Great! I’ll review and streamline the suggestions to ensure they are **useful**, **actionable**, and **necessary**, focusing on practical learning while setting up your system. Here’s a clean, highly focused version to guide your journey into learning the Linux CLI, bash, and shell scripting as you set up Rocky Linux for K3s and Python-based workloads: --- ### **1. Update and Secure the System** Start by ensuring your system is updated and secure. This is essential to establish a solid foundation. #### **System Updates** ```bash sudo dnf update -y && sudo dnf upgrade -y sudo reboot ``` - **Purpose**: Keep the system updated with the latest security patches and improvements. #### **SELinux Configuration** ```bash sestatus # Check SELinux status ``` - **If not in enforcing mode**, edit the config: ```bash sudo nano /etc/selinux/config ``` - Set `SELINUX=enforcing`, save, and reboot. - **Purpose**: Enforce security at the kernel level by keeping SELinux enabled. --- ### **2. Install Essential System Tools** Install basic tools for system management and development. #### **Install Development Tools and Utilities** ```bash sudo dnf groupinstall "Development Tools" -y sudo dnf install wget curl vim nano net-tools git unzip -y ``` - **Purpose**: Install necessary utilities and compilers to manage and build software. #### **Firewall Configuration** ```bash sudo firewall-cmd --permanent --add-port=6443/tcp # K3s API server port sudo firewall-cmd --permanent --add-port=10250/tcp # Kubelet port sudo firewall-cmd --reload ``` - **Purpose**: Allow required ports for K3s operations and secure the system by controlling network access. --- ### **3. Install Python and Set Up a Virtual Environment** #### **Install Python 3 and Development Tools** ```bash sudo dnf install python3 python3-pip python3-devel -y python3 --version pip3 --version ``` - **Purpose**: Install Python 3 and ensure it's set up for development. #### **Set Up a Python Virtual Environment** ```bash python3 -m venv ~/myenv source ~/myenv/bin/activate ``` - **Purpose**: Create and activate a virtual environment to manage Python packages independently. --- ### **4. Install and Configure K3s** #### **Install K3s** ```bash curl -sfL https://get.k3s.io | sh - sudo systemctl status k3s # Check K3s status ``` - **Purpose**: Install K3s and ensure the service is running. #### **Configure K3s CLI** ```bash sudo ln -s /usr/local/bin/kubectl /usr/bin/kubectl kubectl get nodes # Verify the node is running ``` - **Purpose**: Set up kubectl to interact with your K3s cluster. --- ### **5. Learn Bash Scripting through Automation** Now that the basics are in place, you can learn shell scripting by automating common tasks. This reinforces your CLI skills while building useful scripts. #### **Automate System Updates** Create a script to automate updates and log the process. - **Script**: `update-system.sh` ```bash #!/bin/bash LOGFILE=~/update-log.txt echo "Updating system..." | tee -a $LOGFILE sudo dnf update -y | tee -a $LOGFILE sudo dnf upgrade -y | tee -a $LOGFILE echo "System updated on $(date)" | tee -a $LOGFILE ``` - **Purpose**: Automate the update process and learn about logging and automation. #### **Automate Python Environment Setup** - **Script**: `setup-python-env.sh` ```bash #!/bin/bash ENV_NAME=$1 if [ -z "$ENV_NAME" ]; then echo "Usage: $0 " exit 1 fi echo "Creating Python virtual environment '$ENV_NAME'..." python3 -m venv ~/$ENV_NAME echo "Activating virtual environment..." source ~/$ENV_NAME/bin/activate echo "Virtual environment '$ENV_NAME' created and activated." ``` - **Purpose**: Create a flexible script to automate Python environment setup, using arguments and learning bash conditionals. #### **Automate K3s Installation and Configuration** - **Script**: `install-k3s.sh` ```bash #!/bin/bash echo "Installing K3s..." curl -sfL https://get.k3s.io | sh - if systemctl status k3s | grep "active (running)" > /dev/null; then echo "K3s is installed and running!" else echo "K3s installation failed." fi echo "Configuring firewall..." sudo firewall-cmd --permanent --add-port=6443/tcp sudo firewall-cmd --permanent --add-port=10250/tcp sudo firewall-cmd --reload echo "K3s and firewall configured successfully." ``` - **Purpose**: Automate the installation and configuration of K3s while practicing bash scripting with conditionals. --- ### **6. Monitor the System** Create a script to monitor your system’s health. This teaches system commands and formatting output. - **Script**: `monitor-resources.sh` ```bash #!