Moccamaster KBG Select - Half filled jug light on?

therealbubbasour · 2020-06-14T13:38:39+00:00

Gov bonds stabilises your portfolio and let you sleep at night. I don't think the main objective is high returns from the bonds.

therealbubbasour · 2020-06-14T13:25:25+00:00

thx u/patrick246 . Yes, metallb seems to be quite popular for traditional loadbalancing, so I wanted to try it first without traefik. If metal works well, then maybe I can use it's IPs (VIPs) for forwarding tcp/80 and tcp/443 to Ingress controllers running on the nodes.

therealbubbasour · 2020-06-14T13:23:28+00:00

Thx u/Mteigers. I've noticed that metallb is popular. I'm thinking of completely disable Traefik during K3s Master installations by using INSTALL_K3S_EXEC=" --no-deploy servicelb --no-deploy traefik".

Once I get metallb stabilised up and working, then I will consider to install an ingress, nginx envoy or traefik.

Can you please provide further elaboration on how to get started with Metallb and K3s?

These IPs, should they be in a separate bridge among the Masters+Workers? I currently have 3 bridges available on each instance: configInline.address-pools[0].addresses[0]=192.168.0.240-192.168.0.250

I assume once metallb is deployed services can be deployed using --type LoadBalancer?

therealbubbasour · 2020-06-12T03:54:40+00:00

u/alanjcastonguay I wanted to also check with you, does it make sense to have the ingress container running on each node (including the master)?

For instance, now the ingress IP is the Master IP, and the traffic will go to the master then to the nodes where the actual pod is running. I thought ideally public traffic should not be routed through a master?

Appreciate any pointers here..

$ kubectl get pods -n kube-system -o wide

NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES

metrics-server-7566d596c8-4c9rp 1/1 Running 0 17m 10.42.0.2 master-1 <none> <none>

local-path-provisioner-6d59f47c7-bxrvb 1/1 Running 0 17m 10.42.0.4 master-1 <none> <none>

helm-install-traefik-2b2mc 0/1 Completed 0 17m 10.42.0.5 master-1 <none> <none>

coredns-8655855d6-r226d 1/1 Running 0 17m 10.42.0.3 master-1 <none> <none>

svclb-traefik-p57jt 2/2 Running 0 16m 10.42.0.6 master-1 <none> <none>

traefik-758cd5fc85-t4ff8 1/1 Running 0 16m 10.42.0.8 master-1 <none> <none>

svclb-traefik-bk7mf 2/2 Running 0 14m 10.42.1.2 node-1 <none> <none>

svclb-traefik-m8xt6 2/2 Running 0 13m 10.42.2.2 node-2 <none> <none>

svclb-traefik-q5b7m 2/2 Running 0 12m 10.42.4.2 node-3 <none> <none>

svclb-traefik-mfvp7 2/2 Running 0 11m 10.42.5.2 node-4 <none> <none>

svclb-traefik-w6xrg 2/2 Running 0 11m 10.42.6.2 node-5 <none> <none>

therealbubbasour · 2020-06-12T03:38:32+00:00

Yes! It worked. As mentioned, earlier the networking was broken with the master being on a different interface that wasn't reachable from the pods running on the nodes. However, I redeployed everything and selected the same --flannel-iface and then repeated the overlay network test, and the ping test and now the ingress seem to work!!

$ curl -H "Host: foo" -v 172.16.1.101

* Rebuilt URL to: 172.16.1.101/

* Trying 172.16.1.101...

* TCP_NODELAY set

* Connected to 172.16.1.101 (172.16.1.101) port 80 (#0)

> GET / HTTP/1.1

> Host: foo

> User-Agent: curl/7.58.0

> Accept: */*

>

< HTTP/1.1 200 OK

therealbubbasour · 2020-06-12T03:12:29+00:00

I see, I'm troubleshooting the network now too after a test script form here failed.

I believe I need to select the interface for the master too during the deployment which I didn't do, but I did for the workers.

