kvaps | personal blog

DIY: Create Your Own Cloud with Kubernetes (Part 3)

Fri, 05 Apr 2024 07:40:00 +0000

Approaching the most interesting phase, this article delves into running Kubernetes within Kubernetes. Technologies such as Kamaji and Cluster API are highlighted, along with their integration with KubeVirt.

Previous discussions have covered preparing Kubernetes on bare metal and how to turn Kubernetes into virtual machines management system. This article concludes the series by explaining how, using all of the above, you can build a full-fledged managed Kubernetes and run virtual Kubernetes clusters with just a click.

First up, let’s dive into the Cluster API.

DIY: Create Your Own Cloud with Kubernetes (Part 2)

Fri, 05 Apr 2024 07:35:00 +0000

Continuing our series of posts on how to build your own cloud using just the Kubernetes ecosystem. In the previous article, we explained how we prepare a basic Kubernetes distribution based on Talos Linux and Flux CD. In this article, we’ll show you a few various virtualization technologies in Kubernetes and prepare everything need to run virtual machines in Kubernetes, primarily storage and networking.

We will talk about technologies such as KubeVirt, LINSTOR, and Kube-OVN.

But first, let’s explain what virtual machines are needed for, and why can’t you just use docker containers for building cloud? The reason is that containers do not provide a sufficient level of isolation. Although the situation improves year by year, we often encounter vulnerabilities that allow escaping the container sandbox and elevating privileges in the system.

DIY: Create Your Own Cloud with Kubernetes (Part 1)

Fri, 05 Apr 2024 07:30:00 +0000

At Ænix, we have a deep affection for Kubernetes and dream that all modern technologies will soon start utilizing its remarkable patterns.

Have you ever thought about building your own cloud? I bet you have. But is it possible to do this using only modern technologies and approaches, without leaving the cozy Kubernetes ecosystem? Our experience in developing Cozystack required us to delve deeply into it.

You might argue that Kubernetes is not intended for this purpose and why not simply use OpenStack for bare metal servers and run Kubernetes inside it as intended. But by doing so, you would simply shift the responsibility from your hands to the hands of OpenStack administrators. This would add at least one more huge and complex system to your ecosystem.

Why complicate things? - after all, Kubernetes already has everything needed to run tenant Kubernetes clusters at this point.

Argo CD vs Flux CD

Tue, 26 Mar 2024 00:00:00 +0000

Lately, I’ve been seeing more and more debates about two popular GitOps tools: Argo CD and Flux CD.

Actually, I find such debates to be unfounded because I’m deeply convinced that both tools deserve attention and each of them is good for solving its own set of problems.

In my professional activities I use both. I want to share with you my opinion and use cases. I hope this article will help you choose the most suitable tool for your needs.

Cloud Native Computing Foundation’s FluxCD Project Gains New Corporate Support

Tue, 19 Mar 2024 00:00:00 +0000

“Ænix utilizes FluxCD as a key component in our cloud platform, Cozystack. As staunch advocates for this technology, we believe FluxCD represents the new industry standard for platform engineering. We’re committed to providing both informational and technical support to this project.” — Andrei Kvapil, CEO, Ænix

Cozystack: Free PaaS platform and framework for building clouds

Tue, 12 Mar 2024 00:00:00 +0000

With Cozystack, you can transform your bunch of servers into an intelligent system with a simple REST API for spawning Kubernetes clusters, Database-as-a-Service, virtual machines, load balancers, HTTP caching services, and other services with ease.

You can use Cozystack to build your own cloud or to provide a cost-effective development environments.

Introducing Cozystack: A Free PaaS Platform based on Kubernetes

Wed, 21 Feb 2024 00:00:00 +0000

Published the first release of the free PaaS platform Cozystack, based on Kubernetes. The project positioned as a ready-to-use platform for hosting providers and a framework for building private and public clouds. The code is available on GitHub and is distributed under the Apache-2.0 license.

Restic: Effective Backup from Stdin

Mon, 25 Dec 2023 00:00:00 +0000

I’ve previously discussed Restic in the article “Backup storage for thousands of virtual machines using free tools,” and it remains my favorite backup tool since then.

Today, I will describe a ready-made recipe for setting up effective backup from Stdin, with deduplication and automatic cleaning of the repository from old copies.

