LXD: profile
Copy profiles between LXD cluster nodes
lxc profile copy profile-name new-lxd-server:
Export all profiles
for PROFILE in $(lxc profile list --format json | jq -r '.[].name'); do lxc profile show ${PROFILE} > ${PROFILE} done
Import profiles
for PROFILE in $(ls nic* disk*); do lxc profile create ${PROFILE} < ${PROFILE} done
DevStack
DevStack XENA
sudo apt -y install git jq vim sudo apt purge -y python3-distro-info git clone --branch "stable/xena" https://opendev.org/openstack/devstack HOST_IP=$(ip -o -4 -j a | jq -r '.[].addr_info[] | select(.dev == "ens3") .local') echo ${HOST_IP}
DevStack XENA
https://openstack.goffinet.org/03-02-openstack-lab-devstack.html
http://lia.deis.unibo.it/Courses/CompNetworksM/1718/slides/NetworksM_Cloud180518_v1.pdf
https://opnfvblog.wordpress.com/2016/10/27/devstack-localconf/
https://01.org/sites/default/files/page/accelerating_openstack_networking_with_intel_architecture_rev008.pdf
Flash LineageOS on Google Pixel 2 XL (taimen)
Prepare
https://wiki.lineageos.org/devices/taimen/install
Enable debug mode on phone
Enable OEM unlocking
Enable USB debugging
adb reboot bootloader
fastboot flashing unlock
# confirm with keys
adb reboot bootloaderBoot TWRP
https://dl.twrp.me/taimen/twrp-3.5.2_9-0-taimen.img.html
https://dl.twrp.me/taimen/twrp-3.5.2_9-0-taimen.img
fastboot boot Downloads/twrp-3.5.2_9-0-taimen.img adb shell twrp wipe data adb shell twrp wipe dalvik
LineageOS image
https://download.lineageos.org/taimen
https://mirrorbits.lineageos.org/full/taimen/20211118/lineage-18.1-20211118-nightly-taimen-signed.zip
adb sideload Downloads/lineage-18.1-20211118-nightly-taimen-signed.zip
OPTIONAL: Open GApps
https://opengapps.org/?api=11.0&variant=nano
# Download: ARM64 / 11.0 / nano https://jztkft.dl.sourceforge.net/project/opengapps/arm64/20211119/open_gapps-arm64-11.0-nano-20211119.zip adb sideload Downloads/open_gapps-arm64-11.0-nano-20211119.zip
GRML - Linux Live-CD for sysadmins
- Read more about GRML - Linux Live-CD for sysadmins
- Log in to post comments
# install grml2usb
cat < /etc/apt/sources.list.d/chromium.list
deb http://deb.grml.org/ grml-testing main
EOF
# install grml2usb package
apt-get update
apt-get install grml2usb -y --force-yes
# format partition on USB pen (OPTIONAL)
mkfs.vfat /dev/sdb1
# install GRML to USB pen
grml2usb grml-small_2009.10.iso /dev/sdb1
LINKS
http://git.grml.org/?p=grml-live.git;a=blob_plain;f=templates/GRML/grml-cheatcodes.txt;hb=HEAD
http://www.linux-user.de/ausgabe/2006/06/008-grml/index.html
Deploy LXD container with terraform
Docs
https://registry.terraform.io/providers/terraform-lxd/lxd/latest/docs
https://registry.terraform.io/providers/terraform-lxd/lxd/latest/docs/resources/container
Create LXD container
# terraform init # terraform apply -auto-approve # terraform destroy -auto-approve terraform { required_providers { lxd = { source = "terraform-lxd/lxd" } } } provider "lxd" { generate_client_certificates = true accept_remote_certificate = true } resource "lxd_container" "lxd_container_u2004" { name = "u2004" image = "ubuntu:20.04" config = { "boot.autostart" = true } limits = { cpu = 2 } } resource "lxd_container" "lxd_container_u2110" { name = "u2110" image = "ubuntu:21.10" # image = "images:ubuntu-minimal:21.10" # fixme config = { "boot.autostart" = true } limits = { cpu = 2 } }
Ubuntu autoinstall