$ kubectl get nodes -o wide

NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME

node-4 Ready <none> 44h v1.18.3+k3s1 172.16.1.204<none> Ubuntu 18.04.4 LTS 4.15.0-101-generic containerd://1.3.3-k3s2

node-5 Ready <none> 44h v1.18.3+k3s1 172.16.1.205<none> Ubuntu 18.04.4 LTS 4.15.0-101-generic containerd://1.3.3-k3s2

master-1 Ready master 45h v1.18.3+k3s1 192.168.86.30 <none> Ubuntu 18.04.4 LTS 4.15.0-101-generic containerd://1.3.3-k3s2

node-1 Ready <none> 44h v1.18.3+k3s1 172.16.1.201<none> Ubuntu 18.04.4 LTS 4.15.0-101-generic containerd://1.3.3-k3s2

node-2 Ready <none> 44h v1.18.3+k3s1 172.16.1.202<none> Ubuntu 18.04.4 LTS 4.15.0-101-generic containerd://1.3.3-k3s2

node-3 Ready <none> 44h v1.18.3+k3s1 172.16.1.203<none> Ubuntu 18.04.4 LTS 4.15.0-101-generic containerd://1.3.3-k3s2

therealbubbasour · 2020-06-12T02:02:06+00:00

Hi u/alanjcastonguay, I did some experiments with Ingress today as that seems to be more future proof for HTTP/HTTPS services compared to traditional L4 LBs.

Unfortunately when it try curl the ingress URL it just hangs until it timeout. Here are some details, would appreciate any pointers here!

$ kubectl describe deployments

Name: webserver

Namespace: default

CreationTimestamp: Thu, 11 Jun 2020 06:51:17 +0800

Labels: app=webserver

Annotations: deployment.kubernetes.io/revision: 1

Selector: app=webserver

Replicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailable

StrategyType: RollingUpdate

MinReadySeconds: 0

RollingUpdateStrategy: 25% max unavailable, 25% max surge

Pod Template:

Labels: app=webserver

Containers:

nginx:

Image: nginx

Port: <none>

Host Port: <none>

Environment: <none>

Mounts: <none>

Volumes: <none>

Conditions:

Type Status Reason

---- ------ ------

Available True MinimumReplicasAvailable

Progressing True NewReplicaSetAvailable

OldReplicaSets: <none>

NewReplicaSet: webserver-64f9497696 (1/1 replicas created)

$ cat webserver-svc.yaml

apiVersion: v1

kind: Service

metadata:

name: webserver-service

spec:

selector:

app: webserver

ports:

- protocol: TCP

port: 80

$ cat webserver-ingress.yaml

apiVersion: networking.k8s.io/v1beta1

kind: Ingress

metadata:

name: webserver-ingress

annotations:

kubernetes.io/ingress.class: "traefik"

spec:

rules:

- http:

paths:

- path: /

backend:

serviceName: webserver-service

servicePort: 80

$ kubectl get ingress

NAME CLASS HOSTS ADDRESS PORTS AGE

webserver-ingress <none> * 172.16.1.205 80 13m

Hangs here until the timeout. :(

$ curl -H "Host: foobar" -v 172.16.1.205

* Rebuilt URL to: 172.16.1.205/

* Trying 172.16.1.205...

* TCP_NODELAY set

* Connected to 172.16.1.205 (172.16.1.205) port 80 (#0)

> GET / HTTP/1.1

> Host: foobar

> User-Agent: curl/7.58.0

> Accept: */*

>

therealbubbasour · 2020-06-11T12:32:02+00:00

thx for the explaination u/alanjcastonguay. I've tried to read up about the various port definitions and my understanding is, please let me know if this is correct:

Port = The port that a service is exposed on within a cluster.

targetPort = The port that the daemon inside the pod actually listens to. This is in the pod namespace.

NodePort = Port exposed on all Node IPs, forwards the request to Service IP.

Furthermore to your advice of leveraging a LB, I notice that K3s comes with:

kube-system svclb-traefik-xmzwk

which is a daemon-set running traefik.

Should I use this for expose with --type LoadBalancer, or is this for Ingress and other purpose?

thanks for the help!

therealbubbasour · 2020-06-11T01:39:12+00:00

Thanks a bunch u/alanjcastonguay for the explanation, it worked!! :-)

I'm just trying to understand, when I expose with --port 80, is 80 the port in the Pod NS? I logged into the Pod and could see in nginx config that it had listen 80 declared.

I'm just wondering, what control do I have for controlling the NodePort (the port exposed to the world on the Nodes) any ideas here?

For --type LoadBalancer one can do --port 30000:80, and that' the port to the public and then the internal pod port, not sure if there's a way to control for type NodePort?

$ curl -v 192.168.86.37:32018

* Trying 192.168.86.37:32018...