Despite Restic being great for saving entire data directories, this article emphasizes on-the-fly backup from Stdin, typically for virtual machine backups, databases, and other large-file data that can be sequentially read and immediately sent to the backup system.

LVM+QCOW2: creating a perfect CSI driver for shared SAN in Kubernetes

Tue, 21 Nov 2023 00:00:00 +0000

Building a fast and universal driver with clustered LVM and the QCOW2 for using any SAN-like storage system in K8s.

The Evolution of Network Virtualization Technologies in Linux

Sat, 23 Sep 2023 00:00:00 +0000

Hardware virtualization is one of the most important and fundamental technologies in the field of cloud computing. Without it, no “device” inside virtual machines would be able to function, including network cards, disks, keyboards, mice, and so on. In this article, we will trace the development of hardware virtualization technologies in Linux.

LINSTOR Is Like Kubernetes, But for Block Devices

Mon, 17 Jul 2023 00:00:00 +0000

An open-source storage from LINBIT (maintainers of DRBD). It’s fast and fault-tolerant, has a lot of features. It looks like Kuberentes but for block devices. How does it work? How to configure and debug it?

Deckhouse v1.43 introduces the next-generation virtualization system

Mon, 27 Mar 2023 00:00:00 +0000

Over the past few years, we at Flant have been keeping a close eye on the technology leaders in the cloud-native space. But it’s more than merely a matter of curiosity — we have incorporated the ideas we got from them to create something new and exciting that would offer people a lot of value, which we would be pleased to share with you today. We present to you the new virtualization system we’ve recently introduced in the latest Deckhouse release (1.43).

A cheatsheet for debugging LINSTOR in Kubernetes

Tue, 24 Jan 2023 00:00:00 +0000

(especially for Deckhouse platform)

KubeVirt, its networking, and how we brought it to the next level

Sun, 25 Dec 2022 00:00:00 +0000

Short abstract When choosing KubeVirt as our main virtualization solution, we were unsatisfied with the existing networking implementation. We developed and contributed some enhancements to simplify the design and get the most performance out of the network using KubeVirt.

LINSTOR Is Like Kubernetes, But for Block Devices - Storage Day Kubernetes on AWS

Sun, 27 Nov 2022 00:00:00 +0000

Kubernetes snapshots: What are they and how to use them?

Wed, 02 Nov 2022 00:00:00 +0000

With the introduction of the snapshot-controller in Kubernetes, it is now possible to create snapshots for CSI drivers and cloud providers that support this feature.

The API is universal and vendor-independent, which is typical for Kubernetes, so we can explore it without getting into the specifics of a particular implementation. Let’s take a closer look at snapshots and see how they can benefit Kubernetes users.

Panel discussion: Current state of Open Source

Tue, 28 Jun 2022 00:00:00 +0000

What has changed in the open-source communities after 2 years of lockdown? What are the threats and opportunities for open-source communities right now? We’ll discuss this and much more with the local open-source contributors and leaders.

Comparing Ceph, LINSTOR, Mayastor, and Vitastor storage performance in Kubernetes

Fri, 03 Jun 2022 00:00:00 +0000

There seems to be a new trend: every time I get a new job, the first activity I engage in is benchmarking different SDS solutions. My career at Flant is no exception. I joined the development team for the Deckhouse Kubernetes platform when it decided to focus on running virtual machines in Kubernetes. But first, we had to find an easy-to-use, reliable block-type storage that we could offer to the platform’s customers.

Hence I decided to benchmark several Open Source solutions to see how they behave under various conditions. The focal point was the DRBD performance in different configurations and how they compared to Ceph.

However, the market for software-defined storage is constantly growing and evolving. Ambitious new projects are emerging, including the recently released Mayastor and my fellow collaborator’s pet project Vitastor. The results were pretty exciting and surprising.

How is cloud computing changing the way of mind

Tue, 31 May 2022 00:00:00 +0000

Nowadays the market offers a huge number of virtualization solutions, but in fact, they all are solving different problems, and you need to understand in which case it suits you best. In this presentation we’ll take a look at application design approaches then and now, and will explore the difference between virtualization and cloud computing platforms, the Pets vs. Cattle approach, and the use of IaC with Kubernetes and Terraform.

