Category: Networking

Deploy K8s HA (Multi-Master) on Ubuntu servers using Ansible

Published on Author admin

Deploy K8s HA (Multi-Master) on Ubuntu servers using Ansible Architecture Ansible inventory file: [masters] k8s-master1 ansible_host=10.10.10.11 node_name=k8s-master1 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519 k8s-master2 ansible_host=10.10.10.12 node_name=k8s-master2 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519 k8s-master3 ansible_host=10.10.10.13 node_name=k8s-master3 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519 [workers] k8s-worker1 ansible_host=10.10.10.21 node_name=k8s-worker1 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519 k8s-worker2 ansible_host=10.10.10.22 node_name=k8s-worker2 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519 k8s-worker3 ansible_host=10.10.10.23 node_name=k8s-worker3 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519 Ansible playbook: --- - hosts: all   become: true  … Continue reading Deploy K8s HA (Multi-Master) on Ubuntu servers using Ansible

Generic HA Architecture - App servers + PostgreSQL Patroni cluster

Published on Author admin

Generic HA Architecture - App servers + PostgreSQL Patroni cluster Keepalived + HAproxy used as Load Balancers   Key components: HAproxy - TCP/HTTP Load Balancer Keepalived - Virtual IP for HAproxy Patroni - HA template for PostgreSQL database (cluster with streaming replication) etcd - Distributed Configuration Store for Patroni   Architecture diagram:

Docker 20.10 fails to start on CentOS 8 and Fedora 33

Published on Author admin

After upgrading Docker to version 20.10 on CentOS 8 and Fedora 33 we can see that it fails to start docker.service. In docker.service logs and firewalld.service logs we can see following message: ERROR: ZONE_CONFLICT: 'docker0' already bound to a zone Solution for this issue: sudo firewall-cmd --zone=trusted --remove-interface=docker0 sudo firewall-cmd --zone=trusted --remove-interface=docker0 --permanent

Fedora 33 - make DNS (systemd-resolved) working with NetworkManager's ForitSSL VPN connections

Published on Author admin

In Fedora 33 there is a systemd-resolved service enabled by default. Use following steps to make DSN working after establishing FortiSSL VPN connection using Network Manager (using NetworkManager-fortisslvpn-gnome plugin). Assuming that "ppp0" is you virtual network interface for VPN connection, you can set X.X.X.X and Y.Y.Y.Y as DNS servers: resolvectl dns ppp0 X.X.X.X Y.Y.Y.Y Add… Continue reading Fedora 33 - make DNS (systemd-resolved) working with NetworkManager's ForitSSL VPN connections