lost/rskio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update and clean docs

Browse Source
This commit is contained in:
rskntroot
2025-06-17 21:45:36 +00:00
parent 103851089b
commit 02aa1cda9b
9 changed files with 119 additions and 595 deletions
Download Patch File Download Diff File Expand all files Collapse all files

391
mkdocs/docs/projects/k3s_traefik_setup.md
View File

@@ -23,10 +23,12 @@ Server Version: v1.29.5+k3s1
## Traefik Dashboards
K3S comes packaged with `Traefik Dashboard` and `Prometheus Metrics` which are disabled by default.
K3S comes packaged with `Traefik Dashboard` enabled by default, but not exposed.
### Preparation
#### DNS
=== "DNS"
Set DNS record `traefik.your.domain.com` in a non-public DNS
@@ -41,344 +43,131 @@ K3S comes packaged with `Traefik Dashboard` and `Prometheus Metrics` which are d
```
!!! warning "This example does not include authentication. Exposing these dashboards is a security risk."
!!! warning "This example does not include authentication. Exposing these dashboards is a security risk. Recommend enabling mTLS."
### Update Manifest
#### Middlewares
On host with `kubectl` access.
Add the following to `spec.valuesContent` in:
create `middlewares.yaml`
``` bash
vim /var/lib/rancher/k3s/server/manifests/traefik.yaml
=== Basic
``` yaml
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirect-https
namespace: default
spec:
redirectScheme:
scheme: https
permanent: true
port: "443"
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirect-dashboard
namespace: default
spec:
redirectRegex:
regex: "^https?://([^/]+)/?$"
replacement: "https://${1}/dashboard/"
permanent: true
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: ratelimit
namespace: default
spec:
rateLimit:
average: 100
burst: 50
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: compress
namespace: default
spec:
compress: {}
```
=== "Yaml"
``` yaml
dashboard:
enabled: true
metrics:
prometheus: true
```
=== "Example"
``` yaml
spec:
chart: https://%{KUBERNETES_API}%/static/charts/traefik-25.0.3+up25.0.0.tgz
set:
global.systemDefaultRegistry: ""
valuesContent: |-
deployment:
podAnnotations:
prometheus.io/port: "8082"
prometheus.io/scrape: "true"
dashboard:
enabled: true
metrics:
prometheus: true
```
### Restart Ingress Controller
=== "Bash"
``` bash
kubectl -n kube-system scale deployment traefik --replicas=0
# wait a few seconds
kubectl -n kube-system get deployment traefik
kubectl -n kube-system scale deployment traefik --replicas=1
```
=== "Example"
``` bash
$ kubectls scale deployment traefik --replicas=0
deployment.apps/traefik scaled
$ kubectls get deployment traefik
NAME READY UP-TO-DATE AVAILABLE AGE
traefik 0/0 0 0 3d1h
$ kubectls scale deployment traefik --replicas=1
deployment.apps/traefik scaled
```
### Create Resource Definition YAML
Save the following to `traefik-dashboard.yml` in your workspace.
=== "Traefik Dashboard"
``` yaml title="traefik-dashboard.yml"
apiVersion: v1
kind: Service
metadata:
name: traefik-dashboard
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-dashboard
spec:
type: ClusterIP
ports:
- name: traefik
port: 9000
targetPort: 9000
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik-ingress
namespace: kube-system
annotations:
spec.ingressClassName: traefik
spec:
rules:
- host: traefik.${DOMAIN}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik-dashboard
port:
number: 9000
```
=== "Promethus Only"
``` yaml title="traefik-dashboard.yml"
apiVersion: v1
kind: Service
metadata:
name: traefik-metrics
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-metrics
spec:
type: ClusterIP
ports:
- name: traefik
port: 9100
targetPort: 9100
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik-ingress
namespace: kube-system
annotations:
spec.ingressClassName: traefik
spec:
rules:
- host: traefik.${DOMAIN}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik-dashboard
port:
number: 9000
- path: /metrics
pathType: Prefix
backend:
service:
name: traefik-metrics
port:
number: 9100
```
=== "Both"
``` yaml title="traefik-dashboard.yml"
apiVersion: v1
kind: Service
metadata:
name: traefik-dashboard
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-dashboard
spec:
type: ClusterIP
ports:
- name: traefik
port: 9000
targetPort: 9000
