mirror of
https://github.com/funkypenguin/geek-cookbook/
synced 2025-12-12 17:26:19 +00:00
Refactored to include only the Docker Swarm design
This commit is contained in:
David Young
@@ -203,7 +203,7 @@ echo "$HOSTNAME:/gv0 /srv/data glusterfs defaults,_ne
|
||||
mount -a && mount
|
||||
```
|
||||
|
||||
mount -t glusterfs ds1:/gv0 /srv/data/
|
||||
mount -t glusterfs ds1:/gv0 /srv/data/
|
||||
|
||||
|
||||
on secondary
|
||||
@@ -239,8 +239,8 @@ https://github.com/dpw/selinux-dockersock
|
||||
````
|
||||
mkdir ~/dockersock
|
||||
cd ~/dockersock
|
||||
curl -O https://github.com/dpw/selinux-dockersock/raw/master/dockersock.te
|
||||
curl -O https://github.com/dpw/selinux-dockersock/raw/master/Makefile
|
||||
curl -O https://raw.githubusercontent.com/dpw/selinux-dockersock/master/Makefile
|
||||
curl -O https://raw.githubusercontent.com/dpw/selinux-dockersock/master/dockersock.te
|
||||
make && semodule -i dockersock.pp
|
||||
````
|
||||
|
||||
@@ -287,3 +287,10 @@ To this:
|
||||
}```
|
||||
|
||||
!!! note the comma after "false" above
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
docker run -d --name nfsd --restart always --privileged -v /mnt/data:/mnt/data -e SHARED_DIRECTORY=/mnt/data --network=host itsthenetwork/nfs-server-alpine:latest
|
||||
|
||||
7
docs/ha-docker-swarm/design.md
Normal file
7
docs/ha-docker-swarm/design.md
Normal file
@@ -0,0 +1,7 @@
|
||||
The "private cloud" platform is:
|
||||
|
||||
* **Highly-available** (can tolerate the failure of a single component)
|
||||
* **Scalable** (can add resource or capacity as required)
|
||||
* **Portable** (run it on your garage server today, run it in AWS tomorrow)
|
||||
* **Secure** (access protected with LetsEncrypt certificates)
|
||||
* **Automated** (requires minimal care and feeding)
|
||||
19
docs/ha-docker-swarm/docker.md
Normal file
19
docs/ha-docker-swarm/docker.md
Normal file
@@ -0,0 +1,19 @@
|
||||
# Introduction
|
||||
|
||||
We start building our cloud with virtual machines. You could use bare-metal machines as well, the configuration would be the same. Given that most readers (myself included) will be using virtual infrastructure, from now on I'll be referring strictly to VMs.
|
||||
|
||||
## Ingredients
|
||||
|
||||
3 x Virtual Machines, each with:
|
||||
* CentOS/Fedora Atomic
|
||||
* At least 1GB RAM
|
||||
* At least 20GB disk space (but it'll be tight)
|
||||
* Connectivity to each other within the same subnet, and on a low-latency link (i.e., no WAN links)
|
||||
|
||||
## Preparation
|
||||
|
||||
1. Install Virtual machines
|
||||
|
||||
* Hosts must be within the same subnet, and connected on a low-latency link (i.e., no WAN links)
|
||||
|
||||
2. Setup super-user access for your admin user, as a member of the "docker" group
|
||||
0
docs/ha-docker-swarm/index.md
Normal file
0
docs/ha-docker-swarm/index.md
Normal file
28
docs/ha-docker-swarm/vms.md
Normal file
28
docs/ha-docker-swarm/vms.md
Normal file
@@ -0,0 +1,28 @@
|
||||
# Introduction
|
||||
|
||||
We start building our cloud with virtual machines. You could use bare-metal machines as well, the configuration would be the same. Given that most readers (myself included) will be using virtual infrastructure, from now on I'll be referring strictly to VMs.
|
||||
|
||||
## Ingredients
|
||||
|
||||
3 x Virtual Machines, each with:
|
||||
* CentOS/Fedora Atomic
|
||||
* At least 1GB RAM
|
||||
* At least 20GB disk space (but it'll be tight)
|
||||
* Connectivity to each other within the same subnet, and on a low-latency link (i.e., no WAN links)
|
||||
|
||||
## Preparation
|
||||
|
||||
### Install Virtual machines
|
||||
|
||||
1. Install Virtual machines
|
||||
2. Setup super-user access for your admin user, as a member of the "docker" group
|
||||
|
||||
|
||||
I chose the "Atomic" CentOS/Fedora image because:
|
||||
|
||||
1. I want less responsibility for maintaining the system, including ensuring regular software updates and reboots. Atomic's idempotent nature means the OS is largely real-only, and updates/rollbacks are "atomic" (haha) procedures, which can be easily rolled back if required.
|
||||
2. For someone used to administrating servers individually, Atomic is a PITA. You have to employ [tricky](http://blog.oddbit.com/2015/03/10/booting-cloud-images-with-libvirt/) [tricks](https://spinningmatt.wordpress.com/2014/01/08/a-recipe-for-starting-cloud-images-with-virt-install/) to get it to install in a non-cloud environment. It's not designed for tweaking or customizing beyond what cloud-config is capable of. For my purposes, this is good, because it forces me to change my thinking - to consider every daemon as a container, and every config as code, to be checked in and version-controlled. Atomic forces this thinking on you.
|
||||
3. I want the design to be as "portable" as possible. While I run it on VPSs now, I may want to migrate it to a "cloud" provider in the future, and I'll want the most portable, reproducible design.
