Last active
May 11, 2025 17:29
-
-
Save usrbinkat/c8b56fb703328147c796bc4356b029b5 to your computer and use it in GitHub Desktop.
Revisions
-
usrbinkat revised this gist
May 24, 2022 . 1 changed file with 0 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -94,6 +94,4 @@ spec: - docker.io runcmd: - "snap remove lxd" - "ip a s" -
May 16, 2022 . 1 changed file with 14 additions and 14 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -26,33 +26,33 @@ echo "br_netfilter" | sudo tee -a /etc/modules sudo modprobe br_netfilter ``` ### 05 Update & Install Packages ```sh sudo dnf update -y sudo dnf install -y firewalld kernel-modules dnf-automatic kubernetes-client helm snapd dracut-squash squashfs-tools squashfuse fuse jq sudo ln -s /var/lib/snapd/snap /snap ``` ### 06 Install Binaries ```sh curl --output /tmp/virtctl -L https://github.com/kubevirt/kubevirt/releases/download/$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/virtctl-$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')-linux-amd64 sudo install -o root -g root -m 0755 /tmp/virtctl /usr/local/bin/virtctl ``` ### 07 Disable Firewall > Warning: Disable Firewalld at your own risk! ```sh sudo systemctl disable firewalld sudo systemctl stop firewalld ``` ### 08 Reboot ```sh sudo shutdown -r now ``` ### 09 Install Microk8s & Deploy Plugins ```sh # Install Microk8s # ! Currently installing latest/edge until bug #3085 is resolved @@ -73,21 +73,21 @@ mkdir -p ~/.kube && sudo microk8s config > ~/.kube/config sudo chown -f -R $USER ~/.kube && chmod 600 ~/.kube/config kubectl get po -A ``` ### 10 Install Containerized Data Importer * Not required for ephemeral vm's like vyos ```sh curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-operator.yaml | kubectl apply -f - curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-cr.yaml | kubectl apply -f - ``` ### 11 Cert Manager ```sh helm repo add jetstack https://charts.jetstack.io; helm repo update helm upgrade --install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --set installCRDs=true ``` ### 12 Install Kubevirt * Install Kubevirt ```sh @@ -122,7 +122,7 @@ spec: EOF ``` ### 13 Create Kubevirt Resources * Create SSH Key Secret ```sh @@ -148,7 +148,7 @@ spec: EOF ``` ### 14 Create VMs *Ubuntu 22.04 Jammy Minimal ```sh @@ -160,14 +160,14 @@ kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c7 kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c796bc4356b029b5/raw/2cbb9883867c6ad02dd72fdbb1b10008cec1a21f/ubuntu-jammy.yaml ``` ### 15 Wait for image download and cdi import ### 16 Execute Cmds to find IP and access serial console ttyS0 ```sh kubectl get vmi virtctl console ubuntu-rdp ``` ### 17 SSH to VM at it's IP address with ssh key used to create secret ### 18 Connect to VM's RDP session at it's IP address with credentials: > kc2user:kc2user -
May 16, 2022 . 1 changed file with 7 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,13 +13,19 @@ WARNING: Microk8s is currently impacted by [BUG #3085](https://github.com/canoni ### 02 Configure br0 ### 03 Enable nested Virtualization && Disable selinux (not for production) > Warning: Disable selinux at your own risk! ```sh sudo grubby --update-kernel=ALL --args 'selinux=0 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci pci=realloc' ``` ### 04 Enable `br_netfilter` for Calico ```sh echo "br_netfilter" | sudo tee -a /etc/modules sudo modprobe br_netfilter ``` ### 04 Update & Install Packages ```sh sudo dnf update -y -
