Відео

Hi. There is a way. If you deployed VMs from within Rancher talking to Harvester then you can simply scale the number of workers up and down. I don't know of a way to auto-scale it based on application usage. If you are running it inside Harvester, then you are hardware bound. I would simply make the VMs' bigger. aka vertical scaling versus horizontal. make sense?

Glad to help. For those watching We are actively emailing back and forth.

I think my co-worker just got one of those cards. Let me see if he has any tricks for it.

Will be great, thx

He has not started on the sr-iov part yet. You are looking to slice up the GPU?

Exactly as I need to share multiple VDI, mainly windows :/

interesting. Side question, have you looked at KASM?

Oh nice. With the tilde key does the window pop up? Or does it pop up and not do anything?

@@clemenko When you mentioned popup I've tried differrent browsers. I found it working Firefox with Shift ~ and `. I got it now. Thanks for your reply.

Oh awesome. I tend to use chrome. Glad it is working.

Hope this helps. I may make a second one for Ubuntu.

When setting up HA all 3 of the control plane nodes should be running rke-server. When you shut down server 1 it takes a minute or two for another node to be promoted. Behind the scenes etcds is the database that stores the cluster state. So server 2 and 3 still have the complete database of what is going. Also the workers can still talk to the control plane through either multiple DNS records or a load balancer. hope this helps.

@@clemenko Thanks for the response. We just did that however in the /etc/rancher/rke2/config.yaml the server-2 and server-3 technically point to server-1 Would that actually matter in this case? We waited a good 5 minutes and did not see the server-2 or server-3 get promoted to master hence were wondering what would happen in a production grade scenario. Still experimenting! We will keep you posted, appreciated your response.

That should word. Here is how I set up server 2 and 3 : github.com/clemenko/rke2/blob/main/deprecated_harv.sh#L115 . Make sure you have the same config with the addition of the "server:" and "token:" fields. Check the error logs with `journalctl -xefu rke2-server`.

@@clemenko Thanks so much for helping out. I figured you were right. I guess etcd automatically identifies a control plane server and ignore the "server" attribute which is used in server-3, which I thought was connecting to server-1. Technically it connects to etcd and so when server-1 is down, etcd automatically elects the other one as master. Coincidentally it took quite a few minutes for that to get elected. Not sure why that may be the case. Thanks again for the great video and the assistance.

Behind the scenes etcd does the election. You pin the "server" field in the config to the first server for the all the `rke2-server`s. Then the workers use a load balancer to the 3 control plane nodes. Glad to help. Let me know if you run into any other issues!

When you see "NotReady" just wait. It can take a little bit of time to become ready. I would also look at Ubuntu 24.04 Noble. New kernels are usually better. Did the node come up? I will test this morning to see if works for me.

@@clemenko Yes I have some experience with kubernetes but in Microk8s form and never with rancher and longhorn. I have never got them to work. It's always been with Portainer.

From what I microk8s is a heavily packaged version of k8s for ubuntu only. One nice thing about rk2 is that it can run on any os. Take a look at this video ua-cam.com/video/Gr08LhMQVoE/v-deo.html . I walked one of our inside sales guys through setting up a single node cluster. Might help.

@@clemenko I agree thank you very much. Great Job on the Videos by the way.

Thanks. I guess. :D

Hi Carlos, I have a video on setting up the Neuvector Federation : ua-cam.com/video/SthUj8TtesM/v-deo.html. I think I see where you are coming from. So a video from the 50 foot view how all these pieces fit together?

@@clemenko yeah a video about how all the pieces fit together and how to set them up would be amazing. Also, I'd love to hear in one of your videos about STIG. I am trying to figure out the security stack for my cluster, there is so much stuff and I am kinda lost xD

To keep the video short I think a 50 foot view will make sense. Let me see what I can do for next week.

