chchang/hugo_backup
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add update to proxmox and synology ha cluster

Browse Source
This commit is contained in:
Eric Chang
2020-02-13 16:24:48 +08:00
parent a726820c4b
commit 32dde4d676
140 changed files with 9265 additions and 1261 deletions
Download Patch File Download Diff File Expand all files Collapse all files

430
public/page/5/index.html
View File

@@ -21,9 +21,9 @@
"publisher": "",
"accountablePerson" : "",
"copyrightHolder" : "",
"copyrightYear" : "2019",
"datePublished": "2019-12-27 09:09:05 \x2b0800 CST",
"dateModified" : "2019-12-27 09:09:05 \x2b0800 CST",
"copyrightYear" : "2020",
"datePublished": "2020-01-17 12:20:33 \x2b0800 CST",
"dateModified" : "2020-01-17 12:20:33 \x2b0800 CST",
"url" : "https:\/\/h.cowbay.org\/",
"wordCount" : "0",
"image" : "https://h.cowbay.org%!s(\u003cnil\u003e)"",
@@ -46,9 +46,9 @@
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.3.1/css/all.css" integrity="sha384-mzrmE5qonljUremFsqc01SB46JvROS7bZs3IO2EmfFsd15uHvIt+Y8vEf7N7fWAU" crossorigin="anonymous">
<link href="https://h.cowbay.org/css/style.css?v=1577410044" rel="stylesheet" id="theme-stylesheet" type='text/css' media='all'>
<link href="https://h.cowbay.org/css/style.css?v=1581582274" rel="stylesheet" id="theme-stylesheet" type='text/css' media='all'>
<link href="https://h.cowbay.org/css/custom.css?v=1577410044" rel="stylesheet" type='text/css' media='all'>
<link href="https://h.cowbay.org/css/custom.css?v=1581582274" rel="stylesheet" type='text/css' media='all'>
<link rel="shortcut icon" href="https://h.cowbay.org/img/favicon.ico" type="image/x-icon">
<link rel="icon" href="https://h.cowbay.org/img/favicon.ico" type="image/x-icon">
@@ -116,6 +116,10 @@ if (!doNotTrack) {
<a href="/categories/%E7%BE%A4%E6%9A%89">群暉</a>
</li>
<li class="menu-item menu-item-type-taxonomy menu-item-object-category">
<a href="/categories/%E9%9B%9C%E5%BF%B5">雜念</a>
</li>
</ul>
@@ -288,12 +292,208 @@ if (!doNotTrack) {
<a class="featured-image-link" href="https://h.cowbay.org/post/ansible-run-task-depends-on-ipaddr/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-7.jpg"></div></a>
<a class="featured-image-link" href="https://h.cowbay.org/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-8.jpg"></div></a>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">23 July</span>
<span class="date">16 August</span>
<span> / </span>
<span class="author">
<a href="https://github.com/changchichung" title="Posts by Eric Chang" rel="author">Eric Chang</a>
</span>
<span> / </span>
<span class="category">
<a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
</span>
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/ "> [筆記] 在gcp 中用wireguard建立VPN時不要用 10.0.0.0/16 網段/Do No Use 10 0 0 0 Private Ipaddr in GCP </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>最近一直在玩 wireguard 先前把各個分公司和總部的VPN 改用 wireguard 建立</p>
<p>想說再打個VPN tunnel 來當跳板連 ptt 好了</p>
<p>因為wireguard 建立很簡單,而且又可以指定想要繞出去的路由,不會影響原本的網路環境</p>
<p>本來是在vultr 的VPS上面建立這個tunnel</p>
<p>但是那台VPS連去ptt 很頓,卡卡的</p>
<p>所以改用google cloud platform 的free tier 來做</p>
<p>反正只是拿來當跳板,不會有什麼流量、運算產生,可以一直保持免費的狀態</p>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
</div>
<div class="post type-post status-publish format-standard has-post-thumbnail hentry category-design tag-memories tag-normal-post tag-standard-2 excerpt zoom full-without-featured even excerpt">
