Mika<p>I've just merged a huge PR to my <a href="https://sakurajima.social/tags/Orked" rel="nofollow noopener" target="_blank">#Orked</a> (O-tomated RKE Distribution - GREAT NAME I KNOW) that makes it easier than ever for anyone to set up a production-ready <a href="https://sakurajima.social/tags/RKE2" rel="nofollow noopener" target="_blank">#RKE2</a> <a href="https://sakurajima.social/tags/Kubernetes" rel="nofollow noopener" target="_blank">#Kubernetes</a> cluster in their <a href="https://sakurajima.social/tags/homelab" rel="nofollow noopener" target="_blank">#homelab</a><span>.<br><br>With this collection of scripts, all you need to do is just provision the nodes required, including a login/management node, and run the scripts right from the login node to configure all of the other nodes to make up the cluster. This setup includes:<br><br>- Configuring the Login node with any required or essential dependencies (such as </span><a href="https://sakurajima.social/tags/Helm" rel="nofollow noopener" target="_blank">#Helm</a>, <a href="https://sakurajima.social/tags/Docker" rel="nofollow noopener" target="_blank">#Docker</a>, <a href="https://sakurajima.social/tags/k9s" rel="nofollow noopener" target="_blank">#k9s</a>, <a href="https://sakurajima.social/tags/kubens" rel="nofollow noopener" target="_blank">#kubens</a>, <a href="https://sakurajima.social/tags/kubectx" rel="nofollow noopener" target="_blank">#kubectx</a><span>, etc.)<br><br>- Setup passwordless </span><a href="https://sakurajima.social/tags/SSH" rel="nofollow noopener" target="_blank">#SSH</a><span> access from the Login node to the rest of the Kubernetes nodes<br><br>- Update the </span><code>hosts</code><span> file for strictly necessary name resolution on the Login node and between the Kubernetes nodes<br><br>- Necessary, best practice configurations for all of the Kubernetes nodes including networking configuration, disabling unnecessary services, disabling swap, loading required modules, etc.<br><br>- Installation and configuration of RKE2 on all the Kubernetes nodes and joining them together as a cluster<br><br>- Installation and configuration of </span><a href="https://sakurajima.social/tags/Longhorn" rel="nofollow noopener" target="_blank">#Longhorn</a><span> storage, including formatting/configuring their virtual disks on the Worker nodes<br><br>- Deployment and configuration of </span><a href="https://sakurajima.social/tags/MetalLB" rel="nofollow noopener" target="_blank">#MetalLB</a><span> as the cluster's load-balancer<br><br>- Deployment and configuration of </span><a href="https://sakurajima.social/tags/Ingress" rel="nofollow noopener" target="_blank">#Ingress</a> <a href="https://sakurajima.social/tags/NGINX" rel="nofollow noopener" target="_blank">#NGINX</a><span> as the ingress controller and reverse proxy for the cluster - this helps manage external access to the services in the cluster<br><br>- Setup and configuration of </span><a href="https://sakurajima.social/tags/cert-manager" rel="nofollow noopener" target="_blank">#cert-manager</a> to obtain and renew <a href="https://sakurajima.social/tags/LetsEncrypt" rel="nofollow noopener" target="_blank">#LetsEncrypt</a> certs automatically - supports both <a href="https://sakurajima.social/tags/DNS" rel="nofollow noopener" target="_blank">#DNS</a> and HTTP validation with <a href="https://sakurajima.social/tags/Cloudflare" rel="nofollow noopener" target="_blank">#Cloudflare</a><span><br><br>- Installation and configuration of </span><a href="https://sakurajima.social/tags/csi-driver-smb" rel="nofollow noopener" target="_blank">#csi-driver-smb</a><span> which adds support for integrating your external SMB storage to the Kubernetes cluster<br><br>Besides these, there are also some other </span><i>helper</i> scripts to make certain related tasks easy such as a script to set a unique static IP address and hostname, and another to toggle <a href="https://sakurajima.social/tags/SELinux" rel="nofollow noopener" target="_blank">#SELinux</a><span> enforcement to on or off - should you need to turn it off (temporarily).<br><br>If you already have an existing RKE2 cluster, there's a step-by-step guide on how you could use it to easily configure and join additional nodes to your cluster if you're planning on expanding.