/bin/bash echo "System Resource Usage" echo "---------------------" echo "Disk Usage:" df -h echo "Memory Usage:" free -m echo "CPU Load:" uptime ``` - **Purpose**: Gather and display system metrics to monitor performance. --- ### **7. Learn Automation through Cron Jobs** Use cron to automate tasks like system backups or updates. #### **Example**: Schedule a Daily Backup of K3s Data - **Script**: `backup-k3s.sh` ```bash #!/bin/bash BACKUP_DIR="/var/lib/rancher/k3s/server/db/backups" BACKUP_FILE="k3s-backup-$(date +%Y-%m-%d-%H-%M-%S).db" echo "Backing up K3s data..." sudo cp $BACKUP_DIR/snapshot.db /backups/$BACKUP_FILE echo "Backup completed: /backups/$BACKUP_FILE" ``` - **Automate with Cron**: ```bash crontab -e ``` - Add the following line for daily backups at 2 am: ```bash 0 2 * * * /path/to/backup-k3s.sh ``` - **Purpose**: Learn how to schedule recurring tasks with cron and automate backups. --- ### **8. Secure the K3s Environment** Focus on basic security configurations and policies as you learn. #### **Create a Pod Security Policy** Write a basic Pod Security Policy (PSP) for K3s to enforce non-root container execution. - **Example YAML**: ```yaml apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: restricted-psp spec: privileged: false runAsUser: rule: MustRunAsNonRoot ``` - **Purpose**: Practice creating Kubernetes manifests and learn how to secure your environment. --- ### **Final Thoughts and Next Steps** This clean, focused approach not only sets up your Rocky Linux system for K3s and Python-based workloads but also helps you gain **hands-on experience** with the Linux CLI, bash scripting, and automation through real-world tasks. **What’s next?** - Continuously refine your scripts and make them more robust. - As you gain comfort, start incorporating more advanced Linux features (e.g., process management, networking). - Work towards automating the entire K3s environment, including monitoring, logging, and alerting. --- You're absolutely right! Let’s include a few actionable examples to introduce more **advanced Linux features**, such as process management and networking, while keeping the learning process gradual and practical. --- ### **1. Process Management: Monitor and Control Running Processes** Understanding how to manage processes is fundamental in Linux. Let’s create a couple of bash scripts that help you monitor and control processes on your system. #### **Example: Monitor Active Processes** - **Script**: `monitor-processes.sh` ```bash #!/bin/bash echo "Monitoring System Processes" echo "---------------------------" echo "Top 10 CPU-consuming processes:" ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head -n 10 echo echo "Top 10 Memory-consuming processes:" ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head -n 10 ``` - **Learning Outcomes**: - Use `ps` to view processes and understand the options for filtering and sorting by CPU or memory usage. - Practice managing processes by identifying high-resource users. #### **Example: Kill a Process by Name** - **Script**: `kill-process.sh` ```bash #!/bin/bash if [ -z "$1" ]; then echo "Usage: $0 " exit 1 fi PROCESS_NAME=$1 echo "Attempting to kill process: $PROCESS_NAME" pkill $PROCESS_NAME && echo "Process '$PROCESS_NAME' terminated." ``` - **Learning Outcomes**: - Use `pkill` to terminate a process by name. - Understand how to handle input arguments in bash scripts. --- ### **2. Advanced Networking: Network Configuration and Monitoring** Networking is key for edge compute workloads. Let’s dive into monitoring your network connections and controlling traffic with basic networking scripts. #### **Example: Monitor Network Usage** - **Script**: `monitor-network.sh` ```bash #!/bin/bash echo "Network Usage Report" echo "--------------------" echo "Current network interfaces:" ip link show echo "Network traffic summary:" ifconfig | grep -A 8 "eth0" echo echo "Routing table:" netstat -rn ``` - **Learning Outcomes**: - Learn to use `ifconfig` and `ip` for network interface status. - Display routing information using `netstat`. #### **Example: Block/Unblock IP Address Using Iptables** - **Script**: `block-ip.sh` ```bash #!/bin/bash if [ -z "$1" ]; then echo "Usage: $0 " exit 1 fi IP_ADDRESS=$1 echo "Blocking IP: $IP_ADDRESS" sudo iptables -A INPUT -s $IP_ADDRESS -j DROP echo "IP address $IP_ADDRESS has been blocked." ``` - **Unblock Script**: `unblock-ip.sh` ```bash #!