checkpoint commit

presentations/kubernetes_101.md

@@ -0,0 +1,47 @@
+# Kubernetes
+
+## Network Prereqs
+
+1. Allow Internal -> Load Balancer
+2. Block Load Balancer -> Internal
+3. Forward ports 22023-22122 to proxy.reeselink.com
+4. `firewall-cmd --add-port=22023-22122/tcp --permanent && firewall-cmd --reload`
+
+## Creating VMs
+
+```bash
+# Note: bridge1 is connected to an isolated network
+export VM_NAME=reese-k3s
+
+qemu-img convert -f qcow2 -O raw \
+/srv/smb/pool0/ducoterra/images/builds/fedora43-base.qcow2 \
+/srv/vm/pool1/${VM_NAME}-boot.raw
+
+virt-install \
+--boot uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no \
+--cpu host-passthrough --vcpus sockets=1,cores=4,threads=2 \
+--ram=4096 \
+--os-variant=fedora43 \
+--network bridge:bridge1 \
+--graphics none \
+--console pty,target.type=virtio \
+--name ${VM_NAME} \
+--import --disk "path=/srv/vm/pool1/${VM_NAME}-boot.raw,bus=virtio"
+```
+
+- [ ] Add the public key to root
+
+- [ ] Add the following to the proxy server's nginx.conf
+
+```conf
+    server {
+        listen     22023;
+        proxy_pass 10.4.0.159:22;
+        proxy_connect_timeout 10s;
+        proxy_timeout 30s;
+    }
+```
+
+- [ ] `systemctl restart nginx`
+
+- [ ] Send SSH command `ssh -p 22023 root@ipv4.reeselink.com`