I already wrote about deploying Hugo websites to the shared hosting by using Travis CI. GitHub Pages support HTTPS for custom domains from May 2018, so now it’s worth to have a look at this topic again.

This blogpost describes the setup of deploying Hugo with Travis CI to the GitHub Pages.

Read more →

In my new job I had to deploy a new OpenStack environment. It was about 5 years ago when I did last time anything related to the OpenStack infrastructure deployment. Unused knowledge vanishes pretty fast, besides that OpenStack is developing. So I had to refresh a lot of things and even to build knowledge from scratch in some areas.

From my point of view OpenStack networking is one of the most complicated parts if you want to do it right. This series of posts aims to give a brief introduction to this topic. It will cover following setup:

  • usage of common IP network as a transport network for overlay networks (virtualised networks of VMs)
  • usage of Open vSwitch as technology for overlay networks and connectivity of VMs cross over different hypervisors
  • usage of VXLAN for tunnelling of overlay network communication between different nodes
  • dedicated control node, where all OpenStack API services are running
  • dedicated network node, where L3 agent, metadata agent and dhcp agents are running
  • examples are done on the RHEL/CentOS 7 Linux distribution

OpenStack uses Open vSwitch and VXLAN heavily in this setup, so I start first with introduction to Open vSwitch and VXLAN in this post. OpenStack networking architecture and implementation will be covered in the further posts.

Read more →

Synology released a stable version of Virtual Machine Manager extension for DSM OS, which runs on the Synology NAS boxes. This extension uses KVM/QEMU and allows execution of VMs on the Synology boxes.

Obviously you can install VMs each time using an iso image and installer. However, if you would like to use this feature for some Linux playgrounds (or maybe you want to deploy many VMs?) you would probably like to create a prepared VM template and create new VMs using this template. This blog post covers exactly this case: creation of CentOS template, which can be used for fast and easy deployment of further VMs on the Synology. Image templates with Ubuntu or other Linux distributions can be prepared on the similar way.

Read more →

In my old blog with octopress I used the tag cloud plugin with logarithmic distribution for calculation of tag sizes. The rendered tag cloud was pretty nice from the optic side. All existing approaches I saw for hugo(1, 2) were not so nice, the main reason is the usage of logarithmic distribution in the calculation of tag size.

Read more →

GitHub Pages are quite popular for hosting static sites built by site generators. However, GitHub Pages have some limitations:

  • no SSL/TLS for custom domains
  • proper support of Jekyll sites only

One possible alternative is to use GitLab Pages, which does not have this limitations. Another possible alternative is to use Travis CI and deploy the site to some shared www hosting. Hetzner offers some good plans, they also include a free-of-charge SSL certificate.

This blogpost describes how to deploy a static site hosted on GitHub, built with Hugo and Travis CI and deployed via FTPS to Hetzner www space.

Read more →

Test Kitchen is a common tool for integration testing of Chef cookbooks. Usually a combination of Vagrant&VirtualBox is used to bring up the VMs. This works well for local development setups, but what about Continuous Integration environments? You can find several approaches how cookbooks can be tested in the CI:

Well, but what about the case you want to use Vagrant&VirtualBox in the CI too? There are some reasons for this approach:

  • Maybe you can not use public cloud providers for some reasons and do not have your own on-premise cloud like OpenStack
  • Maybe you want to use the same setup/technologies in the CI and locally as you want be able to easy reproduce errors and problems

GitLab is quite often used in the enterprise environments, where restrictions on the public cloud usage may apply. GitLab has its own GitLab CI, which can be easily used for cookbook testing.

This post covers a basic GitLab CI setup with Test Kitchen and Vagrant&VirtualBox as backend.

Read more →

Maybe you are also playing aroung with IPv6 and want to setup IPv6 only network and asking yourself how to reach the IPv4 Internet? Right, with DNS64 and NAT64. This blog post gives an overview about a such setup on CentOS/RHEL 7 with bind and tayga.

Read more →

I have a non-flat network with subnetworks at home and I wanted to enable IPv6 in dual stack mode for the desktop systems. This blog post describes this setup and configuration for:

  • MikroTik CRS125-24G-1S-IN layer 3 switch as switch/router for internal networks (RouterOS 6.36.4)
  • AVM FritzBox 7390 as internet router (FRITZ!OS 06.51)
  • DT as ISP with native IPv6 in dual stack mode and dynamic IPv6 prefixes

Read more →

Chef has different execution phases. Especially the compile and converge phase are important when writing cookbooks: the resources are collected in the compile phase and are executed in the converge phase.

In some special cases you might want to have dynamic resources, which are created and executed in the converge phase. The main background is that you want to react on something you known in the execution phase only.

Given a situation where you want to cleanup configuration files, which get installed by some package during a chef run (real examples might be apache on debian or freeradius on RHEL). You can try to solve this situation like this:

package 'freeradius'

# Our module configuration
template '/etc/raddb/mods-available/eap-tls' do
...
end

Dir.glob('/etc/raddb/mods-available/*').each do |mod_path|
  file_name = File.basename(mod_path)
  next if file_name == 'eap-tls'

  file mod_path do
    action :delete
  end
end

However this will not work: you try to glob over /etc/raddb/mods-available in the compile phase, but this path doesn’t exist as freeradius gets installed in the converge phase.

Read more →

Inspec is a modern framework for infrastructure testing. It can be used as replacement for Serverspec.

Usually the inspec tests are describing a particial resource:

describe file('/etc/passwd') do
  its('mode') { should cmp '0644' }
end

However in some case it might be useful to use the common RSpec style with nested describe-context-it statements.

Read more →