Stuff I'm Up To

Technical Ramblings

PXE Booting from a Container — February 29, 2020

PXE Booting from a Container

I wanted to build on the automated deployments for Debian and Mint, etc. and the next logical step is to use a PXE boot server and DHCP. Thankfully someone has already built a container to do just that – ferrarimarco/pxe

Now all I have to do it get my Debian boot image injected into this.

Continue reading
Docker and OpenVPN — February 23, 2020

Docker and OpenVPN

I’m using a vpn based on OpenVPN and when I try to fire up a docker-compose set of containers it fails with:

ERROR: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network

A quick session of Duck-jitsu and I found: https://github.com/docker/for-linux/issues/418#issuecomment-491323611

A few simple steps sorted it out for me. Create docker network and use an override to tell compose to use it.

$ docker network create localdev --subnet 10.0.1.0/24

docker-compose.override.yml

version: '3'
networks:
  default:
    external:
      name: localdev

This does mean I’ll have to add it into all my local projects that get pushed upstream, but I can add it to .gitignore to prevent it being included.

LAMP Container Set — February 22, 2020
Docker on Ubuntu eoan —

Docker on Ubuntu eoan

The installation on eoan fails with a missing dependency for containerd.io not having an install candidate.

Fix

Edit your /etc/apt/sources.list file and change the eoan version to disco. Or remove the line and re-add it using:

$ sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   disco \
   stable"

It may still fail to install with an error docker.service Failed with result 'start-limit-hit'. A reboot soon sorted it out followed by a call to apt install.

$ apt install -f

Linux Mint Preseeding — February 21, 2020

Linux Mint Preseeding

Well that was a really tough day. Turns out we have a kinda favouritism for Linux Mint on Desktops. Preseeding for Linux Mint kinda works the same was as Debian, but doesn’t.

Linux Mint uses the Ubuntu flavour of preseeding and uses it’s own ubiquity install process that uses some of the d-i values, but also many of it’s own. Sadly this is nowhere near as documented as the Debian example. When things didn’t work as expected where do I look for help and documentation?

I found some help, from another party, but for installing in German. I figured a few changes to ‘uk’ instead of ‘de’ would be in order – then smiled as the installer turned Cyrillic as it decided ‘uk’ must mean ‘ukraine’!

Continue reading
Debian Preseeding — February 20, 2020

Debian Preseeding

The boss walked in today with a new desktop PC for a new staff member and handed it off saying:

“I hope we aren’t going to be using some antiquated process to install this?”

As a desktop installation hasn’t been a regular thing for me I thought I’d look at automating the delivery and put into practice some of the automation I’ve been working with. Time to look at ‘preseeding’ the Debian install and tidying it all up with a post install process using ansible.

My end goal was to get a desktop installed with authentication using the LDAP client configured for our LAN and to install, and remove some corporate wide applications.

Continue reading
Docker OpenLDAP — February 15, 2020

Docker OpenLDAP

The LDAP instance in our environment is pretty ancient and has served well for many, many years. But there’s one key feature we’d like to see added to our schema – memberOf.

The current group membership is based on memberUID and is a bit clunky by modern standards. Time to upgrade.

This time we’re going to run it in a container. Making it more mobile and resilient. The image we chose osixia/openldap has a lot of pulls and looks a good candidate to use.

Continue reading
Ansible — February 11, 2020

Ansible

After working with Saltstack I thought I’d do some investigation with Ansible. I’m in the market for automation and want a simple means of delivering configuration onto our physical and virtual estate.

Nothing wrong with Saltstack – but broadening the view to Ansible shows it has one key feature that is very attractive. There is no need to install an agent – it uses ssh and will sudo or su to escalate privileges as required.

Continue reading
Linux HA Cluster — February 6, 2020

Linux HA Cluster

Until recently my exposure to Linux HA has sat firmly on the side of deploying systems that sit on top of highly resilient platforms like VMWare that handle all of the network interface and storage high availability and fail over.

Recently I’ve started looking at physical Linux deployments that require their own high availability solution.

I began looking at resilient storage and discovered that the most prevalent product in use is Linbit’s DRBD – Distributed Redundant Block Device. Getting DRBD installed and working went pretty well and was fairly straight forward, but then what do I do about network interfaces and system services?

Continue reading
Firefox Certificates — February 5, 2020

Firefox Certificates

Now with added Chromium!

Fun and games with Nginx and client authentication certificates means we need to deploy certificates to the user for them to trust our CA and have a trusted personal certificate to validate with our server.

I can see why many just pop up a help page and navigate the user through importing the CA and their certificate in the browser. We need to make this a bit more automated though as the machines will be out with customers.

Continue reading
Tunnelling RDP over SSH — February 4, 2020
Dual Boot Windows 10 and Ubuntu — February 3, 2020

Dual Boot Windows 10 and Ubuntu

EFI, Windows 10 and Ubuntu make for a bumpy road. After installing Ubuntu onto the partition I made available in Windows 10, Ubuntu configured grub and when I rebooted there was a nice menu to let me select which OS I wanted to boot. “Ubuntu” or “Windows 10 Boot Manager”.

It worked great … until I booted into Windows 10 and then at the next boot there was no more menu. Just boot straight back into Windows 10 again.

It appears Windows likes to overwrite your boot manager with it’s own after every startup.

After some Googling it’s a common problem, and many look towards EasyUEFI to help. In my case it was useful as it showed me what boot manager Ubuntu was was using, which meant I could use that to replace the Windows 10 boot manager – I didn’t use EasyUEFI for this.

Windows 10 has a command line utility bcdedit that allows you to change boot settings. Now that EasyUEFI let me find that the Ubuntu boot manager used \EFI\ubuntu\shimx64.efi I was able to change the Windows path for the Ubuntu path using:

c:\> bcdedit /set {bootmgr} "\EFI\ubuntu\shimx64.efi"

Of course I made a copy of the settings before changing it from \EFI\Microsoft\Boot\bootmgfw.efi to \EFI\ubuntu\shimx64.efi.

It looks like the basic principle would be applied to other EFI boots of other Linux distributions too. Find the distributions boot efi file and then change Windows 10 to point at that.