Kubernetes-in-Kubernetes and the WEDOS PXE bootable server farm

Wed, 22 Dec 2021 00:00:00 +0000

When you own two data centers, thousands of physical servers, virtual machines and hosting for hundreds of thousands sites, Kubernetes can actually simplify the management of all these things. As practice has shown, by using Kubernetes, you can declaratively describe and manage not only applications, but also the infrastructure itself. I work for the largest Czech hosting provider WEDOS Internet a.s and today I’ll show you two of my projects — Kubernetes-in-Kubernetes and Kubefarm.

With their help you can deploy a fully working Kubernetes cluster inside another Kubernetes using Helm in just a couple of commands. How and why?

[Yabai] First steps after Awesome WM

Sun, 24 Oct 2021 00:00:00 +0000

After 5 years of using Linux, I decided to upgrade to a new MacBook with an M1 chip. Due to the inability to install a full-fledged Linux on it, I’m having fun with OSX. And I have to admit I’m starting to like it.

Tags are set to be as static as it possible and have the same numbering for every display, just like Awesome WM do. This is why you can see so much jq-magic in my skhd config 😃
Some hardware keys are rebinded using Karabiner.

As main browser I use Firefox with TreeStyleTab and Dustman extensions. The last one is closing tabs automatically if I didn’t get on them in 20 minutes. I do believe that tabs are a temporary entity and if I don’t like to close them, why not to run a garbage collector for them?

Terminal configuration and colors moved from my previous laptop.

How to Resolve Split Brain in DRBD9

Mon, 19 Jul 2021 18:21:26 +0200

First, let’s define what split-brain is. Each replica can be either connected or disconnected towards to the other. If the replica spontaneously goes to StandAlone. It means that it refuses to accept the state and don’t want to synchronize with the other. This is a classic split-brain situation.

Troubleshooting DRBD9 in LINSTOR

Mon, 19 Jul 2021 18:15:55 +0200

Over the past few years of tight work with LINSTOR and DRBD9, I have accumulated a some amount of problems and solutions for them. I decided to collect all of them into single article. Not sure that you will face exactly the same problems, but now you could at least understand the mechanics of managing and troubleshooting the DRBD9-devices.

There is not much information on this matter on the Internet. Hope you’ll find it useful in case if you use or plan to use LINSTOR.

Kubernetes-in-Kubernetes on Bare Metal with Andrei Kvapil

Thu, 20 May 2021 12:00:00 +0100

Andrei Kvapil joins the adventure to discuss Kubernetes with Jeffrey Groman.

Andrei breaks down how he and his company needed to set up Kubernetes to manage their blade server setup and how they wound up running Kubernetes in Kubernetes to gain the characteristics they needed. Panel

Breaking down and fixing etcd cluster

Fri, 05 Mar 2021 14:05:00 +0100

etcd is a fast, reliable and fault-tolerant key-value database. It is at the heart of Kubernetes and is an integral part of its control-plane. It is quite important to have the experience to back up and restore the operability of both individual nodes and the whole entire etcd cluster.

In the previous article, we looked in detail at regenerating SSL-certificates and static-manifests for Kubernetes, as well as issues related to restoring the operability of its control-plane. This article will be fully devoted to restoring an etcd-cluster.

Breaking down and fixing Kubernetes

Sun, 21 Feb 2021 12:00:00 +0100

Kubernetes is a great platform both for container orchestration and everything else. Recently, Kubernetes has gone far ahead in terms of functionality, security and resilience. The Kubernetes architecture allows you to easily survive various kinds of failures and always stay afloat. Today we will break the cluster, delete certificates, rejoin nodes on live, and doing all this fancy stuff without possible downtime for already running services.

OpenNebula Webinar - Running a fully hyper-converged cloud with OpenNebula + LINBIT SDS

Fri, 29 Jan 2021 00:00:00 +0000

Learn more about LINBIT’s SDS solution, its native integration with OpenNebula, and the many benefits it provides to companies using both technologies together. Our guest speakers for this event will be Yusuf Yildiz (Solutions Architect at LINBIT) and Andrei Kvapil (Cloud Architect / DevOps Engineer at WEDOS Internet).