May 16, 2022 . 1 changed file with 24 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,24 @@ # Bug [#3085](https://github.com/canonical/microk8s/issues/3085) Workaround * Perform on each node in the cluster using the appropriate `$NODE_NAME` variable on each node ```sh # Enable br_netfilter module echo "br_netfilter" | sudo tee -a /etc/modules echo "br_netfilter" | sudo tee -a /etc/modules-load.d/snap.microk8s.conf sudo modprobe br_netfilter # Update Microk8s sudo microk8s stop sudo snap refresh microk8s --channel=latest/edge sudo microk8s start # Reboot Node export NODE_NAME=node1.optiplex.home.arpa sudo microk8s kubectl cordon $NODE_NAME sudo microk8s kubectl drain $NODE_NAME sudo shutdown -r now # Uncordon node export NODE_NAME=node1.optiplex.home.arpa sudo microk8s kubectl uncordon $NODE_NAME ``` -
May 16, 2022 . 1 changed file with 13 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,13 @@ ```sh sudo microk8s enable registry sudo mkdir -p /var/snap/microk8s/current/args/certs.d/192.168.1.2\:32000 cat <<EOF | sudo tee /var/snap/microk8s/current/args/certs.d/192.168.1.2\:32000/hosts.toml server = "http://192.168.1.2:32000" [host."http://192.168.1.2:32000"] capabilities = ["pull", "resolve"] EOF skopeo copy --dest-no-creds --dest-tls-verify=false docker://quay.io/containercraft/vyos:1.4-rolling docker://192.168.1.2:32000/containercraft/vyos:1.4-rolling ``` -
May 16, 2022 . 1 changed file with 5 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -142,7 +142,7 @@ spec: EOF ``` ### 13 Create VMs *Ubuntu 22.04 Jammy Minimal ```sh @@ -154,14 +154,14 @@ kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c7 kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c796bc4356b029b5/raw/2cbb9883867c6ad02dd72fdbb1b10008cec1a21f/ubuntu-jammy.yaml ``` ### 14 Wait for image download and cdi import ### 15 Execute Cmds to find IP and access serial console ttyS0 ```sh kubectl get vmi virtctl console ubuntu-rdp ``` ### 16 SSH to VM at it's IP address with ssh key used to create secret ### 17 Connect to VM's RDP session at it's IP address with credentials: > kc2user:kc2user -
May 16, 2022 . 1 changed file with 2 additions and 79 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -49,8 +49,9 @@ sudo shutdown -r now ### 08 Install Microk8s & Deploy Plugins ```sh # Install Microk8s # ! Currently installing latest/edge until bug #3085 is resolved sudo snap install core sudo snap install microk8s --channel=latest/edge --classic && sleep 15 sudo microk8s enable && sudo microk8s status -w && sleep 3 sudo microk8s start && sudo microk8s status -w && sleep 3 sudo usermod -aG microk8s $USER @@ -129,84 +130,6 @@ kubectl create secret generic kubevirt-sshpubkey-kc2user \ kubectl get secret -oyaml kubevirt-sshpubkey-kc2user | awk '/key1:/{print $2}' | base64 -d ``` * Create VM Network Attachment Definition ```sh cat <<EOF | kubectl apply -f - -
May 16, 2022 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -221,9 +221,9 @@ EOF ### 14 Create VMs *Ubuntu 22.04 Jammy Minimal ```sh kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c796bc4356b029b5/raw/86747680e7f8b3cb641c5464d9d4cd083bb29596/ubuntu-jammy-minimal.yaml ``` *Ubuntu 22.04 Jammy with xRDP Ubuntu Desktop -