Dave, the nginx ingress controller is installed by default with rke2. There are a few options with the several install method if you wanted to use Traefik or another ingress. Did you setup a config yaml? Or a simple `curl | bash` install? Here are the options for that : docs.rke2.io/install/configuration#configuring-the-linux-installation-script

I found it /see it - was not expected the extra suffix(s) attached to the name of the nginx-ingress-controller-xyz123

Great suggestion! keycloak is a little more complicated with the integration with Rancher. Let me see if I can put something together. May with Nick.

Absolutely. It is a simple binary. the installer will download the correct version of linux and even arm.

Neuvector is opensource. Here is the helm repo for it : github.com/neuvector/neuvector-helm hope this helps.

You are welcome!

glad you liked it!

Sort of. If you are using a phone to update the docker images you may not need hauler. The best way to use hauler is to download the images on an internet connected computer and create a tar file. Then you can move the tar with a thumb drive. The good part of hauler is that it can serve out the files as an http server and registry. Actually hauler might help improve the time it takes to move the files/images.

Harvester is a good way to get the best of both worlds. It is REALLY good at "hiding" kubernetes under the hood. Longhorn just works and you don't really have to think about it. I would NOT use Harvester as your introduction to kubernetes though. I would start with a single vm. Check out ua-cam.com/video/Gr08LhMQVoE/v-deo.html for a simple walk through. Also, feel free to recommend any video ideas!

Sorry about that. Check `kubectl get ingress -A` to see what FQDN it is expecting. You can edit it with `kubectl edit ingress -n cattle-system rancher` and change it to something like `rancher.$YOURIP.nip.io`. We used that in a video I just made yesterday : ua-cam.com/video/Gr08LhMQVoE/v-deo.html . Let me know how it goes. If you want we can jump on a zoom to sort through it?

@@clemenko thanks for the update. I will try it as soon as possible and will let you know of the outcome.

@@clemenko I just sent you an email on an update since the command provided did not work.

@@dvdking14mc I just sent you back and email. :D

Thanks Greg. Are you looking for private access or public? For Private access I would setup Tailscale on the network and allow access to the entire subnet. One crazy idea is use the Tailscale Operator : tailscale.com/kb/1236/kubernetes-operator. For public access that is a bit harder. Are you serving out apps/pages to the public?

@@clemenko Thanks for the tailscale operator tip, I'll look into that. But yeah, I was looking for a way to create public access.

this might be a crazy idea : developers.cloudflare.com/cloudflare-one/tutorials/many-cfd-one-tunnel/ I have heard it works well. Here is another one inlets.dev/.

I would also take a look at cloudflare tunnels or inlets. Both should be able to "tunnel" the traffic to your cluster. Have you thought about moving the cloud apps to a cloud provider like digitalocean?

My pleasure!

Oh thanks for letting me k ow. I’ll fix it tomorrow.

Fixed.

There are a few things to unpack there. Is there any local storage besides the HBA? Because of the way Harvester boots HBA drivers may be an issue. The processors should work just fine. Can you try installing to local storage?

@@clemenko Thanks for the info. I ended up using the HBAs in these boxes because of the ridiculous requirement as of 1.2.x for 250GiB (which is magically never going to work with a 256GB SSD due to the requirement being for GiB not GB which seems dubiously sourced as a requirement just to force you to have 1TB SSDs laying around...) I also began remembering that I had this problem back in college when I first tried Suse, and also why I stopped working with it until Harvester. I had forgotten the frustrations of early 2000s BSD and Linux on the desktop driver rangling. Lol... Everything is now booting stable, but found out that these processors are not the ones with 12 cores so it is very much a PoC at this point, and not even really usable. I have to get some updated processors for these boxes which are on the way. After making the grub updates, I was able to get the Raid0 array of 256G SSDs to be seen as boot drives. I had three 480G SSDs that will be used in the future for these three test nodes.

Oh cool. personally I picked up a dell r630 on facebook that worked awesome out of the box. Might be worth a look at newed used 1u servers. I use an AMD Nuc for my homelab with a Ryzen 7 5600 cpu. 8 cores/32gb of ram and a 1tb nvme seems to be the sweet spot.

