Cloud Native

A series of notes, how-tos, and more related to Cloud Native technologies.

Kubernetes

Kubernetes

Deploy a Cluster with kubeadm

Note: These instructions are based on the Computer Science Club of the University of Waterloo's OpenStack instance.

Build image

The first step is to build an image using packer. This image will contain all of the tools required to run a Kubernetes node.

TODO: Push packer build to a git repository.

# 0. Locate ourserlves
cd $PACKER_DIR/kubernetes

# 1. Load openstack-rc
source ../openstack-rc

# 2. Update image

# 2.1. Update the image name (Kubernetes version and build date)
vim packer.json

# 2.2. Ansible deployment (update kubectl, kubelet and kubeadm version)
vim ansible/provision.yaml

# 3. Run build
#   note: token generated with `openstack token issue`
export OS_TOKEN="TOKEN_FROM_OPENSTACK"
packer build packer.json

Deploy infrastructure

TODO: Document deploying infrastructure using Terraform

Initialize control plane

TODO: Document initializing infrastructure

Proxmox Kubernetes

Proxmox Kubernetes

Virtual Machine Setup

Download the debian-12-generic-amd64.raw file from https://cloud.debian.org/images/cloud/bookworm/latest/.

  1. Create the virtaul machine
  2. Add a cloud-init drive on the VM
  3. Import the cloud image: qm importdisk $VMID /mnt/pve/assets/template/iso/debian-12-generic-amd64.raw local-lvm --format qcow2
  4. Setup cloud-init: qm set $VMID --cicustom "user=cloud-init:snippets/user.yaml,network=cloud-init:snippets/network.yaml"

Example config files:

user.yaml

#cloud-config
hostname: zsottvXX
manage_etc_hosts: true
fqdn: zsottvXX.zsnet.ca
user: zsadmin
ssh_authorized_keys:
  - ssh-rsa KEY COMMENT
chpasswd:
  expire: False
users:
  - default

# Setup ntp
ntp:
  enabled: true
  ntp_client: chrony
  servers: []
  pools:
    - time.zsnet.ca

# Add gnupg
bootcmd:
  - DEBIAN_FRONTEND=noninteractive apt-get -yq update
  - DEBIAN_FRONTEND=noninteractive apt-get -yq install gnupg

# Configure apt repositories
apt:
  primary:
    - arches: [default]
      uri: http://mirror.csclub.uwaterloo.ca/debian/
  security:
    - arches: [default]
      uri: http://mirror.csclub.uwaterloo.ca/debian-security/
  sources_list: |
    deb $PRIMARY $RELEASE main contrib
    deb $PRIMARY $RELEASE-updates main contrib
    deb $SECURITY $RELEASE-security main contrib

package_update: true
package_upgrade: true
package_reboot_if_required: true

# Install packages
packages:
  - qemu-guest-agent

network.yaml

version: 1
config:
  - type: physical
    name: eth0
    mac_address: 'xx:yy:zz:aa:bb:cc'
    subnets:
    - type: dhcp4
    - type: ipv6_slaac
  - type: nameserver
    address:
    - '2602:815:9000::53'
    - '2602:815:9000:1::53'
    search:
    - 'zsnet.ca'

Services

Services

Apache Guacamole

Process

Install Dependencies

sudo apt install build-essential maven default-jdk default-jre libcairo2-dev libjpeg62-turbo-dev libpng-dev libtool-bin uuid-dev libvncserver-dev freerdp2-dev libssh2-1-dev libavcodec-dev libavformat-dev libavutil-dev libswscale-dev libpango1.0-dev libpulse-dev libvorbis-dev libwebp-dev

Download and setup Tomcat 9 manually until 10 or newer are supported.

Download

https://guacamole.apache.org/releases/

curl -LO "https://apache.org/dyn/closer.lua/guacamole/1.6.0/source/guacamole-server-1.6.0.tar.gz?action=download"
curl -LO "https://apache.org/dyn/closer.lua/guacamole/1.6.0/source/guacamole-client-1.6.0.tar.gz?action=download"

tar xf guacamole-server-1.6.0.tar.gz
tar xf guacamole-client-1.6.0.tar.gz

Server

./configure --with-systemd-dir=/usr/lib/systemd/system
make -j2
sudo make install

sudo ldconfig
sudo systemctl daemon-reload
sudo systemctl restart guacd

Client

JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 mvn package

sudo rm /etc/guacamole/extensions/*
sudo cp guacamole/target/guacamole-1.6.0.war /opt/tomcat/webapps/ROOT.war
sudo cp extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/target/guacamole-auth-jdbc-postgresql-1.6.0.jar /etc/guacamole/extensions/
sudo cp extensions/guacamole-auth-quickconnect/target/guacamole-auth-quickconnect-1.6.0.jar /etc/guacamole/extensions
sudo cp extensions/guacamole-auth-sso/modules/guacamole-auth-sso-openid/target/guacamole-auth-sso-openid-1.6.0.jar /etc/guacamole/extensions

# If weird issues are encountered, clear the maven cache
rm -rf ~/.m2