Cornucopia of Ideas GNU/Linux, Networking, Security and more ...

Multinode Kubernetes Cluster with LXC and microk8s

In this post, multinode Kubernetes cluster will be built using lxc and microk8s. It is one of the quickest method to deploy multi-node Kubernetes cluster up and running in minutes. Installing LXC You can enable lxc on your system either installing lxc or lxd package. yilgo@pop-os:~$ sudo apt-get install lxc OR yilgo@pop-os:~$ sudo apt-get install lxd Inital configuration of LXC After installation, initial setup of lxc is necessary,networking and storage e.

Ubuntu Autoinstall

Introduction The server installer for 20.04 supports a new mode of operation: automated installation, autoinstallation for short. You might also know this feature as unattended or handsoff or preseeded installation. Autoinstallation lets you answer all those configuration questions ahead of time with an autoinstall config and lets the installation process run without any interaction. Providing the autoinstall config The autoinstall config is provided via cloud-init configuration, which is almost endlessly flexible.

HashiCorp Vault LDAP Integration

HashiCorp Vault LDAP Integration In this post, HashiCorp Vault will be integrated with LDAP. It is good security practice that storing all secrets in the secret engine instead of putting notepad-like programs. But it is also very curicial that- “Who access to what ? So, in this post, We will integrate HashiCorp Vault with the LDAP groups that we created in the previous. We have following users and user groups for this lab.

OpenLDAP Server Installation, Configuration and Hardening

OpenLDAP Server Installation, Configuration and Hardening. This is one of the longest post that covers installation, configuration and hardening of OpenLDAP server. I had limited knowledge of LDAP directories and management of LDAP servers. Other than that, there is little information on the Internet that I used it for the real world examples. I will not delineate the LDAP directories, instead I will focus on installation, configuration and hardening part.

Red Hat Satellite Ansible Dynamic Inventory

Ansible is one of the easiest configuration management tool amongst its competitors, as it is agentless. It simply connects managed hosts over SSH protocol. Only thing you have to do is create a list of hosts that you want to manage/configure which is called inventory. Ansible inventory is simple text file in a format ini or json. But things getting interesting, if you have a very dynamic infrastructre that tens of VMs are provisioning in seconds, then you have to update inventory all the time.

Building container image with Buildah

Building container image with Buildah The purpose of this tutorial is to demonstrate how to create OCI compliant container image with Buildah. Building a container image implemented in CI Pipeline using Jenkins and Vault. Buildah is a tool that facilitates building OCI container images. You can also create an image in the docker format. For more information about OCI image specifications check here. The Buildah package provides a command line tool that can be used to