<a class="featured-image-link" href="https://h.cowbay.org/post/multiple-site-to-site-vpn-using-wireguard/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-10.jpg"></div></a>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">13 August</span>
<span> / </span>
<span class="author">
<a href="https://github.com/changchichung" title="Posts by Eric Chang" rel="author">Eric Chang</a>
</span>
<span> / </span>
<span class="category">
<a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
</span>
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/multiple-site-to-site-vpn-using-wireguard/ "> [筆記] 透過 wireguard 建立多點 site to site VPN / Multiple Site to Site VPN Using Wireguard </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>因為實在受夠了現在用的 openwrt + strongswan 建立 IPSec VPN</p>
<p>雖然說其實沒有什麼不好,但是畢竟不是我建立的,而當初的文件也都不見了</p>
<p>完全沒辦法了解當時設計的邏輯造成後續debug 困難</p>
<p>可以想像一下一台VPN router ping 不到remote、ping不到internet、甚至ping不到自己 是要怎麼debug !?(翻桌</p>
<p>之前買了兩台edgerouter X 拿來玩了一下 wireguard感覺還不錯不過只有測試到點對點</p>
<p>這次試試看躲在gateway後面看看能不能建立多點的VPN環境</p>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/multiple-site-to-site-vpn-using-wireguard/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
</div>
<div class="post type-post status-publish format-standard has-post-thumbnail hentry category-design tag-memories tag-normal-post tag-standard-2 excerpt zoom full-without-featured odd excerpt">
<a class="featured-image-link" href="https://h.cowbay.org/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-5.jpg"></div></a>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">06 August</span>
<span> / </span>
<span class="author">
<a href="https://github.com/changchichung" title="Posts by Eric Chang" rel="author">Eric Chang</a>
</span>
<span> / </span>
<span class="category">
<a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
</span>
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/ "> [筆記] 在edgerouter上用wireguard 建立site to site VPN / Site to Site Vpn Using Wireguard in Two Edgerouters </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>之前總部和分公司之間 是用buffalo 的小AP 灌 openwrt</p>
<p>然後用strongswan 來打 IPSEC site to site VPN</p>
<p>config 看起來不是很難 (只是看起來)</p>
<p>但是實際上已經找不到當初的文件</p>
<p>所以要維護很困難(光那些RSA KEY 就不知道為何、如何產生)</p>
<p>後來採購了兩台edgerouter X 做測試</p>
<p>也用openvpn 成功的建立了 site to site VPN</p>
<p>本來想說 openvpn 已經夠簡單了</p>
<p>今天看到文章說用wireguard 可以更簡單</p>
<p>於是研究了一下,發現還真的很簡單!</p>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
</div>
<div class="post type-post status-publish format-standard has-post-thumbnail hentry category-design tag-memories tag-normal-post tag-standard-2 excerpt zoom full-without-featured even excerpt">
<a class="featured-image-link" href="https://h.cowbay.org/post/another-way-to-keep-ansible-log/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-10.jpg"></div></a>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">05 August</span>
@@ -315,76 +515,25 @@ if (!doNotTrack) {
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/ansible-run-task-depends-on-ipaddr/ "> [ansible] 用 ip 位置判斷是否要執行task /ansible run task depends on ipaddr </a>
<a href="https://h.cowbay.org/post/another-way-to-keep-ansible-log/ "> [筆記] 為了保存log 用script 指令執行ansible / Another Way to Keep Ansible Log using script command </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>因為工作上的需要要修改client端的 /etc/environment 檔案</p>
<p>之前為了能夠在執行完 ansible playbook 後能有個log 可以看</p>
<p>在有權限使用proxy 服務的user的環境中加入proxy 的設定</p>
