Perfect Proxmox Template with Cloud Image and Cloud Init

Instructions

Choose your Ubuntu Cloud Image. Here in this example will use ubuntu cloud-init image. Download Ubuntu (replace with the url of the one you chose from above)

wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img

Create a new virtual machine

qm create 8000 --memory 2048 --core 2 --name ubuntu-cloud --net0 virtio,bridge=vmbr0

Import the downloaded Ubuntu disk to local-lvm storage Continue reading “Perfect Proxmox Template with Cloud Image and Cloud Init” »

Share

Install Softether VPN Client on Linux

Download and Install SoftEther VPN Client

Download SoftEther VPN Client software from their official website (https://www.softether.org).

Navigate to Download — > Download SoftEther VPN

Click on Download SoftEther VPN link.

  • Select Component : SoftEther VPN Client
  • Select Platform : Linux
  • Select CPU : Select the appropriate CPU from the Drop down

  • Click on the appropriate downloading link based on the version of the software.
  • Extract the downloaded tar.gz file. Here after I will refer the extracted folder as <vpnclient>
  • Navigate to <vpnclient>folder and open a terminal.
  • Execute make command and accept all license agreements by entering the number relevant to “Yes”. execute make command

After the completion of make command process, start the vpn client using: Continue reading “Install Softether VPN Client on Linux” »

Share

Remove Old Unused Kernels in CentOS

To display the current version of Linux (kernel) running on your system, run this command.

# uname -sr
Linux 3.10.0-327.10.1.el7.x86_64

List All Installed Kernels on System

You can list all kernel images installed on your system like this.

# rpm -q kernel
kernel-3.10.0-229.el7.x86_64
kernel-3.10.0-229.14.1.el7.x86_64
kernel-3.10.0-327.3.1.el7.x86_64
kernel-3.10.0-327.10.1.el7.x86_64

Removing Old/Unused Kernels on CentOS/RHEL

You need to install yum-utils, which is an assortment of utilities that integrate with yum to make it more powerful and easier to use, by extending its original features in several different ways. Continue reading “Remove Old Unused Kernels in CentOS” »

Share

Setup Keepalived for VRRP instead of ucarp

I’ve the following setup:

network-0 – 192.168.2.11 (real)
network-1 – 192.168.2.12 (real)

I want to add “network” as 192.168.2.10 as the floating address.  I’ll need to do the following to both network-0 and network-1

  • Install keepalived
  • Configure keepalived
  • Start keepalived
  • Set keepalived to start at boot.

Continue reading “Setup Keepalived for VRRP instead of ucarp” »

Share

Proxmox GUI webpage stuck on loading

Connection time out!!!! So boring nah?

I can’t figure out where the problem is. It works and then couple of hours later I’d come back and it keeps on loading forever. SSH works fine, can SSH into containers as well. Just the GUI doesn’t work. Tried full upgrade. Checked for network conflicts, doesn’t seem to be any.

Here’s the tidbit solution to this probelm like similar (BTW works on PVE 6/7 version apparent)-

If browser refresh doesn’t work, then please post the output:

apt update
apt full-upgrade
pveversion -v

Then Run

apt install --reinstall pve-manager proxmox-widget-toolkit
systemctl restart pveproxy pvestatd pvedaemon
systemctl daemon-reload
Share

Setup HAProxy Load Balancer for MariaDB Galera Cluster

If you check the above test scenario and try to create DBs on any of the nodes, you would see that the data would automatically sync between the nodes. Which means Availability is achieved. Now to achieve high availability we will use HaProxy as the loadbalancer.

Set up another VM for this and install HAProxy as follows.

sudo apt-get update
sudo apt-get install haproxy

Edit HA Proxy Config as follows.

sudo vim /etc/haproxy/haproxy.cfg

Add the following lines. Continue reading “Setup HAProxy Load Balancer for MariaDB Galera Cluster” »

Share

MariaDB Galera Cluster on Ubuntu 20

MariaDB Galera Cluster is a synchronous multi-master cluster for MariaDB with support for XtraDB/InnoDB storage engines. It has the following top features.

  • It provides active-active multi-master topology
  • You can read and write to any cluster node
  • It has an automatic node joining
  • Automatic membership control, failed nodes drop from the cluster
  • Has true parallel replication, on row level
  • Direct client connections
sudo apt update && sudo apt -y upgrade
sudo reboot

Setup Hostnames

Here’re the IP plans of my servers-

Continue reading “MariaDB Galera Cluster on Ubuntu 20” »

Share

Running pfSense in a XenServer with xenguest

If you deploy pfSense on a XenServer, you may be shocked at the performance loss-specially on interface speed! But wait, there are some tweaks to make this usable.

Installing pfSense

Go ahead and setup pfSense like normal, and when you are done, perform the following tweaks. (the day till it’s tested on pfsense version 2.5.2 and xen on scp-ng 8.1)

XenServer tweaks

Find UUID for the pfSense VM you just installed.

xe vm-list

You should get something like the following

uuid ( RO) : b435d920-eb22-b45d-5058-091619ed427f
name-label ( RW): pfSense
power-state ( RO): running

uuid ( RO) : 42626f69-6185-4aa6-a125-839700f96828
name-label ( RW): Control domain on host: xenserver-000
power-state ( RO): running

We want the UUID of the instance running pfSense, b435d920-eb22-b45d-5058-091619ed427f in this case. Continue reading “Running pfSense in a XenServer with xenguest” »

Share

Build WAF with Reverse Proxy Load Balancer using Nginx

Getting Started

First, it is recommended to update and upgrade all your software packages to the latest version. You can update all of them by running the following command:

apt update -y
apt upgrade -y

Once all the packages are updated, install other required packages with the following command:

apt install g++ flex bison curl apache2-dev doxygen libyajl-dev ssdeep liblua5.2-dev libgeoip-dev libtool dh-autoreconf libcurl4-gnutls-dev libxml2 libpcre++-dev libxml2-dev git liblmdb-dev libpkgconf3 lmdb-doc pkgconf zlib1g-dev libssl-dev -y

Once you are done, you can proceed to the next step.

Install ModSecurity on Ubuntu 22.04

By default, the ModSecurity package is not included in the Ubuntu default repository. So you will need to compile it from the source.

First, download the latest version of ModSecurity with the following command:

wget https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.8/modsecurity-v3.0.8.tar.gz

Once the download is completed, extract the downloaded file with the following command:

tar -xvzf modsecurity-v3.0.8.tar.gz

Next, navigate to the extracted directory and configure it with the following command: Continue reading “Build WAF with Reverse Proxy Load Balancer using Nginx” »

Share