medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f6a01e6cf784899cb87593eca74d7993c448019c
the_information_nexus/tech_docs/edge-compute-k3s.md

14 KiB
Raw Blame History

Great! Ill review and streamline the suggestions to ensure they are useful, actionable, and necessary, focusing on practical learning while setting up your system. Heres a clean, highly focused version to guide your journey into learning the Linux CLI, bash, and shell scripting as you set up Rocky Linux for K3s and Python-based workloads:

1. Update and Secure the System

Start by ensuring your system is updated and secure. This is essential to establish a solid foundation.

System Updates

sudo dnf update -y && sudo dnf upgrade -y
sudo reboot
  • Purpose: Keep the system updated with the latest security patches and improvements.

SELinux Configuration

sestatus  # Check SELinux status
  • If not in enforcing mode, edit the config:
sudo nano /etc/selinux/config
  • Set SELINUX=enforcing, save, and reboot.
  • Purpose: Enforce security at the kernel level by keeping SELinux enabled.

2. Install Essential System Tools

Install basic tools for system management and development.

Install Development Tools and Utilities

sudo dnf groupinstall "Development Tools" -y
sudo dnf install wget curl vim nano net-tools git unzip -y
  • Purpose: Install necessary utilities and compilers to manage and build software.

Firewall Configuration

sudo firewall-cmd --permanent --add-port=6443/tcp  # K3s API server port
sudo firewall-cmd --permanent --add-port=10250/tcp # Kubelet port
sudo firewall-cmd --reload
  • Purpose: Allow required ports for K3s operations and secure the system by controlling network access.

3. Install Python and Set Up a Virtual Environment

Install Python 3 and Development Tools

sudo dnf install python3 python3-pip python3-devel -y
python3 --version
pip3 --version
  • Purpose: Install Python 3 and ensure it's set up for development.

Set Up a Python Virtual Environment

python3 -m venv ~/myenv
source ~/myenv/bin/activate
  • Purpose: Create and activate a virtual environment to manage Python packages independently.

4. Install and Configure K3s

Install K3s

curl -sfL https://get.k3s.io | sh -
sudo systemctl status k3s  # Check K3s status
  • Purpose: Install K3s and ensure the service is running.

Configure K3s CLI

sudo ln -s /usr/local/bin/kubectl /usr/bin/kubectl
kubectl get nodes  # Verify the node is running
  • Purpose: Set up kubectl to interact with your K3s cluster.

5. Learn Bash Scripting through Automation

Now that the basics are in place, you can learn shell scripting by automating common tasks. This reinforces your CLI skills while building useful scripts.

Automate System Updates

Create a script to automate updates and log the process.

  • Script: update-system.sh
#!/bin/bash
LOGFILE=~/update-log.txt
echo "Updating system..." | tee -a $LOGFILE
sudo dnf update -y | tee -a $LOGFILE
sudo dnf upgrade -y | tee -a $LOGFILE
echo "System updated on $(date)" | tee -a $LOGFILE
  • Purpose: Automate the update process and learn about logging and automation.

Automate Python Environment Setup

  • Script: setup-python-env.sh
#!/bin/bash
ENV_NAME=$1

if [ -z "$ENV_NAME" ]; then
    echo "Usage: $0 <env_name>"
    exit 1
fi

echo "Creating Python virtual environment '$ENV_NAME'..."
python3 -m venv ~/$ENV_NAME

echo "Activating virtual environment..."
source ~/$ENV_NAME/bin/activate

echo "Virtual environment '$ENV_NAME' created and activated."
  • Purpose: Create a flexible script to automate Python environment setup, using arguments and learning bash conditionals.

Automate K3s Installation and Configuration

  • Script: install-k3s.sh
#!/bin/bash

echo "Installing K3s..."
curl -sfL https://get.k3s.io | sh -

if systemctl status k3s | grep "active (running)" > /dev/null; then
    echo "K3s is installed and running!"
else
    echo "K3s installation failed."
fi

echo "Configuring firewall..."
sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --permanent --add-port=10250/tcp
sudo firewall-cmd --reload

echo "K3s and firewall configured successfully."
  • Purpose: Automate the installation and configuration of K3s while practicing bash scripting with conditionals.

6. Monitor the System

Create a script to monitor your systems health. This teaches system commands and formatting output.

  • Script: monitor-resources.sh
#!/bin/bash
echo "System Resource Usage"
echo "---------------------"
echo "Disk Usage:"
df -h
echo "Memory Usage:"
free -m
echo "CPU Load:"
uptime
  • Purpose: Gather and display system metrics to monitor performance.

