1. Nomad spread scheduler

    I'm maintaining a nomad cluster already a few years now at home, based on some thin clients and a few raspberry pi's.

    The workload is growing from uses cases of the plane-spotting services towards a pi-hole setup, vaultwarden, homeassistant and many more use cases.

    One of the issues I encountered was based on the default scheduling algorithm. Raspberry pi's are not known as the most efficient solution to run a huge workload. Default nomad will schedule new containers on one compute node until the resource limits of that node are consumed and only then will start consuming another node. This …


  2. Traefik SSL grading

    Recently I discovered that many of the services I deployed upon my nomad cluster didn't had the SSL A grading I expected them to have. Somehow I asumed the traefik letsencrypt implementation got the A rating by default.

    After running the testssl.sh container it turns out they don't;

    $ docker run --rm -ti drwetter/testssl.sh domain.org
     Rating specs (not complete)  SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
     Specification documentation  https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
     Protocol Support (weighted)  95 (28)
     Key Exchange     (weighted)  100 (30)
     Cipher Strength  (weighted)  90 (36)
     Final Score …

  3. Traefik nomad route53 setup

    I have this nomad cluster running on some spare devices for a while now. Serving my plane spotting setup, dns setup, mqtt bridge and some other services I experiment with throughout the years. Until today I've always relied on the ip addresses to point my browser and other services towards the different services. For my DNS setup I even had to pin the jobs towards specific hardware using meta data.

    But I've always wanted to implement a proxy in between so I could rely on DNS names instead. This would also increase the flexibility of my DNS setup since for …


  4. Plane spotting on a nomad cluster

    Some weeks ago I upgraded my plane spotting setup by moving my antenna to the roof. It was worth every single effort I've made into it. My stats are rocking ever since. Until the corona crisis halted almost every airline to standstill..

    It gave me some time to thinker about my setup, and for some weird coincidence Mike did create a series of docker containers like I was thinking about to implement. I have one pi connected to the USB device which captures the ADB radio signals.

    But in the current situation it also feeds the flightaware service since I …


  5. Httpd semaphores

    Recently we encountered some strange issues with httpd on some of our CentOS 7 machines during my current project.

    Through our pipeline we restart httpd several times which sometimes leads to this error:

    Apache: [error] (28)No space left on device
    

    After some research we found out the semaphores were all being used blocking httpd daemon to restart.

    The list of semaphores can be fetched by issuing

    # ipcs -st
    
    ------ Semaphore Operation/Change Times --------
    semid    owner      last-op                    last-changed
    753664   apache      Not set                    Mon Feb 17 20:20:47 2020
    786433   apache      Not set                    Mon Feb 17 20:20:47 2020
    720898 …

  6. Piaware on a nomad cluster

    A couple of years ago I stumbled on the flightaware website and figured out you could capture radio signals from an airplane using a DVB-T dongle which can be bought for about EUR 15.

    As this really triggered me to start monitoring planes above our head I bought myself such a device, hooked it up to a raspberry pi zero, installed the piaware software and started grabbing the messages and pushing the compiled positions through flightaware.

    Through time I managed to upgrade my home lab towards a nomad cluster. So I migrated my piaware setup to a nomad node and …


  7. Nomad ARM cluster

    as I already mentioned a few times before I have some hands on experiences with nomad. A couple of weeks ago I wrote about a local development setup based on nomad.

    Since quite some time I do have a thinclient which is running some docker containers through a docker-compose file I use for personal stuff at home. But this thinclient is suffering from all the containers I'm trying to spin up. While over thinking this issue I did realize I have quite some raspberry pi's laying around and figured I could maybe set up a cluster for those containers.

    Since …


  8. ArchLinux on intel compute stick

    A few months ago we moved into a brand new office which was furnished with a dozen of samsung displays. Unfortunately the basic player included in those displays isn't capable to add a webpage/url as content. Since we've setted up a smashing instance to create dashboards for each team this was a huge bummer.

    While looking for a stable solution many teams brought their own raspberry pi's, chromecasts, airtame devices to at least be able to show something on the displays in the meanwhile.

    Since we already had good experiences with an intel compute stick and an intel NUC …


  9. Nomad local development

    Been using nomad for a few years now at the customer I got the question couple of weeks ago from some colleagues if nomad could be used to replace docker-compose.

    The reason behind the question is mainly to not vendor lock yourself for local development with the whole docker eco system.

    Since I like a certain level of challenge and I do believe it's a valid use case I gave it a try.

    This resulted in a nomad-local-development repository. The 2 major hurdles to take where to use one file like docker-compose.yml and dns resolving between the containers.

    The …


  10. BIOS upgrade lenovo archlinux

    I got some issues with my wired connection lately that the speed wasn't negotiated correctly and it felt back to 10Mb/s as default.

    Did some troubleshooting by eliminating various network devices, restarting them but the results didn't satisfy. Being completely random when and when not auto negotiated.

    Before becoming insane I decided to update the bios of my machine (being a lenovo T460s).

    I did this already in the past and talked about it even on one of our monthly last Friday's at work. So I was quite sure I had something written about it for future reference but …


Page 1 / 8