Started on Traefik section, added Patreon

docs/ha-docker-swarm/docker-swarm-mode.md

@@ -0,0 +1,11 @@
+# Introduction
+
+
+
+````
+mkdir ~/dockersock
+cd ~/dockersock
+curl -O https://raw.githubusercontent.com/dpw/selinux-dockersock/master/Makefile
+curl -O https://raw.githubusercontent.com/dpw/selinux-dockersock/master/dockersock.te
+make && semodule -i dockersock.pp
+````

docs/ha-docker-swarm/shared-storage.md

@@ -121,7 +121,7 @@ From one other host, run ```docker exec -it glusterfs-server bash``` to shell in
 
 ### Mount gluster volume
 
-On the host (i.e., outside of the container - type ```exit``` if you're still shelled in), create a mountpoint for the data, by running ```mkdir /var/data```, and add an entry to fstab to ensure the volume is auto-mounted on boot:
+On the host (i.e., outside of the container - type ```exit``` if you're still shelled in), create a mountpoint for the data, by running ```mkdir /var/data```, add an entry to fstab to ensure the volume is auto-mounted on boot, and ensure the volume is actually _mounted_ if there's a network / boot delay getting access to the gluster volume:
 
 ```
 mkdir /var/data
@@ -130,6 +130,9 @@ echo '' >> /etc/fstab >> /etc/fstab
 echo '# Mount glusterfs volume' >> /etc/fstab
 echo "$MYHOST:/gv0                /var/data      glusterfs       defaults,_netdev,context="system_u:object_r:svirt_sandbox_file_t:s0"  0  0"  >> /etc/fstab
 mount -a
+echo -e "\n\n# Give GlusterFS 10s to start before \
+mounting\nsleep 10s && mount -a" >> /etc/rc.local
+systemctl enable rc-local.service
 ```
 
 For non-gluster nodes, you'll need to replace $MYHOST above with the name of one of the gluster hosts (I haven't worked out how to make this fully HA yet)

docs/ha-docker-swarm/traefik.md

@@ -1,3 +1,20 @@
+# Introduction
+
+The platforms we plan to run on our cloud are generally web-based, and each listening on their own unique TCP port. When a container in a swarm exposes a port, then connecting to **any** swarm member on that port will result in your request being forwarded to the appropriate host running the container. (_Docker calls this the swarm "[routing mesh](https://docs.docker.com/engine/swarm/ingress/)"_)
+
+So we get a rudimentary load balancer built into swarm. We could stop there, just exposing a series of ports on our hosts, and making them HA using keepalived.
+
+There are some gaps to this approach though:
+
+- No consideration is given to HTTPS. Implementation would have to be done manually, per-container.
+- No mechanism is provided for authentication outside of that which the container providers. We may not **want** to expose every interface on every container to the world, especially if we are playing with tools or containers whose quality and origin are unknown.
+
+To deal with these gaps, we need a front-end load-balancer, and in this design, that role is provided by [Traefik](https://traefik.io/).
+
+## Prepare the host
+
+
+
 ````
 mkdir ~/dockersock
 cd ~/dockersock

docs/index.md

@@ -32,11 +32,11 @@ No, seriously (_but yes, I do want your money - see below_), If the above applie
 
 ### Buy my book 📖
 
-I'm also writing it as a formal book, on Leanpub (https://leanpub.com/geeks-cookbook). While it's in draft, you can get it for free (in PDF, mobi, or epub format), or you can pay me what you think it's worth.
+I'm also writing it as a formal book, on Leanpub (https://leanpub.com/geeks-cookbook). Buy it for $0.99 (which is really just a token gesture of support) - you can get it for free (in PDF, mobi, or epub format), or pay me what you think it's worth.
 
 ### Patreonize me 💰
 
-Apparently there's this thing called "Patreon". I still need to set it up though. Ping me if you want to "Patreonize" me.
+<a href="https://www.patreon.com/bePatron?u=6982506" data-patreon-widget-type="become-patron-button">Become a Patron!</a><script async src="https://c6.patreon.com/becomePatronButton.bundle.js"></script>
 
 ### Hire me 🏢