Skip to content

Commit

Permalink
Merge pull request #213 from sachajw/main
Browse files Browse the repository at this point in the history 
How to bake an Ortelius Pi Part 8 | OS Upgrades, Microk8s Upgrades and Adding Worker Nodes
  • Loading branch information
@sbtaylor15
sbtaylor15 authored Oct 24, 2024
2 parents e62522d + 8e7b9cc commit 5ea8114
Show file tree
Hide file tree
Showing 9 changed files with 450 additions and 29 deletions.
35 changes: 21 additions & 14 deletions content/en/blog/contributors/how-to-bake-an-ortelius-pi-part01.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ Use this [article](https://www.tomshardware.com/best-picks/raspberry-pi-microsd-

- 3X 32GB Samsung Evo+ microSD Card (UHS-II: theoretical maximum transfer speeds up to 312MB/s)

<strong>or</strong>
**OR**

- 3X 32GB USB 3 flash drives but this comes with some caveats performance wise which I will discuss further on

Expand Down Expand Up @@ -144,21 +144,24 @@ usb-storage.quirks=05dc:a838:u cgroup_enable=memory cgroup_memory=1 console=seri
<p></p>
<br>

<strong>Choose:</strong> `Raspberry Pi4 models B, 400 and Compute Modules 4, 4s`
**Choose** `Raspberry Pi4 models B, 400 and Compute Modules 4, 4s`

<div class="col-left">
<img src="/images/how-to-bake-an-ortelius-pi/part01/01-choose-device.png" alt="raspberry-pi-4b" height="300px" width="650px" />
</div>
<p></p>
<br>

<strong>Choose:</strong> `Other general-purpose OS`
**Choose** `Other general-purpose OS`

<div class="col-left">
<img src="/images/how-to-bake-an-ortelius-pi/part01/02-choose-other-general-purpose-os.png" alt="raspberry-pi-4b" height="300px" width="650px" />
</div>
<p></p>
<br>

<strong>Choose:</strong> `Ubuntu`
**Choose** `Ubuntu`

<div class="col-left">
<img src="/images/how-to-bake-an-ortelius-pi/part01/03-choose-ubuntu.png" alt="raspberry-pi-4b" height="300px" width="650px" />
</div>
Expand Down Expand Up @@ -194,7 +197,7 @@ Use OS Customization by clicking: `EDIT SETTINGS`

Fill in the required info according to your specifications.

Remember to change the: `HOSTNAMES` `pi01` | `pi02` | `pi03`
Remember to change the `HOSTNAMES` `pi01` | `pi02` | `pi03` before each installation of Ubuntu on the SD Card

(You can use whatever hostnames make sense to you)

Expand All @@ -204,6 +207,7 @@ Remember to change the: `HOSTNAMES` `pi01` | `pi02` | `pi03`
<div class="col-left">
<img src="/images/how-to-bake-an-ortelius-pi/part01/08-general-settings.png" alt="raspberry-pi-4b" height="300px" width="650px" />
</div>

<p></p>
<br>
<div class="col-left">
Expand All @@ -221,8 +225,7 @@ ssh-keygen -t ed25519 -C "i-love-aliens@ortelius.com" -f pi8s
```

- Then you will end up with two files, one being the `private key` which you never ever share and the other will be the `public key`
- Copy and paste all the scrambled numbers and text from the `public key` each time on the line under `Allow public-key authentication only` for each Pi
- This will allow SSH without a password onto each Pi like this `ssh -i ~/.ssh/<your private key name> <your pi username@<your private ip or domain name> | ssh -i ~/.ssh/pi8s ortelius@pi01.pangarabbit.com`
- Copy and paste the `public key` before each installation of Ubuntu to `Allow public-key authentication only` for each Pi
- Then add this config to `.ssh/config`

```shell
Expand All @@ -245,35 +248,39 @@ Host pi03.yourdomain.com
User <your user>
```

- You can also reference this document from [GitHub](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) for an alternative explanation
- This will allow SSH without a password onto each Pi like this `ssh -i ~/.ssh/<your private key name> <your pi username@<your private ip or domain name>` for example `ssh -i ~/.ssh/pis ortelius@pi01.pangarabbit.com`

- You can also reference this document from [Github](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) for an alternative explanation

**Check** the boxes specific to your needs.

<strong>Check:</strong> `all boxes specific to your needs.`
<p></p>
<div class="col-left">
<img src="/images/how-to-bake-an-ortelius-pi/part01/10-options.png" alt="raspberry-pi-4b" height="300px" width="650px" />
</div>
<p></p>
<br>

<strong>Click:</strong> `YES to apply the OS customisation settings`
**Click** `YES` to apply the OS customisation settings

<p></p>
<div class="col-left">
<img src="/images/how-to-bake-an-ortelius-pi/part01/11-use-os-customisation-yes.png" alt="raspberry-pi-4b" height="300px" width="650px" />
</div>
<p></p>
<br>

<strong>Rinse and repeat for each SD Card or USB flash stick. </strong>
<p></p>
<br>
**Rinse and repeat for each SD Card or USB flash stick.**

- If all went well you should have 3 Pi 4B's with Ubuntu installed
### Conclusion
By this stage you should have three Pi 4 B's running with Ubuntu 22.04.4 LTS each configured for SSH with a password or preferably a SSH private key and public key. Stay tuned for part 2 where we will dive into DHCP, NextDNS, NFS and install MicroK8s.

### Next Steps

[How to Bake on Ortelius Pi | Part 2 | The Preparation](https://ortelius.io/blog/2024/04/05/how-to-bake-an-ortelius-pi-part-2-the-preparation/)
[How to Bake on Ortelius Pi | Part 2 | The Preparation](https://ortelius.io/blog/2024/04/11/how-to-bake-an-ortelius-pi-part-2-the-preparation/)

{{< blocks/section color=white >}}

Expand Down
4 changes: 2 additions & 2 deletions content/en/blog/contributors/how-to-bake-an-ortelius-pi-part03.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4473,9 +4473,9 @@ You should now be able to reach the Ortelius frontend in your browser using the
</div>
<p></p>

### Conclusion
**FYI make sure you backup your persistent volumes on the NFS server**

***FYI make sure you backup your persistent volumes on the NFS server***.
### Conclusion

By this stage you should have three Pi's each with MicroK8s, NFS CSI Driver, Cert Manager, Traefik, Ortelius and a NFS server up and running with Gimlet as the UI to Fluxcd which is all part of the management of our GitOps environment. Stay tuned for Part 4 where we unleash Cloudflare, LetsEncrypt with Traefik for automatic certificate renewal to provide secure services behind a single entrypoint.

Expand Down
6 changes: 3 additions & 3 deletions content/en/blog/contributors/how-to-bake-an-ortelius-pi-part04.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -352,17 +352,17 @@ All we have done now is secure the Traefik dashboard but how would we do it for
tls: true
```
### Conclusion
**FYI make sure you backup your persistent volumes on the NFS server**
***FYI make sure you backup your persistent volumes on the NFS server***.
### Conclusion
In Part 4 we configured a certificate for our domain using Cloudflare, LetsEncrypt and Traefik. From my experience the crucial configuration change for any workloads to access the frontend securely was to enable the `ingress`, `TLS` and to change the `ingressClassName` to `traefik` in the Helm Release values.

Happy alien hunting.......

### Next Steps

[How to Bake an Ortelius Pi | Part 5 | Ortelius Marries Jenkins](https://ortelius.io/blog/2024/08/10/how-to-bake-an-ortelius-pi-part-5-ortelius-marries-jenkins/)
[How to Bake an Ortelius Pi | Part 5 | Ortelius Marries Jenkins](https://ortelius.io/blog/2024/10/22/how-to-bake-an-ortelius-pi-part-5-ortelius-marries-jenkins/)