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: v1
kind: Service
metadata:
name: traefik-metrics
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-metrics
spec:
type: ClusterIP
ports:
- name: traefik
port: 9100
targetPort: 9100
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik-ingress
namespace: kube-system
annotations:
spec.ingressClassName: traefik
spec:
rules:
- host: traefik.${DOMAIN}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik-dashboard
port:
number: 9000
- path: /metrics
pathType: Prefix
backend:
service:
name: traefik-metrics
port:
number: 9100
```
### Create Service & Ingress Resources
First, set the environment variable for to your domain.
``` bash
export DOMAIN=your.domain.com
kubectl apply -f middlewares.yml
```
=== "Bash"
### Setup IngressRoute
``` bash
envsubst < traefik-dashboard.yml | kubectl apply -f -
```
``` bash
export DOMAIN=your-domain.com
```
=== "Example"
create `ingress.yml` and update `"edge.rskio.com"` with your domain name
``` bash
$ envsubst < traefik-dashboards.yml | kubectl apply -f -
service/traefik-dashboard created
service/traefik-metrics created
ingress.networking.k8s.io/traefik-ingress created
$ kubectls get svc | grep traefik-
traefik-dashboard ClusterIP 10.43.157.54 <none> 9000/TCP 25s
traefik-metrics ClusterIP 10.43.189.128 <none> 9100/TCP 25s
```
``` yaml
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: traefik-dashboard
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`edge.rskio.com`) # Update with your domain name
kind: Rule
services:
- name: api@internal
kind: TraefikService
middlewares:
- name: redirect-https
- name: redirect-dashboard
- name: ratelimit
- name: compress
```
!!! note annotate "Why are passing the yaml file into `envsubst`? (1)"
``` bash
kubectl apply -f ingress.yml
```
1. `envsubst` - [gnu](https://www.gnu.org/software/gettext/manual/html_node/envsubst-Invocation.html) - enables code-reuse by providing environment variable substituion as demonstrated above.
## Access Dashboards
### Access Dashboards
You should now be able to access the Traefik Ingress Controller Dashboard and metrics remotely.
That's it. You should now be able to access the Traefik Ingress Controller Dashboard and metrics remotely.
Don't forget to include the appropriate uri paths:
From web browser go to the domain you specified in the ingress.
=== "Traefik Dashboard"
```
https://traefik.your.domain.com/dashboard/
https://edge.your.domain.com
```
!!! tip "When navigating to the traefik dashboard the `/` at the end is necessary. `/dashboard` will not work. "
will follow `redirect-https` and get you to
=== "Promethus Metrics"
```
https://traefik.your.domain.com/metrics
```
```
https://edge.your.domain.com/dashboard/#/
```
### Disable Dashboards
=== "Bash"
``` bash
envsubst < traefik-dashboard.yml | kubectl delete -f -
kubectl delete -f ingress.yml
```
=== "Example"
``` bash
$ envsubst < traefik-dashboards.yml | kubectl delete -f -
service "traefik-dashboard" deleted
service "traefik-metrics" deleted
ingress.networking.k8s.io "traefik-ingress" deleted
$ kubectl delete -f traefik/ingress.yml
ingressroute.traefik.io "traefik-ingress" deleted
```
## Shortcuts
### alias kubectls
!!! tip "When using an `alias` to substitute `kubectl` command completion will not work."
=== "Bash"
``` bash
echo 'alias kubectls="kubectl -n kube-system"' >> ~/.bashrc
source ~/.bashrc
```
=== "Example"
``` bash
$ echo 'alias kubectls="kubectl -n kube-system"' >> ~/.bashrc
$ source ~/.bashrc
$ kubectls get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
coredns 1/1 1 1 3d2h
local-path-provisioner 1/1 1 1 3d2h
metrics-server 1/1 1 1 3d2h
traefik 1/1 1 1 3d2h
```
#### Alternatives
- `skubectl` means you can hit `[up-arrow]` `[ctrl]+[a]` `[s]` `[enter]` when you inevitably forget to include `-n kube-system`
- `kubectls` just adds `[alt]+[right-arrow]` into the above before `[s]`
- `kubesctl` makes sense because all of these are really kube-system-ctl, but that adds 4x `[right-arrow]`, ewww.
## References
- [https://docs.k3s.io](https://docs.k3s.io)
- [https://k3s.rocks/traefik-dashboard/](https://k3s.rocks/traefik-dashboard/)
- [https://doc.traefik.io/traefik/v2.10/](https://doc.traefik.io/traefik/v2.10/)
- [https://doc.traefik.io/traefik/](https://doc.traefik.io/traefik/)