@@clemenko Yes, yes.... I discovered that I had waited too long to reanimate my homelab gear, after basically sitting around for five years with no true work being done with them. I need all new gear or at least "new-to-me" gear, and I have been checking out the ten year old blade stock from supermicro. I don't have the budget for the current equivalent, however, it will get me the high density I need to run OpenStack and Openshift at a small-business scale at least, which is the goal. Harvester is supposed to be the simple little box in my small rack that I can run my small production internet facing cloud from, however, the cores kept biting me with these 4-core E3s on the smallest box, so I probably need to just get a Ryzen/Epyc build out like alot of you guys are running, for that edge system at least. Thanks for the dialog, and the content!!!

@@MartesWigglesworth although I am biased, have a look at Harvester and Rancher. Much easier to install and maintain than OpenShift. FYI I use to work at RedHat.

Just following up here in case someone else runs into this. After switching to Canal, it worked on the first try. Something seems incompatible with rke2 with multus/calico or multus/cilium

Glad Canal worked! I will play with Cilium and Calico soon to see if I can figure it out for ya.

Honestly I would not use multus unless there is a specific reason. For my customers is to be able to use multicast for data ingress. What version of Longhorn are you using? 1.6.1 has the new V2 engine. It is better than the older versions. What kind of apps are you using with Longhorn? The reason I ask is that we like to tier Longhorn as just one piece of a storage solution. Tier 1 is the ephemeral storage of the pod. Tier 2 is Longhorn - Great for stateful apps. Tier 3 NFS/Iscsi/EFS and the likes for HIGH IOPS applications. Think large databases. That being said you can tune Longhorn per cluster or volume to only have 1 replica. Also where are you running the cluster? The backing storage/disks and networking can dictate performance. Feel free to email me at clemenko@gmail.c0m. :D

@@clemenko For the past 8+ months I've been using K8s v1.28.1 cluster with Longhorn v1.5.1. The purpose for Kubernetes cluster is to support clients with Spring Boot Apps & Websites with Postgres, Redis & Kafka and all are Stateful. So have abandoned this cluster and built new RKE2 cluster with the kind assistance of you videos. So looks like I could be using NFS for Postgres & Redis?

@@paulfx5019 Maybe. It depends on the NFS device and the network speed. Check out Longhorn v1.6.1. Let me know if you want to look at your current deployments/cluster?

@@clemenko Thanks for the feedback. Have spent another day trying to deploy what I think is the best RKE2/Longhorn cluster, 3 master nodes, 3 worker node & 3 longhorn nodes. Am happy with RKE2 so far, I eventually worked out how to deploy longhorn on worker & longhorn nodes. Is there a way to deploy stateful pods on worker nodes only and using PVC's on longhorn nodes? Or am I simply dreaming....

Just answered own question...added noschedule taint to longhorn nodes... My NFS network is on Cisco Nexus vPC 10G bonded LACP.

Thanks for the advise. You think the audio is too low?

That is a good idea. Proxmox is going to win for VMs. It has been around a lot longer. We use Harvester because it has kubernetes under the good. Not sure proxmox can run pods directly. Harvester wins for containers. Keep the good ideas coming.

Proxmox can run LXC containers. Has a different approach.

Thanks. Let me know if there is anything you need help with.

I have never seen that. Are you loading the isp into harvester? Or are you trying to PXE boot Server 2019?

@@clemenkojust uploading the ISO onto the harvester host

@@implodespwHuh. Have you tried any other iso?

Thanks. What are you looking to deploy with Kubernetes? Next phase would be to potentially to add High Availability or Security with NeuVector.

@@clemenkoI'm not really sure, that's why I decided to ask. This is my only issue starting with Kubernetes as it's quite wide and I'm uncertain of what has to be in and why something has to be in Kubernetes. Any suggestions are welcome :) Thanks!

@@MrSpamchoIf you deployed Rancher, check the app catalog. I would start with the monitor app. It will install Grafana and Prometheus. You can also deploy databases and apps from there.

@@clemenkoThanks, much appreciated!