May 16, 2022 . 1 changed file with 99 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,99 @@ apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: name: jammy labels: os/flavor: ubuntu os/release: jammy spec: running: true template: spec: hostname: jammy domain: clock: utc: {} timer: {} cpu: threads: 2 model: host-passthrough devices: rng: {} autoattachSerialConsole: true autoattachGraphicsDevice: false autoattachPodInterface: false disks: - name: jammy-disk-vda-root bootOrder: 1 disk: bus: virtio - name: cloudinitdisk disk: bus: virtio interfaces: - name: enp1s0 model: virtio bridge: {} features: acpi: enabled: true smm: enabled: true firmware: bootloader: efi: secureBoot: true machine: type: q35 resources: requests: memory: 2G devices.kubevirt.io/kvm: "1" terminationGracePeriodSeconds: 0 networks: - name: enp1s0 multus: networkName: nadbr0 accessCredentials: - sshPublicKey: source: secret: secretName: kubevirt-sshpubkey-kc2user propagationMethod: qemuGuestAgent: users: - "kc2user" volumes: - name: jammy-disk-vda-root containerDisk: image: docker.io/containercraft/ubuntu:22.04 imagePullPolicy: IfNotPresent - name: cloudinitdisk cloudInitNoCloud: networkData: | version: 2 ethernets: enp1s0: dhcp4: true dhcp6: true dhcp-identifier: mac userData: | #cloud-config ssh_pwauth: true chpasswd: list: | kc2user:kc2user expire: False users: - name: kc2user shell: /bin/bash sudo: ['ALL=(ALL) NOPASSWD:ALL'] groups: sudo,wheel,lxd,microk8s,xrdp,docker,ssl-cert package_upgrade: true packages: - docker.io runcmd: - "snap remove lxd" - "apt-get remove -y --allow-remove-essential apport apport-gtk python3-apport python3-problem-report shim-signed apport-symptoms python3-systemd ansible" - "su -l kc2user -c 'gsettings set org.gnome.desktop.interface gtk-theme Yaru-dark'" - "ip a s" -
May 16, 2022 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,7 @@ # Kargo3.0 Bare Metal GitOps Hypervisor WARNING: Microk8s is currently impacted by [BUG #3085](https://github.com/canonical/microk8s/issues/3085) please see bug workaround instructions to remediate until patch is released to stable channels! ## 01. Install OS - Download [Fedora 36 Server](https://getfedora.org/en/server/download/) - [Create Fedora Install USB](https://docs.fedoraproject.org/en-US/quick-docs/creating-and-using-a-live-installation-image/) -
May 15, 2022 . 2 changed files with 119 additions and 16 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -79,13 +79,43 @@ helm upgrade --install cert-manager jetstack/cert-manager --namespace cert-manag ``` ### 11 Install Kubevirt * Install Kubevirt ```sh curl -sL https://github.com/kubevirt/kubevirt/releases/download/$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/kubevirt-operator.yaml | kubectl apply -f - curl -sL https://github.com/kubevirt/kubevirt/releases/download/$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/kubevirt-cr.yaml | kubectl apply -f - kubectl -n kubevirt wait kv kubevirt --for condition=Available ``` * (Optional) Notable FeatureGates ```sh cat <<EOF | kubectl apply -f - --- apiVersion: kubevirt.io/v1 kind: KubeVirt metadata: name: kubevirt namespace: kubevirt spec: configuration: developerConfiguration: featureGates: - LiveMigration - DataVolumes - ExpandDisks - ExperimentalIgnitionSupport - Sidecar - HostDevices - Snapshot - HotplugVolumes - ExperimentalVirtiofsSupport - GPU EOF ``` ### 12 Create Kubevirt Resources * Create SSH Key Secret ```sh # Create SSH Key Secret ls ~/.ssh/id_rsa.pub >/dev/null || ssh-keygen @@ -97,7 +127,85 @@ kubectl create secret generic kubevirt-sshpubkey-kc2user \ kubectl get secret -oyaml kubevirt-sshpubkey-kc2user | awk '/key1:/{print $2}' | base64 -d ``` * Create Kubevirt Instance Flavor Presets ```sh cat <<EOF | kubectl apply -f - --- apiVersion: kubevirt.io/v1 kind: VirtualMachineInstancePreset metadata: name: c1m1 spec: selector: matchLabels: kubevirt.io/flavor: c1m1 domain: devices: rng: {} autoattachPodInterface: false autoattachSerialConsole: true autoattachGraphicsDevice: true networkInterfaceMultiqueue: false cpu: cores: 1 threads: 1 sockets: 1 model: host-model resources: requests: memory: 1G --- apiVersion: kubevirt.io/v1 kind: VirtualMachineInstancePreset metadata: name: c2m2 spec: selector: matchLabels: kubevirt.io/flavor: c2m2 domain: devices: rng: {} autoattachPodInterface: false autoattachSerialConsole: true autoattachGraphicsDevice: true networkInterfaceMultiqueue: false cpu: cores: 1 threads: 1 sockets: 2 model: host-passthrough resources: requests: memory: 2G --- apiVersion: kubevirt.io/v1 kind: VirtualMachineInstancePreset metadata: name: c4m4 spec: selector: matchLabels: kubevirt.io/flavor: c4m4 domain: devices: rng: {} autoattachPodInterface: false autoattachSerialConsole: true autoattachGraphicsDevice: true networkInterfaceMultiqueue: false cpu: cores: 1 threads: 1 sockets: 4 model: host-passthrough resources: requests: memory: 4G EOF ``` * Create VM Network Attachment Definition ```sh cat <<EOF | kubectl apply -f - apiVersion: k8s.cni.cncf.io/v1 @@ -109,7 +217,14 @@ spec: EOF ``` ### 14 Create VMs *Ubuntu 22.04 Jammy ```sh kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c796bc4356b029b5/raw/2cbb9883867c6ad02dd72fdbb1b10008cec1a21f/ubuntu-jammy.yaml ``` *Ubuntu 22.04 Jammy with xRDP Ubuntu Desktop ```sh kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c796bc4356b029b5/raw/2cbb9883867c6ad02dd72fdbb1b10008cec1a21f/ubuntu-jammy.yaml ``` This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,6 +6,7 @@ metadata: labels: app: rdp flavor: ubuntu kubernetes.io/flavor: c2m2 spec: running: true dataVolumeTemplates: @@ -32,14 +33,7 @@ spec: clock: utc: {} timer: {} devices: disks: - name: ubuntu-rdp-disk-vda-root bootOrder: 1 @@ -61,12 +55,6 @@ spec: bootloader: efi: secureBoot: true terminationGracePeriodSeconds: 0 networks: - name: enp1s0 -
May 15, 2022 . 1 changed file with 17 additions and 8 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,7 +13,7 @@ ### 03 Enable nested Virtualization && Disable selinux (not for production) && Reboot > Warning: Disable selinux at your own risk! ```sh sudo grubby --update-kernel=ALL --args 'selinux=0 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci pci=realloc' ``` @@ -33,7 +33,7 @@ sudo install -o root -g root -m 0755 /tmp/virtctl /usr/local/bin/virtctl ### 06 Disable Firewall > Warning: Disable Firewalld at your own risk! ```sh sudo systemctl disable firewalld sudo systemctl stop firewalld @@ -44,20 +44,29 @@ sudo systemctl stop firewalld sudo shutdown -r now ``` ### 08 Install Microk8s & Deploy Plugins ```sh # Install Microk8s sudo snap install core sudo snap install microk8s --channel=1.24/stable --classic && sleep 15 sudo microk8s enable && sudo microk8s status -w && sleep 3 sudo microk8s start && sudo microk8s status -w && sleep 3 sudo usermod -aG microk8s $USER # Enable Plugins sudo microk8s enable dns && sudo microk8s status -w && sleep 3 sudo microk8s