[awesome] Warm and Cozy

Mon, 21 Dec 2020 00:00:00 +0000

Case-Study: 600 Nodes on DRBD + LINSTOR for Kubernetes, OpenNebula and Proxmox

Mon, 02 Nov 2020 00:00:00 +0000

Find out how Andrei at WEDOS built a 600 nodes strong storage environment using DRBD & LINSTOR for Kubernetes, OpenNebula and Proxmox.

Tuning CNI plugins for having better performance and advanced features

Sat, 12 Sep 2020 00:00:00 +0000

Thanks for the benchmarks Alexis!

Most plugins have non-optimized defaults that work in most common situations, regardless of network topology, OS and kernel version.

I have an experience of tuning some of them, and I would like to share it with you, just briefly:

Configure Custom Tooling in Argo CD

Sun, 06 Sep 2020 01:04:00 +0300

Some time after writing the first article, where I cleverly use jsonnet and gitlab, I realized that pipelines are certainly good, but unnecessarily difficult and inconvenient.

In most cases, a typical task is need: “to generate YAML and put it in Kubernetes”. Actually, this is what the Argo CD does really well.

Argo CD allows you to connect a Git repository and sync its state to Kubernetes. By default several types of applications are supported: Kustomize, Helm charts, Ksonnet, raw Jsonnet or simple directories with YAML/JSON manifests.

Most users will be happy for having just this tool set, but not everyone. In order to satisfy the needs of anyone, Argo CD has the ability to use custom tooling.

First of all, I was interested in the opportunity to add support for qbec and git-crypt, which were fully discussed in the previous article.

Attaching an Elastic IP to EKS worker node

Thu, 04 Jun 2020 16:12:27 +0000

Hi, I also faced with an interesting task to run STUN server in Kubernetes.

STUN Server requires passtrough whole 1024-65535 udp port range, however Kubernetes has no support for specifying port ranges in services. The solution would seem simple to run pod with hostNetwork: true and assign it to separate EC2 instance with Elastic IP.

The problem is that EKS does not allow you to create separate instances, but instead directs you to use Auto Scaling Groups. Thus you have no opportunity to assign Elastic IP to specific EKS worker statically, but you can do that dynamically

Backup storage for thousands of virtual machines using free tools

Fri, 29 May 2020 20:06:10 +0000

Hi, recently I faced across an interesting task to setup a storage server for backup of a large number of block devices.

Every week we back up all virtual machines in our cloud, so there is a need to be able handle thousands of backups and do it as fast and efficiently as possible.

Unfortunately, the standard RAID5, RAID6 levels are not suitable due the fact that recovery process on such large disks as ours will be painfully long and most likely never finished successfully.

Let’s consider what alternatives are:

Erasure Coding — An analogue to RAID5, RAID6, but with a configurable parity level. Also the fault tolerance is performed not for whole block devices, but for each object separately. The easiest way to try Erasure Coding is to deploy minio.

DRAID — is currently alpha feature of ZFS. Unlike RAIDZ, DRAID has a distributed parity block and uses all the disks in the array during recovery, this makes it better surviving for disk failures and provides faster recovery than standard RAID levels.

Configuring routing for MetalLB in L2 mode

Thu, 14 May 2020 22:05:09 +0000

Not so far ago, I was faced with a quite unusual task of configuring routing for MetalLB. All would be nothing, since MetalLB usually does not require any additional configuration from user side, but in our case there is a fairly large cluster with a quite simple network configuration.

In this article I will show you how to configure source-based and policy-based routing for the external network on your cluster.

I will not dwell on installing and configuring MetalLB in detail, as I assume you already have some experience. Let’s understand the essence and configure the routing. So we have four cases:

Connecting Gitlab with Harbor for automated token issuing

Fri, 24 Apr 2020 23:00:00 +0000

Gitlab CI have a nice feature to generate docker-registry tokens per each job, but this feature is working only for it’s own docker registry and does not working with an external ones, eg. Harbor, Nexus, Quay and etc.

There is an opportunity to set-up external docker registry for Gitlab, it is well described in the documentation Use an external container registry with GitLab as an auth endpoint.

Proposed to configure brand new docker-registry with token based authentication. Harbor also uses docker-registry in backend, so that we could configure it, but problem is that both Gitlab and Harbor require to set their own parameters which are actually conflicts.