<br><br>Orked currently expects and supports </span><a href="https://sakurajima.social/tags/RockyLinux" rel="nofollow noopener" target="_blank">#RockyLinux</a> 8+ (should also support any other <a href="https://sakurajima.social/tags/RHEL" rel="nofollow noopener" target="_blank">#RHEL</a> distros such as <a href="https://sakurajima.social/tags/AlmaLinux" rel="nofollow noopener" target="_blank">#AlmaLinux</a>), but I am planning to improve the project over time by adding more <a href="https://sakurajima.social/tags/Linux" rel="nofollow noopener" target="_blank">#Linux</a> distros, <a href="https://sakurajima.social/tags/IPv6" rel="nofollow noopener" target="_blank">#IPv6</a> support, and possibly even <a href="https://sakurajima.social/tags/K3s" rel="nofollow noopener" target="_blank">#K3s</a> for a more lightweight <a href="https://sakurajima.social/tags/RaspberryPi" rel="nofollow noopener" target="_blank">#RaspberryPi</a><span> cluster for example.<br><br>I've used this exact setup to deploy and manage vital services to hundreds of unique clients/organisations that I've become </span><i>obsessed</i><span> with sharing it to everyone and making it easier to get started. If this is something that interests you, feel free to check it out!<br><br>If you're wondering what to deploy on a Kubernetes cluster - feel free to also check out my </span><a href="https://sakurajima.social/tags/mika" rel="nofollow noopener" target="_blank">#mika</a> helm chart repo 🥳<span><br><br></span>🔗 <a href="https://github.com/irfanhakim-as/orked" rel="nofollow noopener" target="_blank">https://github.com/irfanhakim-as/orked</a><span><br><br></span>🔗 <a href="https://github.com/irfanhakim-as/charts" rel="nofollow noopener" target="_blank">https://github.com/irfanhakim-as/charts</a></p>
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
8.6Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#csidriversmb
0 posts · 0 participants · 0 posts today
Mika<p><span>Update: I've found </span><a href="https://sakurajima.social/tags/csi-driver-smb" rel="nofollow noopener" target="_blank">#csi-driver-smb</a><span> which seems to be perfect for my needs, and even a video of someone deploying it to their cluster for </span><a href="https://sakurajima.social/tags/Jellyfin" rel="nofollow noopener" target="_blank">#Jellyfin</a><span>.<br><br>I've deployed it successfully to my </span><a href="https://sakurajima.social/tags/Kubernetes" rel="nofollow noopener" target="_blank">#Kubernetes</a><span> cluster pretty easily, and am attempting to achieve the same thing but on </span><a href="https://sakurajima.social/tags/Plex" rel="nofollow noopener" target="_blank">#Plex</a><span> rather than Jellyfin. Ran into another obstacle tho, while it seems that my </span><a href="https://sakurajima.social/tags/TrueNAS" rel="nofollow noopener" target="_blank">#TrueNAS</a><span> </span><a href="https://sakurajima.social/tags/SMB" rel="nofollow noopener" target="_blank">#SMB</a><span> share is mounted to the container (shows up in </span><code>df -h</code><span>), my root user in the container could not </span><code>ls</code><span> the mount point (i.e. </span><code>/mnt/smb</code><span>), it'd just return the </span><code>Permission denied</code><span> error. Weird thing is the root user could </span><code>cd</code><span> into the mount point and its existing subdirectories, but not </span><code>ls</code><span> them or write any files to them. I could </span><code>cat</code><span> files inside it though, funnily enough.<br><br>the PV for said PVC has mounting options included in csi-driver-smb's example including </span><code>dir_mode=0777</code><span>, and </span><code>file_mode=0777</code><span>, with minor changes such as </span><code>uid=1001</code><span> and </span><code>gid=1001</code><span> I've updated them to </span><code>0</code><span>, which is the uid and gid of the root user. I've even tried updating them to </span><code>1000</code><span> which is the id of the user </span><code>plex</code><span>, but still with the same results.<br><br>Anyone have any clue why I'm getting the permission denied error?<br><br></span>🔗<span> </span><a href="https://github.com/plexinc/pms-docker" rel="nofollow noopener" target="_blank">https://github.com/plexinc/pms-docker</a><span><br><br></span>🔗<span> </span><a href="https://github.com/kubernetes-csi/csi-driver-smb" rel="nofollow noopener" target="_blank">https://github.com/kubernetes-csi/csi-driver-smb</a><span><br><br></span>▶️<span> </span><a href="https://youtu.be/3S5oeB2qhyg" rel="nofollow noopener" target="_blank">https://youtu.be/3S5oeB2qhyg</a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload