Feb 12, 2021
Technology无线接入点配置
1. 基本配置
树莓派4B 8G版本,刷入了Ubuntu 20.04.2 arm64版本:
ubuntu@rpi1:~$ cat /etc/issue
Ubuntu 20.04.2 LTS \n \l
ubuntu@rpi1:~$ uname -a
Linux rpi1 5.4.0-1028-raspi #31-Ubuntu SMP PREEMPT Wed Jan 20 11:30:45 UTC 2021 aarch64 aarch64 aarch64 GNU/Linux
2. 网络配置
默认Ubuntu20.04采用netplan作为网络配置方式,一般情况下满足网络配置需求,然而在配置无线接入点的时候,需要固定wlan0 IP地址的情况下,netplan配置就不能成功,因为它在配置wlan0 固定IP地址时需要配置ssid。因而我们采用传统的ifupdown作为网络配置手段:
关闭netplan配置:
# mv /etc/netplan/50-cloud-init.yaml /root
安装必要的软件:
# apt-get install -y resolvconf netctl ifupdown hostapd dnsmasq
配置网络:
# vim /etc/network/interfaces
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto wlan0
iface wlan0 inet static
address 10.0.70.1
netmask 255.255.255.0
# chmod 777 /etc/network/interfaces
现在重新启动树莓派,发现eth0配置成功,然而wlan0尚未配置, 我们通过在crontab中配置定时任务的方法来配置wlan0:
# crontab -e
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
@reboot sleep 120 && /usr/bin/systemctl restart networking
使能crontab:
# systemctl enable cron
3. hostapd配置
配置hostapd(/etc/hostapd/hostapd.conf):
# the interface used by the AP
interface=wlan0
driver=nl80211
# "g" simply means 2.4GHz band
hw_mode=g
# the channel to use
channel=10
# limit the frequencies used to those allowed in the country
ieee80211d=1
# the country code
country_code=CN
# 802.11n support
ieee80211n=1
# QoS support
wmm_enabled=1
# the name of the AP
ssid=rpiwifi
macaddr_acl=0
# 1=wpa, 2=wep, 3=both
auth_algs=1
ignore_broadcast_ssid=0
# WPA2 only
wpa=2
wpa_passphrase=xxxxxxxxxxxxx
wpa_key_mgmt=WPA-PSK
#wpa_pairwise=TKIP
rsn_pairwise=CCMP
编辑文件/etc/default/hostapd, 更改含有DAEMON_CONF的行为: DAEMON_CONF="/etc/hostapd/hostapd.conf".
然而此时hostapd在启动以后并不会重新启动,我们需要在crontab中添加其自动启动.
# crontab -e
@reboot sleep 120 && /usr/bin/systemctl restart networking && systemctl restart hostapd
4. IP地址配置
此时hostapd无法给客户端配置IP地址,为此我们需要配置dnsmasq(/etc/dnsmasq.conf):
#配置监听地址
listen-address=127.0.0.1,10.0.70.1
#配置DHCP分配段
dhcp-range=10.0.70.50,10.0.70.150,12h
dhcp-option=3,10.0.70.1
5. iptables配置
编辑/etc/sysctl.conf并取消这一行的注释:
net.ipv4.ip_forward=1
为eth0出站流量添加伪装:
# sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
我们调节crontab为:
@reboot sleep 30 && /usr/bin/systemctl restart networking && systemctl restart hostapd && /usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
到现在为止,我们应该可以配置出了一个随时可以访问internet的rpi接入点。
后续需要注意点
以该rpi为接入点,接入到某个网络中,然而该网络中的Internet是通过另台rpi的WIFI所共享的。
另台RPI上的无线连接通过wifi-menu来配置:
# apt-get install -y netctl
Feb 5, 2021
TechnologyFlashing
Flash with following os:
root@ubuntu:/home/ubuntu# uname -a
Linux ubuntu 5.4.0-1028-raspi #31-Ubuntu SMP PREEMPT Wed Jan 20 11:30:45 UTC 2021 aarch64 aarch64 aarch64 GNU/Linux
root@ubuntu:/home/ubuntu# cat /etc/issue
Ubuntu 20.04.2 LTS \n \l
Disable auto update:
# systemctl stop apt-daily.timer;systemctl disable apt-daily.timer ; systemctl stop apt-daily-upgrade.timer ; systemctl disable apt-daily-upgrade.timer; systemctl stop apt-daily.service; systemctl mask apt-daily.service; systemctl daemon-reload
Configure hostname:
# hostnamectl set-hostname rpi1
# hostnamectl set-hostname rpi2
Configure cn repository:
# vim /etc/apt/sources.list
deb http://mirrors.ustc.edu.cn/ubuntu-ports/ focal main restricted universe multiverse
# deb-src http://mirrors.ustc.edu.cn/ubuntu-ports/ focal main main restricted universe multiverse
deb http://mirrors.ustc.edu.cn/ubuntu-ports/ focal-updates main restricted universe multiverse
# deb-src http://mirrors.ustc.edu.cn/ubuntu-ports/ focal-updates main restricted universe multiverse
deb http://mirrors.ustc.edu.cn/ubuntu-ports/ focal-backports main restricted universe multiverse
# deb-src http://mirrors.ustc.edu.cn/ubuntu-ports/ focal-backports main restricted universe multiverse
deb http://mirrors.ustc.edu.cn/ubuntu-ports/ focal-security main restricted universe multiverse
# deb-src http://mirrors.ustc.edu.cn/ubuntu-ports/ focal-security main restricted universe multiverse
# apt-get update -y
Install some packages:
# apt-get install -y net-tools virt-manager lxde tightvncserver sshpass ssh-askpass
# usermode -a -G kvm,libvirt ubuntu
Configure vnc
# vncserver
# vim ~/.vnc/xstartup
#!/bin/sh
exec startlxde
# vncserver -kill :1
# vncserver
In vnc we could use virt-manager.
Install new os:
Feb 3, 2021
TechnologyVia following tips we could quickly run apps in k8s:
# kubectl create deployment xxxx --image=xxxx:16.04 -- sleep 3000
# kubectl get deployment
# kubectl get deployment xxxx -oyaml --export>kkk.yaml
# vim kkk.yaml
command: ["sleep"]
args: ["3600000"]
# kubectl delete -f kkk.yaml
# kubectl create -f kkk.yaml
# kubectl scale deployment xxxx -replicas=4
Jan 25, 2021
Technology项目中有时需要对DEB包做些许修改,譬如,在离线场景下某些DEB包的postinst中有需要用在线方式下载可执行文件的情况,这种情况下可以借助dpkg-deb的解包/压缩命令来临时修改出一个含有所有离线文件的包,举opennebula-node-firecracker的包为例说明。
opennebula-node-firecracker是用于在opennebula上运行轻量级VM firecracker的包,在线安装时它需要从github上拉取相应版本的firecracker及 jailer可执行文件,这让它在离线场景下无法安装成功。同时,因为它默认作为runtime的一种,其配置文件与opennebula-node-kvm里的某些配置文件相同,导致安装时无法继续,我们可以通过如下的方式修改此包,让其适配离线化安装。
准备
在线场景下下载该包,并拷贝到工作目录, 解压:
# cp /var/cache/apt/archives/opennebula-node-firecracker_5.12.0.3-1.ce_amd64.deb .
# mkdir tmp
# dpkg-deb -R opennebula-node-firecracker_5.12.0.3-1.ce_amd64.deb tmp/
主要目录结构如下:
├── DEBIAN
│ ├── conffiles
│ ├── control
│ ├── md5sums
│ ├── postinst
│ └── postrm
├── etc
│ ├── cron.d
│ │ └── opennebula-node
│ ├── sudoers.d
│ │ └── opennebula-node-firecracker
│ └── sysctl.d
│ └── bridge-nf-call.conf
├── srv
│ └── jailer
│ └── firecracker
└── usr
├── bin
│ └── svncterm_server
├── sbin
│ ├── install-firecracker
│ ├── one-clean-firecracker-domain
│ └── one-prepare-firecracker-domain
└── share
└── doc
└── opennebula-node-firecracker
├── changelog.Debian.gz
├── copyright
└── NEWS.Debian.gz
我们需要修改的要点如下:
1. DEBIAN/conffiles, 含有此包需写入的配置文件。
2. DEBIAN/md5sums, 含有可执行文件的md5校验码。
3. DEBIAN/postinst, 包安装完成后需执行的脚本。
4. etc/ 下是包安装后在主机上需添加的配置文件。
5. usr/bin, usr/sbin,主机上需拷入的可执行文件。
修改
观察DEBIAN/postinst中含有以下条目:
# cat DEBIAN/postinst
#!/bin/sh
set -e
ONE_USER=oneadmin
if [ "$1" = "configure" ]; then
# Install Firecracker + jailer
/usr/sbin/install-firecracker
打开install-firecracker文件后观察其下载脚本为:
# cat usr/sbin/install-firecracker
#!/bin/sh
....
# Download version version of Firecracker
curl -LOJ https://github.com/firecracker-microvm/firecracker/releases/download/${version}/firecracker-${version}-$(uname -m)
mv firecracker-${version}-$(uname -m) /usr/bin/firecracker
chmod +x /usr/bin/firecracker
# Download version version of jailer
curl -LOJ https://github.com/firecracker-microvm/firecracker/releases/download/${version}/jailer-${version}-$(uname -m)
mv jailer-${version}-$(uname -m) /usr/bin/jailer
chmod +x /usr/bin/jailer
这里我们直接干掉所有的curl及mv脚本,把预先下载好的firecracker/jailer文件拷贝到安装目录即可。
# tree ../tmp/usr
../tmp/usr
├── bin
+++ │ ├── firecracker
+++ │ ├── jailer
│ └── svncterm_server
├── sbin
│ ├── install-firecracker
.....
此外需要修改md5sums及干掉etc下重复的配置文件。而后压缩包。
压缩包
一条命令:
# dpkg-deb -b tmp opennebula-node-firecracker_5.12.0.3-1.ce_fixed_amd64.deb
检查新生成包的大小:
# ls -l -h *.deb
-rw-r--r-- 1 root root 24K Jan 25 09:06 opennebula-node-firecracker_5.12.0.3-1.ce_amd64.deb
-rw-r--r-- 1 root root 1.2M Jan 25 09:11 opennebula-node-firecracker_5.12.0.3-1.ce_fixed_amd64.deb
使用fixed后的包安装,此时可忽略internet下载过程,且解决了包安装时的冲突问题。
Jan 21, 2021
TechnologyX86 version kubeadm building process:
# docker run -it ubuntu:18.04 /bin/bash
# cat /etc/issue
Ubuntu 18.04.5 LTS \n \l
# apt-get update -y
# apt-get install -y wget unzip vim build-essential rsync
# wget https://github.com/kubernetes/kubernetes/archive/v1.19.7.zip
# wget https://golang.org/dl/go1.15.7.linux-amd64.tar.gz
# tar -C /usr/local -xzf go1.15.7.linux-amd64.tar.gz
# export PATH=$PATH:/usr/local/go/bin
# go version
go version go1.15.7 linux/amd64
# cd kubernetes-v1.19.7
# vim cmd/kubeadm/app/constants/constants.go
CertificateValidity = time.Hour * 24 * 365 * 100
# vim vendor/k8s.io/client-go/util/cert/cert.go
func NewSelfSignedCACert
NotAfter: now.Add(duration365d * 100).UTC(),
func GenerateSelfSignedCertKeyWithFixtures
maxAge := 100 * time.Hour * 24 * 365
# make all WHAT=cmd/kubeadm
# _output/bin/kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.7", GitCommit:"1dd5338295409edcfff11505e7bb246f0d325d15", GitTreeState:"archive", BuildDate:"2021-01-21T07:15:36Z", GoVersion:"go1.15.7", Compiler:"gc", Platform:"linux/amd64"}
# cp _output/bin/kubeadm ..
Arm64 version kubeadm building process:
Edit files and make changes:
# vim hack/make-rules/cross.sh
make all WHAT="${KUBE_SERVER_TARGETS[*]}" KUBE_BUILD_PLATFORMS="${KUBE_SERVER_PLATFORMS[*]}"
#make all WHAT="${KUBE_NODE_TARGETS[*]}" KUBE_BUILD_PLATFORMS="${KUBE_NODE_PLATFORMS[*]}"
#
#make all WHAT="${KUBE_CLIENT_TARGETS[*]}" KUBE_BUILD_PLATFORMS="${KUBE_CLIENT_PLATFORMS[*]}"
#
#make all WHAT="${KUBE_TEST_TARGETS[*]}" KUBE_BUILD_PLATFORMS="${KUBE_TEST_PLATFORMS[*]}"
#
#make all WHAT="${KUBE_TEST_SERVER_TARGETS[*]}" KUBE_BUILD_PLATFORMS="${KUBE_TEST_SERVER_PLATFORMS[*]}"
# vim hack/lib/golang.sh
readonly KUBE_SUPPORTED_SERVER_PLATFORMS=(
# linux/amd64
# linux/arm
linux/arm64
# linux/s390x
# linux/ppc64le
)
//.............
kube::golang::server_targets() {
local targets=(
# cmd/kube-proxy
# cmd/kube-apiserver
# cmd/kube-controller-manager
# cmd/kubelet
cmd/kubeadm
# cmd/kube-scheduler
# vendor/k8s.io/apiextensions-apiserver
# cluster/gce/gci/mounter
)
Build:
# make cross
v1.20.7 update
Have to change go version to v1.17 for building, also notice the memory usage.
apt-get update -y && apt-get install -y wget unzip vim build-essential rsync
wget https://github.com/kubernetes/kubernetes/archive/v1.20.7.zip
wget https://golang.org/dl/go1.17.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.17.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin
go version
unzip v1.20.7.zip
cd kubernetes-1.20.7/
vim cmd/kubeadm/app/constants/constants.go
vim vendor/k8s.io/client-go/util/cert/cert.go
make all WHAT=cmd/kubeadm
cp _output/bin/kubeadm ..
