Cornucopia of Ideas - Kubernetes, Cloud, GNU/Linux,Networking, Security and more ...
In this post, MetalLB will be used on-premise as a Load Balancer with BGP to expose services on Kubernetes to outsideworld. As you know, if you have applications run on Kubernetes which is on your on-premise, that needs to be exposed to the outsideworld, should use LoadBalancer which is a bit tricky. it is quite easy if your applications in cloud environment such as AWS, Azure, or Google Cloud. Otherwise, you have to do similar in your on-premise network, with MetalLB or HAproxy.
In this post, It will be demonstrated how to create Bridges and VLANs to be used on KVM. In my other post , I already implemented VLANs using Openvswitch.
Physical host that I used on this lab is Linux Mint 20 (Ulyana).
Netplan is a utility for easily configuring networking on a GNU/Linux systems. You can easily create network configuration with YAML syntax. Netplan reads network configuration from /etc/netplan/*.yaml which are written by administrators, installers, cloud image instantiations, or other OS deployments.
Sometimes you may have a situation that IMM does not have a L3 connection that you need to go to Data-center and connect from your laptop to server IMM interface via Ethernet cable. Imagine a situation that your organization infrastructure was not documented very well that you do not know the IPv4 address of IMM interface to login.
If server IMM interface enabled with IPv6, then you are lucky – By using below methods you can easily figure out the IPv6 address of IMM interface and use it to connect to login IMM.
In the first post of this series, haproxy and keepalived installed, configured and tested. In this post, two stateless Kubernetes web application will be deployed and domain names will be registered to DNS for these two web applications to test if Load-balancer is working as expected.
Note: For my home-lab, I am using the domain nordic.io.
For the Kubernetes cluster, I am assuming that, nginx Ingress controller deployed as DaemonSet and listening on port 80 and port 443 on each worker node.
In this post, we are going to build highly available HAProxy Load-balancer for our Kubernetes cluster on-premise. For this, HaProxy will be used for external Load-balancer which takes the requests from outside world sends them to Kubernetes worker nodes on which nginx ingress controller listens incoming requests on port 80 and 443.
Another curial software component is Keepalived which provides a highly available HAProxy load-balancer, in case of any of HAProxy loadbalancer is down.
Sometimes, you need to rotate your logs hourly instead of daily or weekly, if you have a big virtual environment many things needs to be logged. Sometimes daily logs are so huge that you need hourly log-rotation. For this one you need to customize some of the settings in your central syslog server. You can find the sample steps below to create logrotate configuration that rotates the logs hourly.
Steps: 1 - Copy /etc/cron.