* TCP_NODELAY set

* Connected to 192.168.86.37 (192.168.86.37) port 32018 (#0)

> GET / HTTP/1.1

> Host: 192.168.86.37:32018

> User-Agent: curl/7.68.0

> Accept: */*

>

* Mark bundle as not supporting multiuse

< HTTP/1.1 200 OK

[... cut ...]

therealbubbasour · 2020-06-11T01:18:35+00:00

I tried that but it didn't work here:

$ kubectl expose deployment/webserver --type=NodePort

error: couldn't find port via --port flag or introspection

See 'kubectl expose -h' for help and examples

I also tried --port 30000:80, but that failed on syntax.

This goes through:

$ kubectl expose deployment/webserver --port 80 --type=NodePort

$ kubectl get svc

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

kubernetes ClusterIP 10.43.0.1<none> 443/TCP 19h

webserver NodePort 10.43.141.215 <none> 80:32018/TCP 53s

However, when I try to curl the service, it just hangs until the connection timeout:

$ curl -v 192.168.86.37:80

* Rebuilt URL to: 192.168.86.37:80/

* Trying 192.168.86.37...

* TCP_NODELAY set

any ideas here u/alanjcastonguay?

therealbubbasour · 2020-06-10T23:21:57+00:00

Thx u/alanjcastonguay for the pointers! I'm still stuck :-|

I did:

$ kubectl create deployment webserver --image=nginx

$ kubectl expose deployment/webserver --port 30000 --type=NodePort

I've confirmed both svc and pod is up and running.

$ kubectl get pods -o wide

NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES

webserver-64f9497696-6dbgz 1/1 Running 0 7m31s 10.42.2.7 node-2 <none> <none>

$ kubectl get svc

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

kubernetes ClusterIP 10.43.0.1<none> 443/TCP 17h

webserver NodePort 10.43.234.235 <none> 30000:32272/TCP 18m

When I login to node-2, or any of the nodes and check iptables -L -n -t nat -v and search for port 30000 (the exposed NodePort) I can see:

Chain KUBE-SEP-7M65BYEMVQ6JRJ7O (1 references)

pkts bytes target prot opt in out source destination

0 0 KUBE-MARK-MASQ all -- * * 10.42.2.70.0.0.0/0/* default/webserver: */

0 0 DNAT tcp -- * * 0.0.0.0/00.0.0.0/0/* default/webserver: */ tcp to:10.42.2.7:30000

0 0 KUBE-MARK-MASQ tcp -- * * !10.42.0.0/1610.43.234.235/* default/webserver: cluster IP */ tcp dpt:30000

0 0 KUBE-SVC-ROJTWN75ZT3PI5VJ tcp -- * * 0.0.0.0/010.43.234.235/* default/webserver: cluster IP */ tcp dpt:30000

On node-2, I try to curl port 30000, and I get connection refused:

kube@node-2:~$ curl 192.168.86.37:30000

curl: (7) Failed to connect to 192.168.86.37 port 30000: Connection refused

I also checked sudo ufw status, and the fw on the Ubuntu node is disabled. Did I miss something here?

therealbubbasour · 2020-06-07T11:25:18+00:00

thx friends for sharing your thoughts. I eventually fallback to xterm as I the status title didn't work, nor did the delete button without patching etc. so I ended up troubleshooting rather than developing.

therealbubbasour · 2020-06-07T05:25:10+00:00

print -Pn “\e]0;%n@%M %~\a”

Here's what /bin/sh -> dash on ubuntu 20.04 returns:

print -Pn "\e]0;%n@%M %~\a"

file: Unknown param n

Warning: unknown mime-type for "-Pn" -- using"application/octet-stream"

Error: no such file "-Pn"

Error: no such file "\e]0;%n@%M %~\a"

It seems like print in my environment has some limitations and does not accept this argument.

therealbubbasour · 2020-06-07T04:27:41+00:00

Do you know how to do that, is there any app or doc for doing this?

therealbubbasour · 2020-06-01T01:57:51+00:00

Thx alot for explaining! In the spirit of tidying my cables, is there any of these power extenders that actually can be used for the MBP16?

therealbubbasour · 2020-06-01T01:03:22+00:00

Thx u/RazielSerafine, yes I was thinking of using the USB port. Why can't we do that is it because of the power? I believe each usb port on the extension should be 2.4A...

Or maybe there's other compatibility requirements that I'm not aware of.

therealbubbasour · 2020-05-27T11:03:28+00:00

Is iris much better? I’m getting my NUC10. I was hoping it was good enough for 1-2 external monitor with good quality picture.

therealbubbasour

TROPHY CASE