[awesome] My live in console

Thu, 09 Apr 2020 00:00:00 +0000

How to describe 100 Gitlab jobs in 100 lines using Jsonnet

Thu, 16 Jan 2020 00:00:00 +0000

In addition to the previous article about deployment tools in Kubernetes, I want to tell you about how you can use Jsonnet to simplify the description of the jobs in your .gitlab-ci.yml

Given

There is a monorepo in which:

10 dockerfiles
30 described deployments
3 environments: devel, stage and prod

Task

Configure a pipeline:

Building Docker images should be done by adding a git tag with a version number.
Each deployment operation should be performed when pushing to the environment branch and only if files changed in a specific directory
Each environment has its own gitlab-runner with a different tag that performs deployment only in this environment.
Not any application should be deployed in each of the environments. We should describe the pipeline in order to be able to make exceptions.
Some deployments use git submodule and should be run with the GIT_SUBMODULE_STRATEGY=normal environment variable set.

Describing all this may seem like a real hell, but do not despair, armed with Jsonnet, we can easily do it.

Trying new tools for building and automating the deployment in Kubernetes

Wed, 15 Jan 2020 00:00:00 +0000

Hi!
Recently, many cool automation tools have been released both for building Docker images and for deploying to Kubernetes. In this regard, I decided to play with the Gitlab a little, study its capabilities and, of course, configure the pipeline.

The source of inspiration for this work was the site kubernetes.io, which is automatically generated from source code.
For each new pullrequest the bot generates a preview version with your changes automatically and provides a link for review.

I tried to build a similar process from scratch, but entirely built on Gitlab CI and free tools that I used to use to deploy applications in Kubernetes. Today, I finally will tell you more about them.

The article will consider such tools as: Hugo, qbec, kaniko, git-crypt and GitLab CI with dynamic environments feature.

[awesome] My work laptop

Sat, 14 Dec 2019 00:00:00 +0000

“linstor_un” — New storage driver for OpenNebula

Wed, 17 Jul 2019 00:00:00 +0000

Not so long ago, the guys from LINBIT presented their new SDS solution – Linstor. This is a fully free storage based on proven technologies: DRBD, LVM, ZFS. Linstor combines simplicity and well-developed architecture, which allows to achieve stability and quite impressive results.

Today I would like to tell you a little about it and show how easy it can be integrated with OpenNebula using linstor_un – a new driver that I developed specifically for this purpose.

Linstor in combination with OpenNebula will allow you to build a high-performance and reliable cloud, which you can easily deploy on your own infrastructure.

Store SSH Keys Securely

Tue, 14 May 2019 00:00:00 +0000

Let me tell you how you can safely store SSH keys on a local machine, for not having a fear that some application can steal or decrypt them. This article will be especially useful to those who have not found an elegant solution after the paranoia in 2018 and continue storing keys in $HOME/.ssh.

To solve this problem, I suggest you using KeePassXC, which is one of the best password managers, it is using strong encryption algorithms, and also it have an integrated SSH agent.

This allows you to safely store all the keys directly in the password database and automatically add them to the system when it is opened. Once the base is closed, the use of SSH keys will also be impossible

Installing Haproxy for Kubernetes

Tue, 30 Apr 2019 00:00:00 +0000

If you want to make this scheme more safe you can add haproxy layer between keepalived and kube-apiserver.

Just install haproxy package into your system, and add the next configuration into /etc/haproxy/haproxy.cfg file

Screen streaming to multiple devices via network

Tue, 30 Apr 2019 00:00:00 +0000

I had a need to show dashboard with monitoring information on several screens in the office. There are several old Raspberry Pi Model B+ and a hypervisor with a virtually unlimited amount of resources.

Apparently the Raspberry Pi Model B+ does not have enough power to keep the browser running constantly and draw a large amount of graphics in it, which is why the page is partially buggy and often crashes.

I found a fairly simple and elegant solution, which I want to share with you.

Adding LDAP authentication to Kubernetes

Tue, 26 Feb 2019 00:00:00 +0000

Short guide how to setup Keycloak for connect Kubernetes with your LDAP-server and import users and groups. It will allow you to configure RBAC and use auth-proxy to secure Kubernetes Dasboard and another applications, which have no authentification from begining.

