Deploy kubernetes cluster with kubeadm

Prepare VM for Container Runtime (@all nodes)

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
sudo modprobe overlay
sudo modprobe br_netfilter
# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
sudo sysctl --system
# Verify
lsmod | grep br_netfilter
lsmod | grep overlay
sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward

Install containerd (@all nodes)

Docker networking

docker network ls
docker network inspect bridge
docker network inspect host
docker network inspect none
ip addr show docker0
ip link show docker0
ip -c link show type bridge
ip netns
docker inspect ${DOCKER_ID}
ip link # attached to bridge
# vethxxx@ifx
ip -n ${INTERFACE_ID} # assignet do container
# eth0@ifx
ip -n ${NAMESPACE_ID} addr
docker run -p 8080:80 nginx # forward internal port 80 to host port 8080
#iptables -t nat -A PREROUTING -j DNAT --dport 8080 -to-destination 80
#iptables -t nat -A Docker -j DNAT --dport 8080 --to-destination
iptables -nvL -t nat

Terraform: OpenStack

OpenStack Providery

# Configure the OpenStack Provider
provider "openstack" {
  user_name   = "admin"
  tenant_name = "admin"
  password    = "pwd"
  auth_url    = "http://myauthurl:5000/v2.0"
  region      = "RegionOne"
# cloud.yaml
provider "openstack" {
  cloud      = "dev-foo"


resource "openstack_networking_router_v2" "router_1" {
  name       = "foo-router"
  external_network_id = "88934cac-8d55-40d5-8ff9-bde65011741d"
resource "openstack_networking_router_interface_v2" "terraform" {
  router_id =
  subnet_id =


resource "openstack_compute_instance_v2" "basic" {
  name            = "basic"
  image_id        = "ad091b52-742f-469e-8f3c-fd81cadf0743"
  flavor_id       = "3"
  key_pair        = "my_key_pair_name"
  security_groups = ["default"]
  metadata = {
    this = "that"
  network {
    name = "my_network"


RustDesk - free TeamViewer alternative

# install oracle jdk
wget -q --no-check-certificate -O - | bash -

# install archiva
wget -P /tmp
tar xzf /tmp/apache-archiva-2.1.1-bin.tar.gz -C /opt
ln -s /opt/apache-archiva-2.1.1/ /opt/apache-archiva

# autostart
sed -i '$i /opt/apache-archiva/bin/archiva start' /etc/rc.local


# clear config
rm /opt/apache-archiva/conf/archiva.xml

Flash LineageOS to Samsung Android phone

Samsung Galaxy Note 3 LTE (SM-N9005/P) hlte

wget -P /tmp

Samsung Galaxy Tab 2 7.0

Samsung GalaxyTab Pro SM-T520 LineageOS 17.1 on Android 10
sudo apt install heimdall-flash
Vol- + Home + Power
heimdall flash --RECOVERY twrp-3.2.1-0-n2awifi.img --no-reboot
Vol+ + Home + Power

LineageOS 17.1 on Samsung Galaxy Tab PRO 10.1 / SM-T520 / n2awifi

Find router binding_host_id mismatch

# DB
openstack port list --device-owner network:router_gateway --router ${ROUTER_ID} -c id -f value | xargs openstack port show -c binding_host_id -f value
# active
openstack network agent list --router ${ROUTER_ID} --long -f json | jq -r '.[] | select(."HA State" == "active").Host'
ROUTER_IDS=$(openstack router list  -c ID -f value)
for ROUTER_ID in ${ROUTER_IDS}; do
    ROUTER_PORT_ID=$(openstack port list --device-owner network:router_gateway --router ${ROUTER_ID} -c id -f value)
    if [ ! -z ${ROUTER_PORT_ID} ]; then
        ROUTER_NODE_DB=$(openstack port show ${ROUTER_PORT_ID} -c binding_host_id -f value)    
    ROUTER_NODE_ACTIVE=$(openstack network agent list --router ${ROUTER_ID} --long -f json | jq -r '.[] | select(."HA State" == "active").Host')

Debug VPN

export DEBUG=@option.debug@
export VPN_CONNECTION_ID=$(echo @option.vpn_connection_id@ | sed -e 's/^[[:space:]]*//')
[ "${DEBUG}" == "yes" ] && set -x
source /etc/kolla/
source /usr/local/pyenv/versions/osc/bin/activate
# check parameter
if [[ ! ${VPN_CONNECTION_ID//-/} =~ ^[[:xdigit:]]{32}$ ]]; then
#if [ -z "${VPN_CONNECTION_ID}" ]; then
    echo -e "\e[34mPlease specify the VPN ipsec site connection ID"
    openstack vpn ipsec site connection list --long
VPN_CONNECTION_JSON=$(openstack vpn ipsec site connection show ${VPN_CONNECTION_ID} -f json)

Ventoy ISO boot


wget -O /tmp/ventoy-linux.tar.gz
tar xzf /tmp/ventoy-linux.tar.gz -C /tmp/
sudo /tmp/ventoy-1.0.93/ -i /dev/sdb

Copy ISOs

cp Downloads/iso/grml64-small_2022.11.iso /media/*/Ventoy/
cp Downloads/iso/mt86plus_6.10_64.iso /media/*/Ventoy/
cp Downloads/iso/ubuntu-23.04-desktop-amd64.iso /media/*/Ventoy/