enable storage && sudo microk8s status -w && sleep 3 sudo microk8s enable community && sudo microk8s status -w sudo microk8s enable multus && sudo microk8s status -w # Setup KUBECONFIG mkdir -p ~/.kube && sudo microk8s config > ~/.kube/config sudo chown -f -R $USER ~/.kube && chmod 600 ~/.kube/config kubectl get po -A ``` ### 09 Install Containerized Data Importer * Not required for ephemeral vm's like vyos ```sh curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-operator.yaml | kubectl apply -f - curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-cr.yaml | kubectl apply -f - -
May 4, 2022 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -22,6 +22,7 @@ spec: storage: 42G accessModes: - ReadWriteOnce storageClassName: microk8s-hostpath persistentVolumeReclaimPolicy: Delete volumeMode: Block template: -
May 2, 2022 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -49,9 +49,9 @@ sudo shutdown -r now sudo snap install core sudo snap install kubectl --classic sudo snap install microk8s --classic && sleep 15 sudo microk8s start && sudo microk8s status -w && sleep 3 sudo microk8s enable storage && sudo microk8s status -w && sleep 3 sudo microk8s enable multus dns && sudo microk8s status -w sudo usermod -aG microk8s $USER sudo chown -f -R $USER ~/.kube mkdir -p ~/.kube && sudo microk8s config > ~/.kube/config -
Apr 25, 2022 . 1 changed file with 0 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -22,8 +22,6 @@ sudo grubby --update-kernel=ALL --args 'selinux=0 intel_iommu=on iommu=pt rd.dri ```sh sudo dnf update -y sudo dnf install -y firewalld kernel-modules dnf-automatic kubernetes-client helm snapd dracut-squash squashfs-tools squashfuse fuse jq sudo ln -s /var/lib/snapd/snap /snap ``` -
Apr 25, 2022 . 1 changed file with 6 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -49,13 +49,15 @@ sudo shutdown -r now ### 08 Install Microk8s ```sh sudo snap install core sudo snap install kubectl --classic sudo snap install microk8s --classic && sleep 15 sudo microk8s start && microk8s status -w && sleep 3 sudo microk8s enable storage && microk8s status -w && sleep 3 sudo microk8s enable multus dns && microk8s status -w sudo usermod -aG microk8s $USER sudo chown -f -R $USER ~/.kube mkdir -p ~/.kube && sudo microk8s config > ~/.kube/config kubectl get po -A ``` ### 09 Install Containerized Data Importer ```sh -
Apr 25, 2022 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ # Kargo3.0 Bare Metal GitOps Hypervisor ## 01. Install OS - Download [Fedora 36 Server](https://getfedora.org/en/server/download/) - [Create Fedora Install USB](https://docs.fedoraproject.org/en-US/quick-docs/creating-and-using-a-live-installation-image/) - Plug into Desktop/Server Lab System - Boot to Fedora USB Installer -
Apr 25, 2022 . 1 changed file with 18 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -98,4 +98,21 @@ metadata: spec: config: '{"cniVersion":"0.3.1","name":"br0","plugins":[{"type":"bridge","bridge":"br0","ipam":{}},{"type":"tuning"}]}' EOF ``` ### 14 Create Ubuntu 22.04 Jammy xRDP VDI Bastion ```sh kubectl apply -f https://gist.github.com/usrbinkat/c8b56fb703328147c796bc4356b029b5/raw/2cbb9883867c6ad02dd72fdbb1b10008cec1a21f/ubuntu-jammy.yaml ``` ### 15 Wait for image download and cdi import ### 16 Execute Cmds to find IP and access serial console ttyS0 ```sh kubectl get vmi virtctl console ubuntu-rdp ``` ### 17 SSH to VM at it's IP address with ssh key used to create secret ### 18 Connect to VM's RDP session at it's IP address with credentials: > kc2user:kc2user -