<p>所以在每次執行的時候,都要加入 tee 的指令</p>
<p>原本的清單中有host/user/ip 這幾個值可以拿來判斷</p>
<p>像是</p>
<p>proxy server 那邊是採用ip 來控制,所以這邊也跟著用 ip 來判斷要不要修改 /etc/environment</p>
<pre><code>ANSIBLE_CONFIG=/home/D/ansiblecontrol/ansible.cfg /usr/local/bin/ansible-playbook /home/D/ansiblecontrol/playbook.user_client.yml --vault-password-file=/home/D/ansiblecontrol/vault.passwd -i /home/D/ansiblecontrol/inventory/production -f1 --limit tyuserclients |tee /tmp/tyuserclients.log
</code></pre>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/ansible-run-task-depends-on-ipaddr/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
</div>
<div class="post type-post status-publish format-standard has-post-thumbnail hentry category-design tag-memories tag-normal-post tag-standard-2 excerpt zoom full-without-featured even excerpt">
<p>一直都是放在crontab 裡面執行,也就沒有去管他</p>
<a class="featured-image-link" href="https://h.cowbay.org/post/ansible-selectattr-from-list-in-dictionary/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-7.jpg"></div></a>
<p>反正也沒有人關心結果怎樣 (攤手</p>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">01 July</span>
<span> / </span>
<span class="author">
<a href="https://github.com/changchichung" title="Posts by Eric Chang" rel="author">Eric Chang</a>
</span>
<span> / </span>
<span class="category">
<a href="/categories/ansible">Ansible</a>
</span>
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/ansible-selectattr-from-list-in-dictionary/ "> [ansible] 引用事先定義好的yaml檔裡面的變數 - Ansible Selectattr From List in Dictionary file </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>在ansible中關於如何引用自定義的變數一直讓我很頭疼</p>
<p>尤其是有牽涉到從外部導入yaml檔案時更是常常讓我不知道到底該怎麼抓出想要的變數</p>
<p>這次還是用selectattr 來處理,希望下次能夠記得&hellip;</p>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/ansible-selectattr-from-list-in-dictionary/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/another-way-to-keep-ansible-log/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
@@ -402,12 +551,12 @@ if (!doNotTrack) {
<a class="featured-image-link" href="https://h.cowbay.org/post/remote-management-system-meshcentral/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-5.jpg"></div></a>
<a class="featured-image-link" href="https://h.cowbay.org/post/send-mail-to-notify-after-pxe-install/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-11.jpg"></div></a>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">20 June</span>
<span class="date">31 July</span>
@@ -429,138 +578,28 @@ if (!doNotTrack) {
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/remote-management-system-meshcentral/ "> linux底下遠端遙控&amp;管理的好用系統 Meshcentral / Remote Management &amp; control system Meshcentral </a>
<a href="https://h.cowbay.org/post/send-mail-to-notify-after-pxe-install/ "> [筆記] 用pxe 安裝系統,完成後送出郵件通知 / send mail notification after pxe install </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>之前在LAN/windows環境下一直都是用ultravnc/winvnc/tigervnc之類的VNC軟體</p>
<p>最近有個任務需要大量安裝client</p>
<p>但是如果要過 internet 就會碰到各種開port的問題</p>
<p>想用PXE來處理只要user開機按F12(acer 桌機) 選擇PXE Boot</p>
<p>在這種環境下,就有了當時 teamviewer 的橫空出世</p>
<p>然後選擇OS版本就可以自動進行安裝</p>
<p>解決了開PORT的問題讓被控端(通常是資訊技術相對弱勢,需要接受幫助的一方)不需要懂太多</p>
<p>安裝完成後會自動重新開機接著就用ansible來做user環境設定</p>
<p>只要下載teamviewer被控端開啟後報ID 給協助者就好了</p>
<p>PXE的部份本來是沒有什麼問題自動安裝系統的部份都做好了</p>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/remote-management-system-meshcentral/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