|
||||
|
||||
|
||||
atomic host upgrade
|
||||
@@ -1,3 +1,43 @@
|
||||
# Index
|
||||
|
||||
This book is a collection of recipies
|
||||
The "**Geek's Cookbook**" is a collection of guides for establishing your own highly-available "private cloud" [^1]. This cloud enables you to run self-hosted services such as [GitLab](gitlab), [Plex](plex), [NextCloud](nextcloud), etc.
|
||||
|
||||
[^1]: Sorry for the buzzword, I couldn't think of a better description!
|
||||
|
||||
[plex]: https://www.plex.tv/
|
||||
[gitlab]: https://gitlab.com/
|
||||
[nextcloud]: https://nextcloud.com/
|
||||
|
||||
## Who is this for?
|
||||
|
||||
You already have a familiarity with concepts such as [virtual](https://libvirt.org/) [machines](https://www.virtualbox.org/), [Docker](https://www.docker.com/) containers, [LetsEncrypt SSL certificates](https://letsencrypt.org/), databases, and command-line interfaces.
|
||||
|
||||
You've probably played with self-hosting some mainstream apps yourself, like [Plex](https://www.plex.tv/), [OwnCloud](https://owncloud.org/), [Wordpress](https://wordpress.org/) or even [SandStorm](https://sandstorm.io/).
|
||||
|
||||
## Why should I read this?
|
||||
|
||||
So if you're familiar enough with the tools, and you've done self-hosting before, why would you read this book?
|
||||
|
||||
1. You want to upskill. You want to do container orchestration, LetsEncrypt certificates, git collaboration.
|
||||
2. You want to play. You want a safe sandbox to test new tools, keeping the ones you want and tossing the ones you don't.
|
||||
3. You want reliability. Once you go from __playing__ with a tool to actually __using__ it, you want it to be available when you need it. Having to "_quickly ssh into the host and restart the webserver_" doesn't cut it when your wife wants to know why her phone won't sync!
|
||||
|
||||
## What do you want from me?
|
||||
|
||||
I want your money.
|
||||
|
||||
No, seriously (_but yes, I do want your money - see below_), If the above applies to you, then you're like me. I want everything I wrote above, so I ended up learning all this as I went along. I enjoy it, and I'm good at it. So I created this website, partly to make sure I documented my own setup properly.
|
||||
|
||||
## How can I support you?
|
||||
|
||||
### Buy my book 📖
|
||||
|
||||
I'm also writing it as a formal book, on Leanpub (https://leanpub.com/geeks-cookbook). While it's in draft, you can get it for free (in PDF, mobi, or epub format), or you can pay me what you think it's worth.
|
||||
|
||||
### Patreonize me 💰
|
||||
|
||||
Apparently there's this thing called "Patreon". I still need to set it up though. Ping me if you want to "Patreonize" me.
|
||||
|
||||
### Hire me 🏢
|
||||
|
||||
Need some system design work done? I do freelance consulting - [contact](https://www.funkypenguin.co.nz/contact/) me for details.
|
||||
|
||||
40
mkdocs.yml
40
mkdocs.yml
@@ -15,19 +15,21 @@ theme: material
|
||||
pages:
|
||||
- Home : index.md
|
||||
- Introduction:
|
||||
- README: README.md
|
||||
- whoami: whoami.md
|
||||
|
||||
- Docker (Standalone):
|
||||
- Getting Started:
|
||||
- Basic Setup: beginner/beginner.md
|
||||
- LVM-Backed storage: beginner/beginner.md
|
||||
- LetsEncrypt Proxy: advanced/about.md
|
||||
|
||||
- Tiny Tiny RSS:
|
||||
- Basic: advanced/tiny-tiny-rss.md
|
||||
- Plugins: advanced/tiny-tiny-rss.md
|
||||
- Themes: advanced/tiny-tiny-rss.md
|
||||
- README: README.md
|
||||
- whoami: whoami.md
|
||||
- HA Docker Swarm:
|
||||
- Index: ha-docker-swarm/index.md
|
||||
- Design: ha-docker-swarm/design.md
|
||||
- VMs: ha-docker-swarm/design.md
|
||||
- Persistent Storage: beginner/beginner.md
|
||||
- Keepalived: advanced/keepalived.md
|
||||
- Docker Swarm Mode: advanced/keepalived.md
|
||||
- Traefik: advanced/keepalived.md
|
||||
- S3-like Storage: advanced/keepalived.md
|
||||
- Tiny Tiny RSS:
|
||||
- Basic: advanced/tiny-tiny-rss.md
|
||||
- Plugins: advanced/tiny-tiny-rss.md
|
||||
- Themes: advanced/tiny-tiny-rss.md
|
||||
|
||||
# - Home Assistant:
|
||||
# - About: advanced/home-assistant/basic.md
|
||||
@@ -36,18 +38,6 @@ pages:
|
||||
# - Limitless LED: advanced/home-assistant/limitless-led.md
|
||||
# - OwnTracks: advanced/home-assistant/limitless-led.md
|
||||
|
||||
- Docker (HA Swarm):
|
||||
|
||||
- Getting Started:
|
||||
- Basic Setup: beginner/beginner.md
|
||||
- Persistent Storage: beginner/beginner.md
|
||||
- Keepalived: advanced/keepalived.md
|
||||
|
||||
- Tiny Tiny RSS:
|
||||
- Basic: advanced/tiny-tiny-rss.md
|
||||
- Plugins: advanced/tiny-tiny-rss.md
|
||||
- Themes: advanced/tiny-tiny-rss.md
|
||||
|
||||
# - Home Assistant:
|
||||
|
||||
# - About: advanced/home-assistant/basic.md
|
||||
|
||||
Reference in New Issue
Block a user