Creating High Available Baremetal Kubernetes cluster with Kubeadm and Keepalived (More Simple Guide)

Sun, 09 Dec 2018 00:00:00 +0000

This guide is updated version of my previous article Creating High Available Baremetal Kubernetes cluster with Kubeadm and Keepalived (Simple Guide) Since v1.13 deployment has become much easier and more logical. Note that this article is my personal interpretation of official Creating Highly Available Clusters with kubeadm for Stacked control plane nodes plus few more steps for Keepalived.

If you have any questions, or something is not clear, please refer to the official documentation or ask the Google. All steps described here in the short and simple form

Creating Baremethal Kubernetes HA cluster with Kubeadm and Keepalived (Simple Guide)

Thu, 18 Oct 2018 00:00:00 +0000

This guide is a free interpretation of official Creating Highly Available Clusters with kubeadm for Stacked control plane nodes. I don’t like this difficult form which used there, so I wrote this article.

If you have any questions, or something is not clear, please refer to the official documentation or ask the Google. All steps described here in the short and simple form

Install Kolab and integrate it with FreeIPA

Thu, 04 Oct 2018 00:00:00 +0000

Here is written steps for install Kolab Groupware server and integrate it with FreeIPA server.

Most of actions requires basic understanding in LDAP mechanism. FreeIPA should be already installed before preparing Kolab installation. We will connect only users from the existing tree (which provided by FreeIPA), and we will create new tree for the rest Kolab resources, like mail groups, shared mailboxes, etc.

In the end, we will can authenticate them, edit their parameters via kolab-webadmin, and manage other resources.

Building a Network Bootable Server Farm for Kubernetes with LTSP

Tue, 02 Oct 2018 21:35:07 +0000

In this post, I’m going to introduce you to a cool technology for Kubernetes, LTSP. It is useful for large baremetal Kubernetes deployments.

You don’t need to think about installing an OS and binaries on each node anymore. Why? You can do that automatically through Dockerfile!

You can buy and put 100 new servers into a production environment and get them working immediately - it’s really amazing!

Intrigued? Let me walk you through how it works.

Deploying LINSTOR storage for Proxmox

Wed, 12 Sep 2018 21:36:59 +0000

Few time ago LINBIT released their new solution LINSTOR which is providing orchestration tool for manage multiple DRBD-arrays.

For example you can have few nodes, each one will have own LVM or ZFS pool, LINSTOR will automatically create new volumes there and replicate or distribute them using DRBD protocol.

LINSTOR supports thin-provisioning, snapshots and many other interesting things.

This solution is good suitable for virtual machines and containers.

Run kubernetes inside LXC container

Wed, 22 Aug 2018 21:36:47 +0000

I can tell you how you can run kubernetes master in LXC container, I use Proxmox and it is working really fine, this manual can serve as an alternative way for the classical several masters deployment. In this case you can have only one master, and still have all the features of multimater.

Easy way for install Mikrotik’s Cloud Hosted Router on any Cloud VM

Tue, 06 Feb 2018 12:53:35 +0000

Many cloud providers not allows uploading ISOs and not provides any option for install custom OS. This is not a problem, because I’ll show you how you can prepare Mikrotik VM on any cloud in easy 5 steps.

Zabbix: solve memory and cpu load monitoring issues inside LXC containers

Wed, 29 Nov 2017 12:53:18 +0000

Zabbix have some problems with memory collecting from cgroups limited containers. If you using Promxox, you know what I mean: The available memory collected worng without calculating buffers and cache memory. Zabbix have bug report, but it seems that no one don’t want to fix it soon. So let’s fix it together byself.

Projects Archive

Tue, 27 Dec 2016 03:10:52 +0000

ArtRadio.fm Electronic music radio station (abandoned) ArtPredel.ru The most unusual art from the web (abandoned)

ONLYOFFICE configuration for docker-compose (and letsencrypt).