</div>
<div class="post type-post status-publish format-standard has-post-thumbnail hentry category-design tag-memories tag-normal-post tag-standard-2 excerpt zoom full-without-featured even excerpt">
<p>可是因為這次的量比較多想說讓每一台在完成PXE安裝後的第一次重開機</p>
<a class="featured-image-link" href="https://h.cowbay.org/post/install-asus-10g-nic-in-proxmox/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-13.jpg"></div></a>
<p>就送出一封郵件來通知我說已經完成安裝可以執行ansible 了</p>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">17 June</span>
<p>看似很簡單的一件事情,卻搞了我兩天&hellip;.</p>
<span> / </span>
<span class="author">
<a href="https://github.com/changchichung" title="Posts by Eric Chang" rel="author">Eric Chang</a>
</span>
<span> / </span>
<span class="category">
<a href="/categories/proxmox">Proxmox</a>
</span>
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/install-asus-10g-nic-in-proxmox/ "> Install Asus 10G NIC XG-C100C in Proxmox </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>前幾天接的一個case</p>
<p>因為費用的關係,所以沒有考慮用傳統定義上的伺服器(DELL R640)</p>
<p>改採用比較高階一點的洋垃圾,規格大概是 Intel E5-2680V2 x2 + 64G RAM + 128G SSD x2 (OS) + 960G SSD x4 (raid 10 , zfs)</p>
<p>storage 選擇QNAP NAS TS-932X + 960G SSD x 4 (raid 10 , NFS) + QNAP 10G Switch QSW-1280C-8C</p>
<p>既然storage這邊選用了10G的機種伺服器上當然也要增加10G網卡</p>
<p>一樣成本考量就不用INTEL 了,買了這張 ASUS 10G 網卡</p>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/install-asus-10g-nic-in-proxmox/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
</div>
<div class="post type-post status-publish format-standard has-post-thumbnail hentry category-design tag-memories tag-normal-post tag-standard-2 excerpt zoom full-without-featured odd excerpt">
<a class="featured-image-link" href="https://h.cowbay.org/post/change-timezone-in-docker/"><div class='featured-image lazy lazy-bg-image' data-background="https://h.cowbay.org/images/post-default-3.jpg"></div></a>
<div class="excerpt-container">
<div class="excerpt-meta">
<span class="date">21 May</span>
<span> / </span>
<span class="author">
<a href="https://github.com/changchichung" title="Posts by Eric Chang" rel="author">Eric Chang</a>
</span>
<span> / </span>
<span class="category">
<a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
</span>
</div>
<div class='excerpt-header'>
<h2 class='excerpt-title'>
<a href="https://h.cowbay.org/post/change-timezone-in-docker/ "> [筆記] 修改 docker 容器內的時區 - Change Timezone in Docker </a>
</h2>
</div>
<div class='excerpt-content'>
<article>
<p>最近一直在玩一些docker不過老是會碰到歪果扔寫的東西時區都不一致</p>
<p>有的用 UTC有的用localtime就是沒碰到用 Asia/Taipei 的&hellip;.</p>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/change-timezone-in-docker/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
<div class="more-link-wrapper"><a class="more-link" href="https://h.cowbay.org/post/send-mail-to-notify-after-pxe-install/">Read the post<span class="screen-reader-text">This is a Standard Post</span></a></div>
</article>
</div>
</div>
@@ -681,7 +720,16 @@ if (!doNotTrack) {
<a class="page-numbers" href="/page/10/">10</a>
<a class="page-numbers" href="/page/11/">11</a>
@@ -825,7 +873,7 @@ if (!doNotTrack) {
</div>
<script src="https://h.cowbay.org/js/jquery.min.js"></script>
<script src="https://h.cowbay.org/js/jquerymigrate.js"></script>
<script src="https://h.cowbay.org/js/production.min.js?v=1577410044"></script>
<script src="https://h.cowbay.org/js/production.min.js?v=1581582274"></script>
</body>
</html>