posix.mount -a "path=/mnt/ssd src=UUID={{ var_uuid }} fstype=ext4 state=mounted" -b
```
### Longhorn
```bash
helm repo add longhorn https://charts.longhorn.io
helm repo update
helm install longhorn longhorn/longhorn --namespace longhorn-system --create-namespace --version 1.4.2 --set defaultSettings.defaultDataPath="/mnt/ssd" --set service.ui.loadBalancerIP="192.168.1.23" --set service.ui.type="LoadBalancer"
sudo k3s kubectl -n longhorn-system get pod
sudo k3s kubectl get storageclass
```
- local-path (default) rancher.io/local-path Delete WaitForFirstConsumer false 111m
- longhorn (default) driver.longhorn.io Delete Immediate true 65m Mark as "non-default"
```bash
sudo k3s kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"false"}}}'
```
Mark as "default"
```bash
kubectl patch storageclass longhorn -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
```
#### UI
##### Option 1 : ingress ?
```bash
USER=admin; PASSWORD=v5bB4OQRDfY5tFJ1; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth
sudo k3s kubectl -n longhorn-system create secret generic basic-auth --from-file=auth
```
`vim longhorn-ingress.yml`
```yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: longhorn-ingress
namespace: longhorn-system
annotations:
nginx.ingress.kubernetes.io/auth-type: basic
nginx.ingress.kubernetes.io/ssl-redirect: 'false'
nginx.ingress.kubernetes.io/auth-secret: basic-auth
nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required '
nginx.ingress.kubernetes.io/proxy-body-size: 10000m
spec:
rules:
- http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: longhorn-frontend
port:
number: 80
```
```yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: longhorn-ingress
namespace: longhorn-system
annotations:
# add an annotation indicating the issuer to use
cert-manager.io/cluster-issuer: letsencrypt-staging
spec:
rules:
- host: lghn.delmar.bzh
http:
paths:
- path: /
backend:
serviceName: longhorn-frontend
servicePort: 8090
tls:
- # cert-manager will store the certificate and key in this secret
secretName: lghn-delmar-bzh-cert
hosts:
- lghn.delmar.bzh
```
```bash
sudo k3s kubectl -n longhorn-system apply -f longhorn-ingress.yml
sudo k3s kubectl -n longhorn-system get ingress
```
##### Option 2 : caddy
```bash
sudo caddy hash-password
```
```bash
sudo vim /etc/caddy/Caddyfile
```
```
lghn.delmar.bzh {
encode {
zstd
gzip
minimum_length 1024
}
reverse_proxy 192.168.1.23
basic_auth / {
admin $2a$14$RsUJ13kC9DcRMoQa8hlmNOljcXGMSem.1XwYFeV1El8Drw7DIJbVu
}
}
```
## 6. HAProxy
```bash
helm repo add haproxytech https://haproxytech.github.io/helm-charts
helm install haproxy haproxytech/kubernetes-ingress -n kube-system \
--set controller.service.nodePorts.http=30000 \
--set controller.service.nodePorts.https=30001 \
--set controller.service.nodePorts.stat=30002 \
--set controller.service.type=LoadBalancer
```
## 7. Services
...
## Uninstall
> On master:
`/usr/local/bin/k3s-uninstall.sh`
> On workers:
`/usr/local/bin/k3s-agent-uninstall.sh`
installs_on_host/Caddyfile
+10 -21
View File
@@ -83,7 +83,7 @@ books.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy patrick:10801 reverse_proxy carlo:10801
} }
borg.delmar.bzh { borg.delmar.bzh {
@@ -196,7 +196,7 @@ dia.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy patrick:8080 reverse_proxy patrick:8888
} }
draw.delmar.bzh { draw.delmar.bzh {
@@ -290,7 +290,7 @@ jellyfin.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy sandy:8096 reverse_proxy patrick:8096
} }
jellyseerr.delmar.bzh { jellyseerr.delmar.bzh {
@@ -299,7 +299,7 @@ jellyseerr.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy sandy:5055 reverse_proxy patrick:5055
} }
kontadenn.delmar.bzh { kontadenn.delmar.bzh {
@@ -326,7 +326,7 @@ lai.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy carlo:8080 reverse_proxy patrick:16080
} }
lnk.delmar.bzh { lnk.delmar.bzh {
@@ -347,24 +347,13 @@ lud.delmar.bzh {
reverse_proxy carlo:3002 reverse_proxy carlo:3002
} }
mailbear.delmar.bzh {
encode {
zstd
gzip
minimum_length 1024
}
reverse_proxy patrick:11234 {
header_up Host {upstream_hostport}
}
}
mmgr.delmar.bzh { mmgr.delmar.bzh {
encode { encode {
zstd zstd
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy sandy:38274 reverse_proxy patrick:38274
} }
nds.delmar.bzh { nds.delmar.bzh {
@@ -529,7 +518,7 @@ smk.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy patrick:10802 reverse_proxy carlo:10802
} }
stream.delmar.bzh { stream.delmar.bzh {
@@ -612,7 +601,7 @@ wizarr.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy sandy:5690 reverse_proxy patrick:5690
} }
www.delmar.bzh { www.delmar.bzh {
@@ -654,7 +643,7 @@ zik.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy sandy:4533 reverse_proxy patrick:4533
} }
trfk.delmar.bzh { trfk.delmar.bzh {
@@ -681,7 +670,7 @@ lghn.delmar.bzh {
gzip gzip
minimum_length 1024 minimum_length 1024
} }
reverse_proxy 192.168.1.23 reverse_proxy 192.168.1.21
basic_auth / { basic_auth / {
admin $2a$14$RsUJ13kC9DcRMoQa8hlmNOljcXGMSem.1XwYFeV1El8Drw7DIJbVu admin $2a$14$RsUJ13kC9DcRMoQa8hlmNOljcXGMSem.1XwYFeV1El8Drw7DIJbVu
} }