GRML iPXE etboot from HTTP (without NFS)

# downlaod Grml image
wget http://download.grml.org/grml32-small_2013.02.iso -O /tmp/grml32-small_2013.02.iso

# mount image
mount /tmp/grml32-small_2013.02.iso /mnt/ -o loop

# copy Grml files to tftpboot
mkdir /var/lib/tftpboot/live/grml/32-small/
cp /mnt/boot/grml32small/initrd.img /var/lib/tftpboot/live/grml/32-small/
cp /mnt/boot/grml32small/vmlinuz /var/lib/tftpboot/live/grml/32-small/
cp /mnt/live/grml32-small/grml32-small.squashfs /var/lib/tftpboot/live/grml/32-small/

# configure NFS
echo "/var/lib/tftpboot/live/grml/32-small *(ro,no_root_squash,async,no_subtree_check)

sysctl

configure parameter

# determine the maximum size of a shared memory segment
cat /proc/sys/kernel/shmmax
 
# set default shared memory limit for shmmax (16 GB)
echo 17179869184 > /proc/sys/kernel/shmmax
 
# add the following line to /etc/sysctl.conf to make a change permanent
echo "kernel.shmmax=4294967296" >> /etc/sysctl.d/90-shmmax.conf
 
# load parameter
/sbin/sysctl -p /etc/sysctl.d/90-shmmax.conf

reduce swap usage
https://en.wikipedia.org/wiki/Swappiness

OpenStack: Floating IP port forward (in development / experimental)

List floatin IPs

openstack floating ip list
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| ID                                   | Floating IP Address | Fixed IP Address | Port                                 | Floating Network                     | Project                          |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| dc049c28-6562-4c37-834b-d3a612d4b580 | 1.2.3.4        | None             | None                                 | 39583230-154f-4b56-a56e-2fd83c9986ce | 1eede1bdc28344f3acf6b48b232e406f |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+

List VMs

Octavia: Allow SSH login to Amphora VM

Allow SSH access

LB_ID=foo-lb01-prod
 
AMPHORA_ID=$(openstack loadbalancer amphora list --loadbalancer ${LB_ID} --role MASTER -c id -f value)
AMPHORA_COMPUTE_ID=$(openstack loadbalancer amphora show ${AMPHORA_ID} -c compute_id -f value)
LB_NETWORK_IP=$(openstack loadbalancer amphora show ${AMPHORA_ID} -c lb_network_ip -f value)
SECURITY_GROUP_ID=$(openstack port list --server ${AMPHORA_COMPUTE_ID} --fixed-ip "ip-address=${LB_NETWORK_IP}" -c security_group_ids -f value)
 
# DEBUG: show ingress tcp rules
openstack security group rule list --ingress --protocol tcp ${SECURITY_GROUP_ID}
openstack security group rule create --protocol tcp --dst-port 22:22 --remote-ip 172.16.0.0/12  ${SECURITY_GROUP_ID}
openstack loadbalancer amphora list --loadbalancer ${LB_ID} -c  lb_network_ip -c role -f value
openstack loadbalancer amphora list --loadbalancer ${LB_ID} -c  lb_network_ip --role MASTER -f value
 
# login to amphora VM from OpenStack control node
ssh local@ctl1-dev.dev.i.example.com
ssh -i ~/.ssh/id_rsa_octavia ubuntu@${AMPHORA_VM_IP}

Manuall SSH access

LineageOS

Andorid Apps (arm, nano)
https://opengapps.org/?api=9.0&variant=nano

wget https://netix.dl.sourceforge.net/project/opengapps/arm/20200429/open_gapps-arm-9.0-nano-20200429.zip -P /tmp

Compile Heimdall (tested with v1.4.2)

sudo apt-get install -y build-essential cmake zlib1g-dev qt5-default libusb-1.0-0-dev libgl1-mesa-glx libgl1-mesa-dev
 
git clone https://gitlab.com/BenjaminDobell/Heimdall.git /tmp/Heimdall
cd /tmp/Heimdall
mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make
 
# test
cd bin/
./heimdall version

Boot phone to recovery mode
Vol- + Home + Power

Download recovery file
https://twrp.me/Devices/

wget https://dl.twrp.me/hlte/twrp-3.3.1-0-hlte.img -P /tmp

Flash LineageOS
https://wiki.lineageos.org/devices/hlte/install

LXD with OpenvSwitch network 

# create bridge
ovs-vsctl add-br mybridge
# ifconfig mybridge up
ip link set mybridge up
ovs-vsctl show
 
# connect ovs bridge to external network
ovs-vsctl add-port mybridge eno1
ifconfig eno1 0
dhclient mybridge -v
ip a show mybridge
route -n
 
# create LXD container
lxc profile create disk-only
lxc storage create pool1 dir
lxc profile device add disk-only root disk path=/ pool=pool1
lxc profile show disk-only
lxc launch ubuntu:18.04 ovs1 -p disk-only
lxc config device add ovs1 eth0 nic nictype=bridged parent=mybridge host_name=vport11
lxc launch ubuntu:18.04 ovs2 -p disk-only
lxc config device add ovs2 eth0 nic nictype=bridged parent=mybridge host_name=vport12
lxc network list

LXD: Network

Configure default profile

lxc network create lxdbr0
lxc network create lxdbr0 ipv4.address=10.0.33.1/24 ipv4.nat=true ipv6.address=none
lxc profile device add default eth0 nic nictype=bridged parent=lxdbr0 name=eth0
 
# disable IPv6 inside of container
lxc network set lxdbr0 ipv6.address none

Configure static IP address

lxc stop c1
lxc network attach lxdbr0 c1 eth0 eth0
lxc config device set c1 eth0 ipv4.address 10.0.0.12
lxc start c1
 
# add NICs
lxc config device add vm-dhcp1-dev dev-mgmt-new nic name=dev-mgmt nictype=macvlan parent=dev-mgmt

ipv6

lxc network set lxdbr0 ipv6.dhcp.stateful true

ovs network

lxc profile create disk-only
lxc storage create pool1 dir
lxc profile device add disk-only root disk path=/ pool=pool1
lxc profile show disk-only
lxc launch ubuntu:18.04 ovs1 -p disk-only
lxc config device add ovs1 eth0 nic nictype=bridged parent=ovsbridge host_name=vport11
lxc network list
# test static ip
lxc launch redis r
lxc config device override r
lxc config device set r eth0 ipv4.address 10.100.0.100

Links
https://stgraber.org/2016/03/15/lxd-2-0-installing-and-configuring-lxd-212/
https://thomas-leister.de/en/container-overlay-network-openvswitch-linux/
https://stgraber.org/2016/10/27/network-management-with-lxd-2-3/

Subscribe to