ducoterra
f2015e2c71
All checks were successful
Podman DDNS Image / build-and-push-ddns (push) Successful in 1m3s
1.2 KiB
1.2 KiB
Kubernetes
Network Prereqs
- Allow Internal -> Load Balancer
- Block Load Balancer -> Internal
- Forward ports 22023-22122 to proxy.reeselink.com
firewall-cmd --add-port=22023-22122/tcp --permanent && firewall-cmd --reload
Creating VMs
# Note: bridge1 is connected to an isolated network
export VM_NAME=reese-k3s
qemu-img convert -f qcow2 -O raw \
/srv/smb/pool0/ducoterra/images/builds/fedora43-base.qcow2 \
/srv/vm/pool1/${VM_NAME}-boot.raw
virt-install \
--boot uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no \
--cpu host-passthrough --vcpus sockets=1,cores=4,threads=2 \
--ram=4096 \
--os-variant=fedora43 \
--network bridge:bridge1 \
--graphics none \
--console pty,target.type=virtio \
--name ${VM_NAME} \
--import --disk "path=/srv/vm/pool1/${VM_NAME}-boot.raw,bus=virtio"
-
Add the public key to root
-
Add the following to the proxy server's nginx.conf
server {
listen 22023;
proxy_pass 10.4.0.159:22;
proxy_connect_timeout 10s;
proxy_timeout 30s;
}
-
systemctl restart nginx -
Send SSH command
ssh -p 22023 root@ipv4.reeselink.com