|
|
(Není zobrazeno 19 mezilehlých verzí od stejného uživatele.) |
Řádka 1: |
Řádka 1: |
− | ==Linux== | + | == Rozložení == |
− | Basic setting pro server
| + | * [[ Linux ]] |
− | sudo apt install htop mc ssh sudo wget curl net-tools open-vm-tools
| + | :- Basic stuff (Užitečný balíčky) |
− | | + | :- Swap & pip3 |
− | Zabezpečení server
| + | :- ZSH, Neovim/NvChad, NNN |
− | https://wiki.mikrotik.com/wiki/Use_Mikrotik_as_Fail2ban_firewall
| + | * [[ MariaDB ]] |
− | sudo apt install clamav clamav-freshclam clamav-daemon ufw
| + | :- Basic commands |
− | | + | * [[ Docker ]] |
− | Cli užitečný příkazy
| + | :- Instalace |
− | sudo apt install fzf ncdu dos2unix
| + | :- Konfigurace socketu |
− | | + | * [[ Nomad ]] |
− | sudo swapoff -a; sudo swapon -a
| + | :- Instalace |
− | | + | :- Konfigurace HCL souboru |
− | sudo apt install python3-pip
| + | * [[ Kubernetes ]] | [[ Kubernetes | K3S ]] |
− | | + | :- Instalace |
− | | + | :- Dashboard |
− | == Docker ==
| + | :- Konfigurace |
− | Nastavení depositáře
| + | :- [[ WebServer | Trafiek a Ngninx]] |
− | sudo apt update
| |
− | sudo apt install ca-certificates curl gnupg
| |
− | | |
− | sudo install -m 0755 -d /etc/apt/keyrings
| |
− | curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
| |
− | sudo chmod a+r /etc/apt/keyrings/docker.gpg
| |
− | | |
− | echo \
| |
− | "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
| |
− | "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
| |
− | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
| |
− | ---- | |
− | Nainstalování dockeru bez compose
| |
− | sudo apt update
| |
− | sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin
| |
− | ----
| |
− | Override system pro otevření socketu ven
| |
− | sudo mkdir /etc/systemd/system/docker.service.d
| |
− | touch /etc/systemd/system/docker.service.d/override.conf
| |
− | | |
− | | |
− | ''/etc/systemd/system/docker.service.d/override.conf''
| |
− | [Service]
| |
− | ExecStart=
| |
− | ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://IP_ADRESA:2735 --ipv6=false --tls=false
| |
− | | |
− | Restartování docker service
| |
− | systemctl restart docker.socket
| |
− | | |
− | pozn - zkusit upravit cofig
| |
− | | |
− | ==Nomad==
| |
− | Instalace | |
− | sudo apt-get update && \ sudo apt-get install wget gpg coreutils
| |
− | wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
| |
− | sudo apt-get update && sudo apt-get install nomad
| |
− | | |
− | Cli pluginy
| |
− | curl -L -o cni-plugins.tgz https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-arm64-v1.2.0.tgz
| |
− | sudo mkdir -p /opt/cni/bin
| |
− | sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
| |
− | | |
− | Config
| |
− | mkdir /var/log/nomad
| |
− | | |
− | # Full configuration options can be found at https://www.nomadproject.io/docs/configuration
| |
− |
| |
− | bind_addr = "0.0.0.0"
| |
− | data_dir = "/opt/nomad/data"
| |
− | datacenter = "test"
| |
− |
| |
− | enable_syslog = true
| |
− | log_level = "INFO"
| |
− | log_file = "/var/log/nomad/"
| |
− |
| |
− | advertise {
| |
− | http = "{{GetInterfaceIP \"ens192\"}}"
| |
− | rpc = "{{GetInterfaceIP \"ens192\"}}"
| |
− | serf = "{{GetInterfaceIP \"ens192\"}}"
| |
− | }
| |
− |
| |
− | server {
| |
− | enabled = true
| |
− | bootstrap_expect = 2
| |
− | server_join {
| |
− | retry_join = [ "test7.server", "test5.server" ]
| |
− | retry_interval = "15s"
| |
− | }
| |
− | }
| |
− |
| |
− | client {
| |
− | enabled = true
| |
− | servers = [ "localhost" ]
| |
− | cni_path = "/opt/cni/bin"
| |
− | }
| |
− |
| |
− | plugin "raw_exec" {
| |
− | config {
| |
− | enabled = true
| |
− | }
| |
− | }
| |
− |
| |
− | plugin "docker" {
| |
− | config {
| |
− | gc {
| |
− | dangling_containers {
| |
− | enabled = false
| |
− | }
| |
− | }
| |
− | }
| |
− | }
| |
− | | |
− | systemctl nomad
| |
− | systemctl enable nomad
| |