virtualization

LXD: Create WireGuard container

Create container

CONTAINER=wireguard
 
# Add ubuntu-minimal repository
lxc remote add --protocol simplestreams ubuntu-minimal https://cloud-images.ubuntu.com/minimal/releases/
 
# Create LXD container
#lxc launch ubuntu-minimal:lts ${CONTAINER}
lxc launch ubuntu-minimal:22.04 ${CONTAINER}
 
# update APT packages
lxc exec ${CONTAINER} -- bash -c "export http_proxy=${http_proxy} && apt update && apt -y dist-upgrade && apt -y autoremove"
 
# Install WireGuard
lxc exec ${CONTAINER} -- bash -c "export http_proxy=${http_proxy} && apt install -y wireguard iptables iputils-ping"

Configure UDP 4000 port forward to wireguard container

lxc config device add ${CONTAINER} udp51820 proxy listen=udp:0.0.0.0:51820 connect=udp:127.0.0.1:51820

Configure WireGuard

LXD: nested containers

Nested
https://ubuntu.com/blog/nested-containers-in-lxd

lxc config set ${CONTAINER} security.nesting true
lxc config set ${CONTAINER} security.privileged true
 
# load kernel module on hypervisor by start of the VM
lxc config set ${CONTAINER} linux.kernel_modules aufs
#cp -a /lib/modules/$(uname -r) /var/lib/lxd/containers/CONTAINER/rootfs/lib/modules/
echo 50000 > /proc/sys/kernel/keys/maxkeys
CONTAINER=lxd-nested-docker
lxc config set ${CONTAINER} security.nesting true
#lxc launch ${CONTAINER} -p default -p docker
#lxc exec ${CONTAINER} -- apt install -y linux-modules-extra-$(uname -r)
#lxc config set ${CONTAINER} security.privileged true
lxc exec ${CONTAINER} apt install docker.io

Docker inside LXD

lxc launch ubuntu:18.04 gitlab-runner1-dev \
  -p disk-zfs \
  -p nic-dev-mgmt \
  -c security.nesting=true 
#  -c security.privileged=true

raw.lxc parameter
https://blog.simos.info/how-to-add-multi-line-raw-lxc-configuration-to-lxd/

podman

Install

sudo apt-get install -y software-properties-common uidmap
sudo add-apt-repository -y ppa:projectatomic/ppa
sudo apt-get -y install podman

Container

podman run --name nginx -v /tmp/html:/usr/share/nginx/html:ro -d -p 8080:80 docker://nginx
 
podman run \
    -dt \
    -p 8080:8080/tcp \
    -e HTTPD_VAR_RUN=/var/run/httpd \
    -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
    -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
    -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \
    registry.fedoraproject.org/f27/

Links
https://podman.io/

Kubernetes

kubectl Cheat Sheet
https://kubernetes.io/docs/reference/kubectl/cheatsheet/

Dump Kubernetes Objects
kubectl get componentstatuses
kubectl get configmaps
kubectl get daemonsets
kubectl get deployments
kubectl get events
kubectl get endpoints
kubectl get horizontalpodautoscalers
kubectl get ingress
kubectl get jobs
kubectl get limitranges
kubectl get nodes
kubectl get namespaces
kubectl get pods
kubectl get pods --all-namespaces -o wide
kubectl get persistentvolumes
kubectl get persistentvolumeclaims
kubectl get quota

LXD: tftp container (recover ASUS RT-N66U under Linux)

lxc launch ubuntu:20.04 tftp
 
lxc config device add tftp eth0 nic nictype=physical parent=enp0s25
 
lxc file push Downloads/RT-N66U_3.0.0.4_382_52272-g73d3ea2.trx tftp/tmp/
lxc shell tftp
 
apt update 
apt install -y tftp
 
ip l set dev eth0 up
ip a add 192.168.1.111/24 dev eth0
 
 
# ping 192.168.1.1
 
# tftp 
tftp> connect
(to) 192.168.1.1
 
put RT-N66U_3.0.0.4_382_52272-g73d3ea2.trx

Links
https://chrishardie.com/2013/02/asus-router-firmware-windows-mac-linux/

LXD

lxc profile delete default
lxc profile device add default root disk path=/ pool=default

lxc profile create default
lxd init
--auto

Install
apt install lxd lxd-client
# https://raw.githubusercontent.com/panticz/installit/master/install.lxd.sh

# Add user to group
sudo usermod -a -G lxd ${USER}

Create VM
lxc launch ubuntu:18.04 bionic
lxc launch ubuntu:trusty trusty
lxc launch ubuntu:16.04 xenial
lxc launch images:centos/7 centos7
lxc exec xenial bash
lxc delete xenial -f

Create priviliged VM
CONTAINER_NAME=vm1

VMware Player

<?php
$URL="https://raw.githubusercontent.com/panticz/installit/master/install.vmware-player.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_URL, $URL);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

sudo apt-get install -y open-vm-tools

Links
https://docs.vmware.com/en/VMware-Workstation-Player/12.0/com.vmware.player.linux.using.doc/GUID-42F4754B-7547-4A4D-AC08-353D321A051B.html

qcow2

# create image file
qemu-img create -f qcow2 /var/lib/libvirt/images/vm01.qcow2 25G

# create raw disk
chown libvirt-qemu.kvm /var/lib/libvirt/images/vm01.qcow2
chmod 600 /var/lib/libvirt/images/vm01.qcow2

# shrink qcow image
qemu-img convert -O qcow2 image01.in.qcow image.01.out.qcow

# shrink qcow image with compression
qemu-img convert -O qcow2 -c IN.qcow OUT.qcow

# convert
qemu-img convert -O qcow2 ubuntu-16.04-server-cloudimg-amd64-disk1.img ubuntu-16.04-server-cloudimg-amd64-disk1.qcow2

# create image
qemu-img create disk.img -f qcow2 4G