7. Learn Automation through Cron Jobs

Use cron to automate tasks like system backups or updates.

Example: Schedule a Daily Backup of K3s Data

  • Script: backup-k3s.sh
#!/bin/bash
BACKUP_DIR="/var/lib/rancher/k3s/server/db/backups"
BACKUP_FILE="k3s-backup-$(date +%Y-%m-%d-%H-%M-%S).db"

echo "Backing up K3s data..."
sudo cp $BACKUP_DIR/snapshot.db /backups/$BACKUP_FILE
echo "Backup completed: /backups/$BACKUP_FILE"
  • Automate with Cron:
crontab -e
  • Add the following line for daily backups at 2 am:
0 2 * * * /path/to/backup-k3s.sh
  • Purpose: Learn how to schedule recurring tasks with cron and automate backups.

8. Secure the K3s Environment

Focus on basic security configurations and policies as you learn.

Create a Pod Security Policy

Write a basic Pod Security Policy (PSP) for K3s to enforce non-root container execution.

  • Example YAML:
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: restricted-psp
spec:
  privileged: false
  runAsUser:
    rule: MustRunAsNonRoot
  • Purpose: Practice creating Kubernetes manifests and learn how to secure your environment.

Final Thoughts and Next Steps

This clean, focused approach not only sets up your Rocky Linux system for K3s and Python-based workloads but also helps you gain hands-on experience with the Linux CLI, bash scripting, and automation through real-world tasks.

Whats next?

  • Continuously refine your scripts and make them more robust.
  • As you gain comfort, start incorporating more advanced Linux features (e.g., process management, networking).
  • Work towards automating the entire K3s environment, including monitoring, logging, and alerting.

You're absolutely right! Lets include a few actionable examples to introduce more advanced Linux features, such as process management and networking, while keeping the learning process gradual and practical.

1. Process Management: Monitor and Control Running Processes

Understanding how to manage processes is fundamental in Linux. Lets create a couple of bash scripts that help you monitor and control processes on your system.

Example: Monitor Active Processes

  • Script: monitor-processes.sh 
    #!/bin/bash
echo "Monitoring System Processes"
echo "---------------------------"

echo "Top 10 CPU-consuming processes:"
ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head -n 10

echo
echo "Top 10 Memory-consuming processes:"
ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head -n 10
    • Learning Outcomes:
      • Use ps to view processes and understand the options for filtering and sorting by CPU or memory usage.
      • Practice managing processes by identifying high-resource users.

Example: Kill a Process by Name

  • Script: kill-process.sh 
    #!/bin/bash

if [ -z "$1" ]; then
    echo "Usage: $0 <process_name>"
    exit 1
fi

PROCESS_NAME=$1
echo "Attempting to kill process: $PROCESS_NAME"

pkill $PROCESS_NAME && echo "Process '$PROCESS_NAME' terminated."
    • Learning Outcomes:
      • Use pkill to terminate a process by name.
      • Understand how to handle input arguments in bash scripts.

2. Advanced Networking: Network Configuration and Monitoring

Networking is key for edge compute workloads. Lets dive into monitoring your network connections and controlling traffic with basic networking scripts.

Example: Monitor Network Usage

  • Script: monitor-network.sh 
    #!/bin/bash
echo "Network Usage Report"
echo "--------------------"

echo "Current network interfaces:"
ip link show

echo "Network traffic summary:"
ifconfig | grep -A 8 "eth0"

echo
echo "Routing table:"
netstat -rn
    • Learning Outcomes:
      • Learn to use ifconfig and ip for network interface status.
      • Display routing information using netstat.

Example: Block/Unblock IP Address Using Iptables

  • Script: block-ip.sh

    #!/bin/bash

if [ -z "$1" ]; then
    echo "Usage: $0 <ip_address>"
    exit 1
fi

IP_ADDRESS=$1
echo "Blocking IP: $IP_ADDRESS"

sudo iptables -A INPUT -s $IP_ADDRESS -j DROP
echo "IP address $IP_ADDRESS has been blocked."

  • Unblock Script: unblock-ip.sh

    #!/bin/bash

if [ -z "$1" ]; then
    echo "Usage: $0 <ip_address>"
    exit 1
fi

IP_ADDRESS=$1
echo "Unblocking IP: $IP_ADDRESS"

sudo iptables -D INPUT -s $IP_ADDRESS -j DROP
echo "IP address $IP_ADDRESS has been unblocked."
    • Learning Outcomes:
      • Use iptables to block and unblock network traffic from specific IP addresses.
      • Learn basic network security by controlling traffic at the firewall level.