{{< blocks/section color=white >}}

Expand Down
6 changes: 3 additions & 3 deletions content/en/blog/contributors/how-to-bake-an-ortelius-pi-part05.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2568,17 +2568,17 @@ Commit message: "🛠 NEW: jenkins pod templates"
> git rev-list --no-walk 3d51ff295a43b243bd1ba65602a000b93522af9e # timeout=10
```
### Conclusion
**FYI make sure you backup your persistent volumes on the NFS server**
***FYI make sure you backup your persistent volumes on the NFS server***.
### Conclusion
Hopefully you got this far and I did not forget some crucial configuration or step along the way. If I did please ping me so I can make any fixes. This illustrates how Ortelius can be used to create a component and record SBOMs in a CI tool such as Jenkins.
Happy alien hunting.....
### Next Steps
[How to Bake an Ortelius Pi | Part 6 | Cloud Dev At Home With Localstack](https://ortelius.io/blog/2024/08/10/how-to-bake-an-ortelius-pi-part-6-cloud-dev-at-home-with-localstack/)
[How to Bake an Ortelius Pi | Part 6 | Cloud Dev At Home With Localstack](https://ortelius.io/blog/2024/09/14/how-to-bake-an-ortelius-pi-part-6-cloud-dev-at-home-with-localstack/)
{{< blocks/section color=white >}}
Expand Down
6 changes: 3 additions & 3 deletions content/en/blog/contributors/how-to-bake-an-ortelius-pi-part06.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -735,17 +735,17 @@ You can access the LocalStack portal at this URL: `https://app.localstack.cloud/
</div>
<p></p>

### Conclusion
**FYI make sure you backup your persistent volumes on the NFS server**

***FYI make sure you backup your persistent volumes on the NFS server***.
### Conclusion

You now have a local working cloud to develop against, test applications and learn safely. If I missed any steps or something needs correction please ping me so I can make any fixes. This illustrates how you can deploy LocalStack and publish the endpoint through Traefik.

Happy alien hunting.....

### Next Steps

[How to Bake an Ortelius Pi | Part 7 | Observability with Netdata](https://ortelius.io/blog/2024/08/10/how-to-bake-an-ortelius-pi-part-7-observability-with-Netdata/)
[How to Bake an Ortelius Pi | Part 7 | Observability with Netdata](https://ortelius.io/blog/2024/10/22/how-to-bake-an-ortelius-pi-part-7-observability-with-netdata/)

{{< blocks/section color=white >}}

Expand Down
9 changes: 5 additions & 4 deletions content/en/blog/contributors/how-to-bake-an-ortelius-pi-part07.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ author: Sacha Wharton
- [Kubernetes check | Netdata](#kubernetes-check--netdata)
- [How to add additional nodes in Netdata](#how-to-add-additional-nodes-in-netdata)
- [Conclusion](#conclusion)
- [Next Steps](#next-steps)

### Introduction

Expand Down Expand Up @@ -900,17 +901,17 @@ helm upgrade -f override.yml netdata netdata/netdata
</div>
<p></p>

### Conclusion
**FYI make sure you backup your persistent volumes on the NFS server**

***FYI make sure you backup your persistent volumes on the NFS server***.
### Conclusion

You now have the eye of Netdata like a micro surgeon giving you insight into your Cloud infrastructure without breaking much of a sweat. What you don't have is that fine Leopard vest I am wearing in my profile pic below. I need to remedy that. If I missed any steps or something needs correction please ping me so I can make any fixes. This illustrates how you can deploy Netdata and get all that healthy Observability goodness.

Happy alien hunting.....

<!-- ### Next Steps
### Next Steps

[How to Bake an Ortelius Pi | Part 8 | Architecture So Far](https://ortelius.io/blog/2024/08/10/how-to-bake-an-ortelius-pi-part-4-Cloudflare-Certificates-and-Traefik/) -->
[How to Bake an Ortelius Pi | Part 8 | OS Upgrades, Microk8s Upgrades and Adding Worker Nodes](https://ortelius.io/blog/2024/10/24/how-to-bake-an-ortelius-pi-part-8-os-upgrades-microk8s-upgrades-and-adding-worker-nodes)

{{< blocks/section color=white >}}

Expand Down
Loading

0 comments on commit 5ea8114

Please sign in to comment.