Download Server Live iso
https://releases.ubuntu.com/21.04/ubuntu-21.04-live-server-amd64.iso
wget https://releases.ubuntu.com/21.10/ubuntu-21.10-live-server-amd64.iso -O ubuntu-21.10-live-server-amd64.iso
Copy files (to GRML boot USB pen)
Create OpenStack VPNaaS with Terraform
terraform.tfvars
os_user = "foo" psk = "pass1234" fritzbox_wan_ip = "1.2.3.4" fritzbox_cidr = "192.168.178.0/24"
terraform.tf
Side2Side VPN connection between OpenStack VPN and AVM Fritz!Box
FRITZBOX_WAN_IP=111.1.2.3 FRITZBOX_CIDR=192.168.178.0/24 OS_USER=foo PROJECT_ID=xxxxxxxxxxxxxx PSK=PASS1234 openstack vpn ike policy create ${OS_USER}-ike-aes256-sha512 \ --encryption-algorithm aes-256 \ --auth-algorithm sha512 \ --pfs group2 openstack vpn ipsec policy create ${OS_USER}-ipsec-aes256-sha512 \ --encryption-algorithm aes-256 \ --auth-algorithm sha512 \ --pfs group2 ROUTER_ID=$(openstack router list --project ${PROJECT_ID} -c ID -f value) openstack vpn service create ${OS_USER}-vpn-service1 \ --router ${ROUTER_ID} SUBNET_ID=$(openstack subnet list --project ${PROJECT_ID} -c ID -f value) openstack vpn endpoint group create ${OS_USER}-vpn-ep-subnet \ --type subnet \ --value ${SUBNET_ID} openstack vpn endpoint group create ${OS_USER}-vpn-ep-cidr \ --type cidr \ --value ${FRITZBOX_CIDR} openstack vpn ipsec site connection create ${OS_USER}-vpn-conn1 \ --vpnservice ${OS_USER}-vpn-service1 \ --ikepolicy ${OS_USER}-ike-aes256-sha512 \ --ipsecpolicy ${OS_USER}-ipsec-aes256-sha512 \ --peer-address ${FRITZBOX_WAN_IP} \ --peer-id ${FRITZBOX_WAN_IP} \ --psk ${PSK} \ --local-endpoint-group ${OS_USER}-vpn-ep-subnet \
Cleanup / delete OpenStack objects
PROJECT_ID=f0f745a9c79c47fdbbdd187d728f9e41 # Delete VMs openstack server list --project ${PROJECT_ID} openstack server delete ${SERVER_ID} openstack volume list --project ${PROJECT_ID} openstack volume delete ${VOLUME_ID} openstack image list --private --long | grep ${PROJECT_ID} openstack image delete ${IMAGE_ID} # Delete loadbalancer openstack loadbalancer list --project ${PROJECT_ID} openstack loadbalancer delete --cascade ${LOADBALANCER_ID} # Delete secrets openstack secret list openstack secret delete ${SECRET_URL} # Delete VPNs openstack vpn ipsec site connection list --long | grep ${PROJECT_ID} openstack vpn ipsec site connection delete ${IPSEC_SITE_CONNECTION_ID} openstack vpn endpoint group list --long | grep ${PROJECT_ID} openstack vpn endpoint group delete ${VPN_ENDPOINT_GROUP_ID} openstack vpn service list --long | grep ${PROJECT_ID} openstack vpn service delete ${VPN_SERVICE_ID} openstack vpn ipsec policy list --long | grep ${PROJECT_ID} openstack vpn ipsec policy delete ${VPN_IPSEC_POLICY_ID} openstack vpn ike policy list --long | grep ${PROJECT_ID} openstack vpn ike policy delete ${VPN_IKE_POLICY_ID} # Delete k8s openstack coe cluster list # Delete floating ip openstack floating ip list --project ${PROJECT_ID} openstack floating ip delete ${FLOATING_IP} # Delete router openstack router list --project ${PROJECT_ID}