3. Automate Network Health Checks

Automate network status checks by writing a script to ping external servers and display results. This is useful to test the connectivity from your edge devices.

Example: Ping Multiple Servers

  • Script: network-health.sh 
    #!/bin/bash
SERVERS=("8.8.8.8" "1.1.1.1" "google.com" "example.com")

echo "Pinging Servers..."

for SERVER in "${SERVERS[@]}"; do
    echo "Pinging $SERVER:"
    ping -c 4 $SERVER
    echo "------------------------------------"
done
    • Learning Outcomes:
      • Use arrays in bash to handle multiple items (servers).
      • Learn about network connectivity testing using ping.

4. Advanced Disk Usage and Resource Monitoring

As edge workloads may have limited resources, disk usage monitoring becomes crucial. Lets script resource checks for disk space, memory, and CPU usage.

Example: Monitor Disk Space and Report Critical Usage

  • Script: disk-usage-report.sh

    #!/bin/bash
THRESHOLD=80

echo "Checking Disk Usage..."
df -h | awk 'NR>1 {print $5 " " $1}' | while read output; do
  usep=$(echo $output | awk '{print $1}' | sed 's/%//')
  partition=$(echo $output | awk '{print $2}')
  if [ $usep -ge $THRESHOLD ]; then
    echo "CRITICAL: $partition is $usep% full."
  fi
done
    • Learning Outcomes:
      • Use df to check disk usage.
      • Apply basic conditional logic to report when usage crosses a defined threshold (80%).

5. Advanced Automation with Cron Jobs

After youre comfortable with your scripts, you can automate more advanced monitoring and reporting using cron.

Example: Automate Disk Monitoring

  • Automate Disk Usage Check:

    crontab -e

  • Add this cron job to run the disk usage check script every day at 6 am:

    0 6 * * * /path/to/disk-usage-report.sh
    • Learning Outcomes:
      • Learn how to use cron for recurring tasks.
      • Automate your monitoring and alerts, reducing manual checks.

Conclusion

This approach adds actionable examples to help you dive deeper into advanced Linux features such as process management, networking, and resource monitoring, all while integrating them into your current workflow. These tweaks provide you with hands-on practice in managing and automating system processes, monitoring network activity, and ensuring system health—all key skills for managing K3s and edge compute workloads effectively.

Learning Roadmap for K3s, Edge Computing, and Advanced Networking

Networking Basics

  • TCP/IP
    • Understanding IP addressing
    • Subnetting and Routing
  • DNS
    • DNS Resolution Process
    • Configuring DNS Servers
  • HTTP/S
    • HTTP Request/Response Cycle
    • SSL/TLS and Secure Communication
  • Network Protocols and Architecture
    • OSI and TCP/IP Models
    • Common Network Protocols (DHCP, SSH, FTP)

Kubernetes Core Concepts

  • Kubernetes Architecture
    • Master and Node Components
    • Control Plane and Worker Nodes
  • Pods, Deployments, Services
    • Lifecycle of a Pod
    • Creating and Managing Deployments
    • Service Types and Load Balancing
  • Persistent Storage and Networking
    • Volumes and Persistent Volumes
    • Storage Classes and Dynamic Provisioning
    • Kubernetes Networking Model

K3s Specific Learning

  • Installation and Configuration
    • Setting Up a K3s Cluster
    • Configuring K3s on Different Environments
  • Cluster Management
    • Node Management
    • Backup and Restore Strategies
  • Resource Optimization
    • Resource Limits and Requests
    • Autoscaling in K3s

Edge Computing and IoT with K3s

  • K3s in Edge Scenarios
    • Deployment Strategies for Edge Computing
    • Managing Low-Resource Environments
  • Integrating IoT Devices with Kubernetes
    • Connecting IoT Devices to K3s
    • Security Considerations in IoT and Kubernetes

Advanced Kubernetes Networking

  • Deep Dive into CNI (Container Network Interface)
    • Understanding CNI Plugins
    • Custom Network Solutions in Kubernetes
  • Network Policies
    • Implementing Network Policies
    • Securing Pod-to-Pod Communication
  • Service Meshes (Istio, Linkerd)
    • Introduction to Istio and Linkerd
    • Traffic Management and Observability

Hands-On and Practical Implementation

  • Setting up K3s Clusters
    • Creating High-Availability Clusters
    • Disaster Recovery and Failover
  • Real-World Projects and Scenarios
    • Implementing a CI/CD Pipeline with K3s
    • Deploying a Multi-Service Application