Apr 25, 2022 . 1 changed file with 2 additions and 6 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,4 @@ --- apiVersion: kubevirt.io/v1alpha3 kind: VirtualMachine metadata: @@ -129,6 +127,4 @@ spec: - "snap remove lxd" - "apt-get remove -y --allow-remove-essential apport apport-gtk python3-apport python3-problem-report shim-signed apport-symptoms python3-systemd ansible" - "su -l kc2user -c 'gsettings set org.gnome.desktop.interface gtk-theme Yaru-dark'" - "ip a s" -
Apr 25, 2022 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,4 @@ ## Kubevirt Ubuntu 22.04 xRDP Bastion ```sh cat <<EOF | kubectl apply -f - apiVersion: kubevirt.io/v1alpha3 -
Apr 25, 2022 . 2 changed files with 157 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,133 @@ ```sh cat <<EOF | kubectl apply -f - apiVersion: kubevirt.io/v1alpha3 kind: VirtualMachine metadata: name: ubuntu-rdp labels: app: rdp flavor: ubuntu spec: running: true dataVolumeTemplates: - metadata: name: ubuntu-rdp-volume-vda-root spec: source: registry: url: docker://docker.io/containercraft/ubuntu:22.04 imagePullPolicy: Always pvc: resources: requests: storage: 42G accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Delete volumeMode: Block template: spec: hostname: ubuntu-rdp domain: clock: utc: {} timer: {} cpu: threads: 4 model: host-passthrough devices: rng: {} autoattachSerialConsole: true autoattachGraphicsDevice: true autoattachPodInterface: false disks: - name: ubuntu-rdp-disk-vda-root bootOrder: 1 disk: bus: virtio - name: cloudinitdisk disk: bus: virtio interfaces: - name: enp1s0 model: virtio bridge: {} features: acpi: enabled: true smm: enabled: true firmware: bootloader: efi: secureBoot: true machine: type: q35 resources: requests: memory: 6G devices.kubevirt.io/kvm: "1" terminationGracePeriodSeconds: 0 networks: - name: enp1s0 multus: networkName: nadbr0 accessCredentials: - sshPublicKey: source: secret: secretName: kubevirt-sshpubkey-kc2user propagationMethod: qemuGuestAgent: users: - "kc2user" volumes: - name: ubuntu-rdp-disk-vda-root dataVolume: name: ubuntu-rdp-volume-vda-root - name: cloudinitdisk cloudInitNoCloud: networkData: | version: 2 ethernets: enp1s0: dhcp4: true dhcp6: true dhcp-identifier: mac userData: | #cloud-config ssh_pwauth: true chpasswd: list: | kc2user:kc2user expire: False users: - name: kc2user shell: /bin/bash sudo: ['ALL=(ALL) NOPASSWD:ALL'] groups: sudo,wheel,lxd,microk8s,xrdp,docker,ssl-cert write_files: - encoding: b64 content: W1JlbW90ZSBBZG1pbiBTU0ggYWNjZXNzXSAKSWRlbnRpdHk9dW5peC1ncm91cDp3aGVlbApBY3Rpb249KgpSZXN1bHRBbnk9eWVzClJlc3VsdEluYWN0aXZlPXllcwpSZXN1bHRBY3RpdmU9eWVzCg== owner: root:root path: /etc/polkit-1/localauthority/50-local.d/46-user-admin.pkla permissions: '0644' - encoding: b64 content: cG9sa2l0LmFkZFJ1bGUoZnVuY3Rpb24oYWN0aW9uLCBzdWJqZWN0KSB7CiBpZiAoKGFjdGlvbi5pZCA9PSAib3JnLmZyZWVkZXNrdG9wLmNvbG9yLW1hbmFnZXIuY3JlYXRlLWRldmljZSIgfHwKIGFjdGlvbi5pZCA9PSAib3JnLmZyZWVkZXNrdG9wLmNvbG9yLW1hbmFnZXIuY3JlYXRlLXByb2ZpbGUiIHx8CiBhY3Rpb24uaWQgPT0gIm9yZy5mcmVlZGVza3RvcC5jb2xvci1tYW5hZ2VyLmRlbGV0ZS1kZXZpY2UiIHx8CiBhY3Rpb24uaWQgPT0gIm9yZy5mcmVlZGVza3RvcC5jb2xvci1tYW5hZ2VyLmRlbGV0ZS1wcm9maWxlIiB8fAogYWN0aW9uLmlkID09ICJvcmcuZnJlZWRlc2t0b3AuY29sb3ItbWFuYWdlci5tb2RpZnktZGV2aWNlIiB8fAogYWN0aW9uLmlkID09ICJvcmcuZnJlZWRlc2t0b3AuY29sb3ItbWFuYWdlci5tb2RpZnktcHJvZmlsZSIpICYmCiBzdWJqZWN0LmlzSW5Hcm91cCgie3VzZXJzfSIpKSB7CiByZXR1cm4gcG9sa2l0LlJlc3VsdC5ZRVM7CiB9Cn0pOwo= owner: root:root path: /etc/polkit-1/localauthority.conf.d/02-allow-colord.conf permissions: '0644' package_upgrade: true packages: - docker.io - policykit-1-gnome - ubuntu-desktop - firefox - xrdp runcmd: - "snap remove lxd" - "apt-get remove -y --allow-remove-essential apport apport-gtk python3-apport python3-problem-report shim-signed apport-symptoms python3-systemd ansible" - "su -l kc2user -c 'gsettings set org.gnome.desktop.interface gtk-theme Yaru-dark'" - "ip a s" EOF ``` This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -29,8 +29,8 @@ sudo ln -s /var/lib/snapd/snap /snap ### 05 Install Binaries ```sh curl --output /tmp/virtctl -L https://github.com/kubevirt/kubevirt/releases/download/$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/virtctl-$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')-linux-amd64 sudo install -o root -g root -m 0755 /tmp/virtctl /usr/local/bin/virtctl ``` ### 06 Disable Firewall @@ -76,4 +76,26 @@ curl -sL https://github.com/kubevirt/kubevirt/releases/download/$(curl -s https: kubectl -n kubevirt wait kv kubevirt --for condition=Available ``` ### 12 Create SSH Key Secret ```sh # Create SSH Key Secret ls ~/.ssh/id_rsa.pub >/dev/null || ssh-keygen kubectl create secret generic kubevirt-sshpubkey-kc2user \ --from-file=key1=$HOME/.ssh/id_rsa.pub \ --dry-run=client -oyaml \ | kubectl apply -f - kubectl get secret -oyaml kubevirt-sshpubkey-kc2user | awk '/key1:/{print $2}' | base64 -d ``` ### 13 Create VM Network Attachment Definition ```sh cat <<EOF | kubectl apply -f - apiVersion: k8s.cni.cncf.io/v1 kind: NetworkAttachmentDefinition metadata: name: nadbr0 spec: config: '{"cniVersion":"0.3.1","name":"br0","plugins":[{"type":"bridge","bridge":"br0","ipam":{}},{"type":"tuning"}]}' EOF ``` -
Apr 24, 2022 . 1 changed file with 12 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,7 +21,7 @@ sudo grubby --update-kernel=ALL --args 'selinux=0 intel_iommu=on iommu=pt rd.dri ### 04 Update & Install Packages ```sh sudo dnf update -y sudo dnf install -y firewalld kernel-modules dnf-automatic kubernetes-client helm snapd dracut-squash squashfs-tools squashfuse fuse jq sudo sed -i 's/^apply_updates = no/apply_updates = yes/g' /etc/dnf/automatic.conf sudo systemctl enable --now dnf-automatic.timer sudo ln -s /var/lib/snapd/snap /snap @@ -57,18 +57,23 @@ sudo usermod -aG microk8s $USER sudo chown -f -R $USER ~/.kube mkdir -p ~/.kube && sudo microk8s config > ~/.kube/config ``` ### 09 Install Containerized Data Importer ```sh curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-operator.yaml | kubectl apply -f - curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-cr.yaml | kubectl apply -f - ``` ### 10 Cert Manager ```sh helm repo add jetstack https://charts.jetstack.io; helm repo update helm upgrade --install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --set installCRDs=true ``` ### 11 Install Kubevirt ```sh curl -sL https://github.com/kubevirt/kubevirt/releases/download/$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/kubevirt-operator.yaml | kubectl apply -f - curl -sL https://github.com/kubevirt/kubevirt/releases/download/$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/kubevirt-cr.yaml | kubectl apply -f - kubectl -n kubevirt wait kv kubevirt --for condition=Available ``` -