Wed, 14 Dec 2016 03:55:37 +0000

Run communityserver container, and get onlyoffice.conf from it:

docker run -name communityserver -i -t -d onlyoffice/communityserver`
# wait 1-2 minutes.
sudo docker exec -i -t communityserver /bin/bash -c 'cat /etc/nginx/sites-enabled/onlyoffice' > onlyoffice.conf`
sudo docker rm -fv communityserver

Build your own failover cloud based on OpenNebula with Ceph, MariaDB Galera Cluster and OpenvSwitch [machine translation]

Mon, 16 Nov 2015 16:45:00 +0000

This time I would like to tell how to configure this subject, in a particular each separate component as a result to receive the own, expanded, otkazoustoycheavy cloud based on OpenNebula. In this article I will consider the next moments:

Install Ceph, distributed storage. (I will describe the installation of a two-tier storage with a caching pool of SSDs)
Install MySQL, Galera Cluster with master replication
Installing OpenvSwitch soft switch
Installing directly OpenNebula itself
Configuring Failover Cluster
Initial configuration

The topics themselves are very interesting, so even if you are not interested in the final goal, but you are interested in setting up a separate component. You are welcome under the cut.

Installing CentOS on ZFS in UEFI [machine translation]

Tue, 13 Oct 2015 15:37:00 +0000

I decided to try ZFS here the other day, but I did not find a detailed and simple manual on how to implement it on CentOS, I decided to correct the situation. In addition, I wanted to install all this in EFI mode. - not to stand still? And at the same time understand for yourself how DKMS works, as well as aspects of manual installation of RPM-based distributions. ZFS was not chosen by chance either, since it was planned to deploy a hypervisor on this machine and use zvol to store images of virtual machines. I wanted something more than a software raid + lvm or simple file storage of images, something like ceph, but for one host this is too bold. Looking ahead to say that I was very pleased with this file system, its performance and all its chips.

Customize keyboard shortcuts in Linux like Mac OS X [machine translation]

Wed, 09 Sep 2015 16:30:00 +0000

Previously, I quite often had a situation where you simultaneously work in a terminal and, for example, in a browser. After several hours of work, you start to get confused and in the terminal instead of [Ctrl] + [Shift] + [C], press [Ctrl] + [C], and vice versa in the browser. As a result, in the terminal you get an interrupt and in the browser, instead of the expected effect, your debugger is slowly loaded. One fine moment it got me and I decided it was time to change something…

Forwarding USB to a virtual network via UsbRedir and QEMU [machine translation]

Thu, 20 Aug 2015 11:55:00 +0000

To date, there are quite a few ways to forward a USB device to another computer or virtual machine over the network.

Of the most popular, hardware such as AnywhereUSB and purely software products, from those that I tried myself: USB Redirector and USB / IP.

I would like to tell you about another interesting method that works directly with the QEMU emulator.

It is also part of the spice project, officially supported by RedHat.

UsbRedir, is an open protocol for forwarding usb-devices via tcp to a remote virtual server, developed with the support of RedHat in the framework of the spice project. But as it turned out they can be quite successfully used without spice. The server is usbredirserver, which fumbles a usb device on a specific port, and QEMU itself as a client, which emulates the connection of an exported usb device to a specific usb controller of your virtual machine. Thanks to this approach, absolutely any OS can be used as a guest system, since it does not even know that the device is remotely forwarded, and all the logic rests on QEMU.

Kolab Groupware (Part 2 - Installation) [machine translation]

Sat, 18 Jul 2015 14:17:00 +0000

If you still do not know what Kolab is, then you probably want to read the first article, where I did a detailed review of this rather functional and completely free mail server with a beautiful web-muzzle. This time we will install it.

Kolab Groupware (Part 1 - Overview) [machine translation]

Fri, 17 Jul 2015 15:17:00 +0000

Hi, Habr! I want to tell you about a rather interesting and functional replacement for MS Exchange, completely free and also with a beautiful web-muzzle. The conversation will be about Kolab - a free mail server with support for collaboration, calendars, to-do lists, WebDAV, ActiveSync synchronization and other goodies that can be used both for work and for home.

Carefully, in a post a lot of pictures…

We lift the VPN tunnel from the world home bypassing NAT [machine translation]

Tue, 18 Mar 2014 14:51:00 +0000

I want to tell you about how having your VPS server on the Internet, you can raise a tunnel to your home network. And do not pay at the same time for a static IP provider, and even being behind a NAT, still make your home services available on the Internet.