/bin/bash if [ -z "$1" ]; then echo "Usage: $0 " exit 1 fi IP_ADDRESS=$1 echo "Unblocking IP: $IP_ADDRESS" sudo iptables -D INPUT -s $IP_ADDRESS -j DROP echo "IP address $IP_ADDRESS has been unblocked." ``` - **Learning Outcomes**: - Use `iptables` to block and unblock network traffic from specific IP addresses. - Learn basic network security by controlling traffic at the firewall level. --- ### **3. Automate Network Health Checks** Automate network status checks by writing a script to ping external servers and display results. This is useful to test the connectivity from your edge devices. #### **Example: Ping Multiple Servers** - **Script**: `network-health.sh` ```bash #!/bin/bash SERVERS=("8.8.8.8" "1.1.1.1" "google.com" "example.com") echo "Pinging Servers..." for SERVER in "${SERVERS[@]}"; do echo "Pinging $SERVER:" ping -c 4 $SERVER echo "------------------------------------" done ``` - **Learning Outcomes**: - Use arrays in bash to handle multiple items (servers). - Learn about network connectivity testing using `ping`. --- ### **4. Advanced Disk Usage and Resource Monitoring** As edge workloads may have limited resources, disk usage monitoring becomes crucial. Let’s script resource checks for disk space, memory, and CPU usage. #### **Example: Monitor Disk Space and Report Critical Usage** - **Script**: `disk-usage-report.sh` ```bash #!/bin/bash THRESHOLD=80 echo "Checking Disk Usage..." df -h | awk 'NR>1 {print $5 " " $1}' | while read output; do usep=$(echo $output | awk '{print $1}' | sed 's/%//') partition=$(echo $output | awk '{print $2}') if [ $usep -ge $THRESHOLD ]; then echo "CRITICAL: $partition is $usep% full." fi done ``` - **Learning Outcomes**: - Use `df` to check disk usage. - Apply basic conditional logic to report when usage crosses a defined threshold (80%). --- ### **5. Advanced Automation with Cron Jobs** After you’re comfortable with your scripts, you can automate more advanced monitoring and reporting using cron. #### **Example: Automate Disk Monitoring** - **Automate Disk Usage Check**: ```bash crontab -e ``` - Add this cron job to run the disk usage check script every day at 6 am: ```bash 0 6 * * * /path/to/disk-usage-report.sh ``` - **Learning Outcomes**: - Learn how to use cron for recurring tasks. - Automate your monitoring and alerts, reducing manual checks. --- ### **Conclusion** This approach adds **actionable examples** to help you dive deeper into advanced Linux features such as process management, networking, and resource monitoring, all while integrating them into your current workflow. These tweaks provide you with hands-on practice in managing and automating system processes, monitoring network activity, and ensuring system health—all key skills for managing K3s and edge compute workloads effectively. --- # Learning Roadmap for K3s, Edge Computing, and Advanced Networking ## Networking Basics - **TCP/IP** - Understanding IP addressing - Subnetting and Routing - **DNS** - DNS Resolution Process - Configuring DNS Servers - **HTTP/S** - HTTP Request/Response Cycle - SSL/TLS and Secure Communication - **Network Protocols and Architecture** - OSI and TCP/IP Models - Common Network Protocols (DHCP, SSH, FTP) ## Kubernetes Core Concepts - **Kubernetes Architecture** - Master and Node Components - Control Plane and Worker Nodes - **Pods, Deployments, Services** - Lifecycle of a Pod - Creating and Managing Deployments - Service Types and Load Balancing - **Persistent Storage and Networking** - Volumes and Persistent Volumes - Storage Classes and Dynamic Provisioning - Kubernetes Networking Model ## K3s Specific Learning - **Installation and Configuration** - Setting Up a K3s Cluster - Configuring K3s on Different Environments - **Cluster Management** - Node Management - Backup and Restore Strategies - **Resource Optimization** - Resource Limits and Requests - Autoscaling in K3s ## Edge Computing and IoT with K3s - **K3s in Edge Scenarios** - Deployment Strategies for Edge Computing - Managing Low-Resource Environments - **Integrating IoT Devices with Kubernetes** - Connecting IoT Devices to K3s - Security Considerations in IoT and Kubernetes ## Advanced Kubernetes Networking - **Deep Dive into CNI (Container Network Interface)** - Understanding CNI Plugins - Custom Network Solutions in Kubernetes - **Network Policies** - Implementing Network Policies - Securing Pod-to-Pod Communication - **Service Meshes (Istio, Linkerd)** - Introduction to Istio and Linkerd - Traffic Management and Observability ## Hands-On and Practical Implementation - **Setting up K3s Clusters** - Creating High-Availability Clusters - Disaster Recovery and Failover - **Real-World Projects and Scenarios** - Implementing a CI/CD Pipeline with K3s - Deploying a Multi-Service Application