Apr 24, 2022 . 1 changed file with 7 additions and 13 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -52,29 +52,23 @@ sudo snap install core sudo snap install microk8s --classic sudo microk8s start sudo microk8s enable storage sudo microk8s enable multus dns sudo usermod -aG microk8s $USER sudo chown -f -R $USER ~/.kube mkdir -p ~/.kube && sudo microk8s config > ~/.kube/config ``` ### 09 Install Kubevirt & Dependencies ```sh # Containerized Data Importer curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-operator.yaml | kubectl apply -f - curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-cr.yaml | kubectl apply -f - # Cert Manager helm repo add jetstack https://charts.jetstack.io helm repo update helm upgrade --install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --set installCRDs=true ``` -
Apr 24, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,80 @@ # Kargo3.0 Bare Metal GitOps Hypervisor ## 01. Install OS - Download [Fedora Server](https://getfedora.org/en/server/download/) - [Create Fedora Install USB](https://docs.fedoraproject.org/en-US/quick-docs/creating-and-using-a-live-installation-image/) - Plug into Desktop/Server Lab System - Boot to Fedora USB Installer - Erase HDD/SDD devices - Install Fedora - Reboot ### 02 Configure br0 ### 03 Enable nested Virtualization && Disable selinux (not for production) && Reboot > Warning! enable Selinux for Production ```sh sudo grubby --update-kernel=ALL --args 'selinux=0 intel_iommu=on iommu=pt rd.driver.pre=vfio-pci pci=realloc' ``` ### 04 Update & Install Packages ```sh sudo dnf update -y sudo dnf install -y firewalld kernel-modules dnf-automatic kubernetes-client helm snapd dracut-squash squashfs-tools squashfuse fuse sudo sed -i 's/^apply_updates = no/apply_updates = yes/g' /etc/dnf/automatic.conf sudo systemctl enable --now dnf-automatic.timer sudo ln -s /var/lib/snapd/snap /snap ``` ### 05 Install Binaries ```sh curl --output ~/virtctl -sL https://github.com/kubevirt/kubevirt/releases/download/v${VIRTCTL_RELEASE}/virtctl-$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | awk -F '[",]' '/tag_name/{print $4}')-linux-amd64 sudo install -o root -g root -m 0755 ~/virtctl /usr/local/bin/virtctl ``` ### 06 Disable Firewall > Warning! enable Firewalld for Production ```sh sudo systemctl disable firewalld sudo systemctl stop firewalld ``` ### 07 Reboot ```sh sudo shutdown -r now ``` ### 08 Install Microk8s ```sh sudo snap install core sudo snap install microk8s --classic sudo microk8s start sudo microk8s enable storage sudo microk8s enable registry multus dns sudo usermod -aG microk8s $USER sudo chown -f -R $USER ~/.kube mkdir -p ~/.kube && sudo microk8s config > ~/.kube/config ``` ### 09 Install Kubevirt & Dependencies ```sh curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-operator.yaml | kubectl apply -f - curl -sL https://github.com/kubevirt/containerized-data-importer/releases/download/$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | awk -F '[",]' '/tag_name/{print $4}')/cdi-cr.yaml | kubectl apply -f - ``` ----------------------------------------------------------------------------------- # Optional ```sh # Upgrade Fedora sudo dnf upgrade --refresh sudo dnf install -y dnf-plugin-system-upgrade sudo dnf system-upgrade -y download --releasever=36 sudo dnf system-upgrade reboot ```