Category Archives: Uncategorized

Yet another summer is coming to an end…

First post in long time!

Yet another summer is coming to an end. Work starts again tomorrow and things get back to normal.

During the summer I saw that I needed to rebuild a small SMB environment for a friend and I decided on using Mikrotik for the networking (switches, routers), SuperMicro for the servers and Proxmox for the virtualization layer. I’m going to document my process here and find out the good, the bad and the ugly around those three vendors. Can’t wait to get that started but I expect to get the equipment in my hands in the next ~4 weeks or so.

This is going to be somewhat over-designed environment but I am excited to see how those vendors stack up against the enterprise vendors I work with most of the time.

On-premise Kubernetes

For the better part of the year I have been playing around with Kubernetes on-premise. While testing random solutions I didn’t realize what can of worms I just opened! ……Don’t get me wrong – the whole Kubernetes ecosystem is extremely fun to “play” in.

But after trying multiple solutions a colleague of mine pointed me to a project called Rancher. This project is pretty cool!

The project makes the installation extremely easy (yes yes, I sound like a sales person) but this was the most straight-forward product I had seen (and yes, I have seen a few) in this space.

Out of the box the project offers multi-cluster management, support for AKS, EKS and support for other managed solutions as well as a on-premise installation using either RancherOS (a custom Linux distro for running Kubernetes) or using roll-your-own VMs/bare metal instances (using for example CentOS). It can integrate with vSphere to spin up instances…..and they have a decent Active Directory integration for authentication/authorization.

Rancher is deployed on a dedicated Kubernetes cluster (if it is set up for HA) that should just be used for Rancher. Then you can go ahead and add your own clusters from AKS/EKS or on-premise. It is a nice single pane of glass for operating your Kubernetes clusters. If you have environments all over the place it can help you gain better control of the environments as well as offer a single place to interact against for things like deployments.

While I won’t go into details (the documentation simply speaks for itself) I recommend you take a look at this project if you plan to start using Kubernetes for your organization, or even just to play with your own stuff.

And the best part? The project is fully open source. Rancher are also working on a persistent storage solution (Longhorn) and they offer professional services/support if you need some help along the way.

They also have a mini Kubernetes distro called K3s – it is a (very) small instance of Kubernetes that you can run on pretty much anything that can boot Linux and be managed in the same way.

Simply put, this is an amazing project! 🙂

Openconnect and GlobalProtect VPN!

Hi!

Just tried the globalprotect support in openconnect 8 (8.02 in Fedora 29).

Very simplified version:

sudo openconnect --protocol=gp your.vpn.gw.com

Worked liked a treat! Hopefully I can stop using the offical Linux client now.

Now – hopefully NetworkManager-openconnect drops in support for connecting to globalprotect VPN soon! 🙂

Bgrds,
Finnur

Palo Alto GlobalProtect on Fedora

After spending some serious time trying to get GlobalProtect 4.1.2 to work on Fedora 28 (and probably 27 earlier this year) I finally managed to get it working. It is almost embarrassing how easy it was…

  1. Replace /etc/redhat-release and /etc/os-release with info from RHEL 7 or CentOS 7
  2. Profit.

Yep….it’s sucky….but at least it shows that this works. Maybe it is possible to modify some file that lists supported operating systems……will have to look into that later on.

Always read the release notes….and the supported OS lists…..and the error logs. Even better if you do it all in the same evening to puzzle this amazing solution together……

FYI: The error I was getting was: Error: Gateway my.gateway.hostname: The server certificate is invalid. Please contact your IT administrator.

Neat RSS reader for MacOSX

Howdy all,

If you are still hurting after the closure of Google Reader and have not found a replacement for it you could check out Vienna. It has everything that I have been looking for in a RSS reader and it’s also open source !

Bgrds,
Finnzi

Back to Mac OS X :O

Howdy,

Finally my old trusty Thinkpad T61 decided to leave this world. I went a month or two without having a private laptop (I try not to use my work machine for private matters) but finally I could not go a minute longer ! I searched quite a bit for a nice machine I could use for running Fedora, but I have been using Fedora for few years ony my trusty T61. However, after spending few hours searching for a good machine (The T430 with some high end specs was quite interesting) I settled for a Macbook Pro Retina 13″.

This machine is amazing ! The last time I was using Mac OS X was on a 2007 Macbook with 13″ screen (1366×768 resolution if I remember correctly). That was quite sad experience since it was unable to do things like scroll a flash-heavy site without feeling sluggish. However the new machine has nothing I could call sluggish. Everything runs quite smoothly. If I could complain about anything it would be the size of the SSD and the write speed after doing a full disk encryption. However it is not trivial and the disk still feels a lot faster then my old 7.2K 320GB disk in the T61 🙂

At first I disliked the whole idea of making Mac OS X feel a bit “iOS” like. Applications are delivered through the App Store etc. I however quickly realized that it quite nice to have the apps delivered this way. Updates all go through Apple. If there is a security bug etc the users get updates delivered centrally. Just that feature is brilliant (and quite old if you look at how Linux distributions deliver apps/updates:)).

Well, let’s see if I keep on praising Mac OS X after using it for more then a week 🙂

Bgrds,
Finnzi

Bye Gnome 3, Hello Cinnamon !

Howdy all!

Few weeks ago I was once again crying about how I do not like Gnome 3 (normal and fallback modes). Once again I went searching for a shoulder to cry on but suddenly remembered reading something about MATE and Cinnamon in some Linux magazine.

Found some screenshot of both and saw that both had some potential to them so I decided to try them both.

Well, to make a long story short I now have Cinnamon configured on my Laptop and Workstation. I love it !

Large shout out to the Cinnamon team, Cinnamon truly rocks ! 🙂

Bgrds,
FOG

First post!

Howdy all,

After a “small” mistake I found out that I did not have backups of my WordPress installation so all my posts are gone…..which is “awesome”…..*shruugggg*

However this gives me a opportunity to redesign the site and maybe even put something useful here which was always the plan anyway 🙂

Lets see how it goes….

Bgrds,
Finnzi