James Veitch darth-veitcher

If you get the dreaded error when trying to connect via kubectl from a remote machine to your cluster it means you need to ensure the correct IP addresses are added into the If you get the dreaded [] when trying to connect via kubectl from a remote machine to your cluster it means you need to ensure the correct IP addresses are added into the If you get the dreaded [] when trying to connect via kubectl from a remote machine to your cluster it means you need to ensure the correct IP addresses are added into the /var/snap/microk8s/current/certs/csr.conf.template file and certificates are regerenerated.

Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "10.152.183.1")

See stackoverflow answer.

--

Also ensure we regenerate the certificates with a sudo microk8s.refresh-certs command.

How to download your Udemy course videos using youtube-dl

$ youtube-dl --list-extractors | grep udemy

Steps

Get link to the course to download. e.g. https://www.udemy.com/course-name/
Login into udemy website, save the cookie from chrome using Chrome (Cookie.txt)[1] export extension. Save it to file udemy-cookies.txt
Get the link of the video that you want to download. usually in format. Use the command provided below where you have to replace the {course_link} and {path_to_cookies_file} with respective paths.

$ youtube-dl {course_link} --cookies {path_to_cookies_file}

Setup VPN back home

We want to be able to securely sync between the cloudbox and back on-prem (for a local plex server). As a result we'll configure a wireguard VPN link between the two and then setup a rsync daemon on the cloudbox.

See Wireguard vs OpenVPN on a local Gigabit Network for a performance comparison. I've gone with Wireguard over OpenVPN based on it being incorporated into the Linux Kernel and increased performance versus OpenVPN. In addition, there's a useful walkthrough on How to setup your own VPN server using WireGuard on Ubuntu that I leaned on during this process. It's not quite right though and had some errors in.

Install wireguard pre-reqs on both boxes

sudo apt-get -y install software-properties-common; \
sudo add-apt-repository -y ppa:wireguard/wireguard; \
sudo apt-get install -y wireguard; \

Simple commands to setup a BTRFS filesystem across multiple disks as a JBOD implementation.

# Create a filesystem across the drives (metadata mirrored, linear data allocation)
sudo mkfs.btrfs -f -L MEDIA -d single -m raid1 /dev/mapper/data-*

To show all the filesystems

	import pandas as pd
	import numpy as np
	import fastparquet
	from sqlalchemy import create_engine, schema, Table

	# Copied from pandas with modifications


	def __get_dtype(column, sqltype):
	import sqlalchemy.dialects as sqld

	# file: /etc/haproxy/haproxy.cfg
	...
	# HA K8s
	frontend kubernetes
	bind *:6443
	option tcplog
	mode tcp
	default_backend kubernetes-master-nodes

	backend kubernetes-master-nodes

	#! /bin/bash
	# Create chrooted sftp user

	export U=keats

	# ensure group exists
	sudo addgroup sftponly

	# create user
	sudo useradd \

	#! /bin/bash
	# INSTALL INGRESS AS DAEMONSET
	# Rationale for this is it allows us to use the nodeports
	# on all of our nodes for ingress without needing to create
	# a loadbalancer and have a separate IPV4 address.

	# 1. Get the current IPV4 address
	export EXTERNAL_ADDRESS=$(dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com \| awk -F'\"' '{ print $2}')

	# 2. Install latest Helm

	#! /bin/bash
	# KUBERNETES SETUP
	# Quick and dirty kubernetes setup script (k3s)
	#
	# 1. Set the supported docker version per kubernetes
	# Make sure to select the `validated` one. Also worth
	# noting that k3s usually will install the latest version
	# of kubernetes.
	export K8S_DOCKER_VERSION=18.09