Not sure. I have not tested other vm platforms. I run Harvester on a Framework laptop board and NUC like devices with good success. What are you testing it on?

@@clemenkoRyzen 7 with 32 gb ram 1 tb ssd. I saw the same on a Suse video, where to guys where running a demo on Nucs and one guy mentioned that resource usage. Before that video I thought I did something wrong. You can see it on your dashboard how high your CPU idles. I like the automation using Rancher, but such a high idling CPU is a deal breaker to me in my home lab.

@@dzmelinux7769It was a big deal for me. Newer versions of harvester did not install the monitoring component. That saved some cycles.

Glad you like it! I am really loving it too for the home lab.

Thanks!

Glad it was helpful! Let me know if there is anything else you might want to see.

I am working on a HA video soon. This is the most requested video. Subscribe and I will make the video next week. ;)

@@clemenkoalso thanks already subbed :)

Thanks. I use the "Generic" images. dl.rockylinux.org/pub/rocky/8/images/x86_64/Rocky-8-GenericCloud-Base.latest.x86_64.qcow2 dl.rockylinux.org/pub/rocky/9/images/x86_64/Rocky-9-GenericCloud-Base.latest.x86_64.qcow2 How are you liking Harvester? Would an in depth video about it be helpful?

@@clemenko I really like Harvester and love the direction Rancher Government Solutions (SUSE) is going with automation and the concept of air gapping. A more detailed video on configuring harvester, multiple nics, vlans, longhorn, rancher, neuvctor would be great - maybe working from the direction of seeder/packer, terraform, etc. Just the normal things folks in home labs or small companies deal with. Looking forward to v1.3.

@@rnwtenorOk, a longer semi-complete video? I will add it to the queue. Give me a couple of weeks. Work travel is fun. :D

Was not planning it that soon. Would you want a long or short video?

@@clemenko long please, if possible. I'm trying to setup 3 masters and 6 nodes, haproxy, keepalived... thank you!

@@kiki-vu9ifI will try and put something together tomorrow.

@@clemenko ok thank you so much

@@kiki-vu9ifok. next week. lol

Thanks for sharing the tips. I am currently working on a replacement script using a new packaging tool. Make sure you subscribe for when that drops!

In theory it is. HobbyFarm uses terraform under the hood. WIth a little modification you can switch the underlying provider. Hope this helps.

@@clemenko thank you for your reply. I'll think about what I can do.

@@user-yh3xz5to5o Today I was trying to create a new provider just to deploy on Proxmox instead of using EC2 or DigitalOcean, the only two supported providers at the moment. I hope to make progress on this and be able to make a contribution to the project. It has taken me quite some time to understand how it works and I hope to continue to have time to advance the development. Best regards.

Sure. Think if Kubernetes as a scheduler. And it tells the workers what to run. So there is no need to run the `kubectl` commands on the works. In kubernetes you run `kubectl` pointed at a control plane node. We use the control plane node as a client as well. Hope this helps.

Hey, Thanks for quick reply. So if we do any new deployment it will go to worker nodes only??

for every cluster you need at least one controller and any number of workers. Controllers ideally should be either 1 or 3 nodes. And again you can have ANY number of workers. Here is a guide that might help github.com/clemenko/rancher-ref-arch.

Thank a lot!! 👌

Since she is 13 it would go to her head. HA! Having her go through an Harvester install might be fun.

Thanks. Rancher Gov is actually working on a product to streamline this. github.com/rancherfederal/hauler. How about I make a walk through video? Would that help?

Hope this helps! ua-cam.com/video/LC5925eovwE/v-deo.html

Thanks. The docs from Docker are quite good for that : docs.docker.com/engine/install/

Sure! I have time tomorrow to make one. I will walk through everything slowly. I will include the pitfalls and gotchas. Well, only if you subscribe. :)

Uploading now! ua-cam.com/video/o5dJAjmou8s/v-deo.html

You are so welcome!

greetings. thats awesome it helped. You can either edit the kubeconf and set skip-tls-verify. Or download another kubeconfig from the cluster.