6
mkdocs/docs/projects/linux.md
View File

@@ -119,7 +119,7 @@ source ~/.bashrc
=== "Debian"
``` bash
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.37.0/fastfetch-linux-aarch64.deb"
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.45.0/fastfetch-linux-aarch64.deb"
```
``` bash
@@ -131,7 +131,7 @@ source ~/.bashrc
=== "Fedora"
``` bash
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.37.0/fastfetch-linux-amd64.rpm"
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.45.0/fastfetch-linux-amd64.rpm"
```
``` bash
@@ -143,7 +143,7 @@ source ~/.bashrc
``` bash
cat <<%% >> ~/.bashrc
# RSKIO
fastfetch
alias ff="fastfetch"
alias q="exit"
%%
source ~/.bashrc

21
mkdocs/docs/projects/sbc.md
View File

@@ -35,7 +35,7 @@ If you need more RAM, USB3.0, or AI Acceleration is mandatory, checkout LibreCom
## Projects
This website is hosted on 2 sweet potatos with an alta as the cluster controller.
I am running a K3s cluster with a couple of these as worker nodes.
## Notes
@@ -43,26 +43,9 @@ This website is hosted on 2 sweet potatos with an alta as the cluster controller
Using Power over Ethernet (PoE) to run your SoCs is just awesome! You only need 1 cable?! Be sure to get yourself some good cables and a solid PoE switch.
I have personnally been using these:
Examples:
- [CAT8 Ethernet cables](https://www.amazon.com/dp/B08PL1P53C/)
- Ive used countless Ethernet Cables and fashioning hundreds of my own; can confirm these are premium.
- [1G PoE+ 8-port Switch](https://www.amazon.com/dp/B08FCQ8BRC)
- Unmanaged switch that I can recommend. Works like a charm.
### CAT8 Real?
Telco Data [article](https://www.telco-data.com/blog/cat-cables/):
"Category 8 is the official successor to Cat6A cabling.
It is officially recognized by the IEEE and EIA and parts and pieces are standardized across manufacturers.
The primary benefit of Cat8 cabling is faster throughput over short distances: 40 Gbps up to 78 and 25 Gbps up to 100.
From 100 to 328, Cat8 provides the same 10Gbps throughput as Cat6A cabling."
ANSI/TIA [TIA Press Release](https://standards.tiaonline.org/tia-issues-new-balanced-twisted-pair-telecommunications-cabling-and-components-standard-addendum-1):
"TIA-568-C.2-1 - This addendum specifies minimum requirements for shielded category 8 balanced twisted-pair telecommunications
cabling (e.g. channels and permanent links) and components (e.g. cable,connectors, connecting hardware, and equipment cords)
that are used up to and including the equipment outlet/connector in data centers, equipment rooms, and other spaces that need
high speed applications. This addendum also specifies field test procedures and applicable laboratory reference measurement
procedures for all transmission parameters."