Wanna run Kubernetes / Minikube on your Mac ?

Install

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
brew install hyperkit
brew install minikube

Run

minikube start --vm-driver=hyperkit

Stop

minikube stop

sha256: 0caafebc7050ffed2e1239439e4c562d361635df5f40db6f25a54920978bbef7

OpenBSD 6.8 released

OpenBSD has two new releases every year. historically, on 1. Mai and 1. November. With a few small execptions in the past Check Wikipedia

so, then latest OS appeared today: OpenBSD 6.8

Perform a Full Upgrade (incl. X Stuff)

sysupgrade -r

Run the Script (on your own risk !)

doas su -
mkdir /root/bin
ftp -o /root/bin/upgrade_to_68.sh https://blog.stoege.net/scripts/upgrade_to_68.sh
chmod 740 /root/bin/upgrade_to_68.sh
# /root/bin/upgrade_to_68.sh
# *** reboot ***
# /root/bin/upgrade_to_68.sh
# rm /root/bin/upgrade_to_68.sh

or use some custom Script (just Xbase and not other X Stuff)

doas su -
mkdir /root/bin

cat << 'EOF' > /root/bin/upgrade_to_68.sh
#!/bin/sh

prepare () {

  echo "let's upgrade to 6.8 ..."

  rm -f /usr/lib/libperl.a

  rm /usr/X11R6/lib/libxkbui.*
  rm /usr/X11R6/lib/pkgconfig/xkbui.pc
  rm /usr/X11R6/include/X11/extensions/XKBui.h

}

download() {

  local _response=$(sysupgrade -n)

  if [[ $_response == *reboot ]]; then
    echo "\nInstalled! Let's reboot ...\n"
    rm /home/_sysupgrade/{comp,xf,xs}*
  else
    echo "Nothing todo ..."
  fi

}

install() {
  reboot
}

postwork() {

  echo "let's do some postwork after upgrade to 6.8 ..."

  cd /dev
  ./MAKEDEV all

  _boot=$(mount |awk -F'[/ ]' '/ on \/ / {print $3}')
  installboot ${_boot%?}

  sysmerge

  fw_update

  syspatch

  pkg_add -Vu

  pkg_delete -a

  /usr/libexec/locate.updatedb &

}

# Main
local _ver=$(uname -r)

if [ "$_ver" == "6.7" ]; then

  prepare
  download
  install

elif [ "$_ver" == "6.8" ]; then

  postwork

fi

exit 0
EOF

chmod 740 /root/bin/upgrade_to_68.sh
# /root/bin/upgrade_to_68.sh
# *** reboot ***
# /root/bin/upgrade_to_68.sh
# rm /root/bin/upgrade_to_68.sh

Checks

you should do a few checks afterwards:

Some Notes Based on this Video: https://www.youtube.com/watch?v=bhBSlnQcq2k

Download Docker

https://docs.docker.com/get-docker/

Download Nginx Image

https://hub.docker.com/_/nginx

docker pull nginx

Run Image

docker run nginx
docker run nginx:latest
docker run -d nginx:latest
docker run -d -p 80 nginx:latest
docker run -d -p 8080:80 nginx:latest
docker run -d -p 3000:80 -p 8080:80 nginx:latest

Access Webserver

mbp:~ stoege$ docker run -d -p 8080:80 nginx:latest
5c7a945caa59f14e35932f3d4470c9b9afc0307dac34e01947d41adbcdfda091

mbp:~ stoege$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                  NAMES
5c7a945caa59        nginx:latest        "/docker-entrypoint.…"   About a minute ago   Up About a minute   0.0.0.0:8080->80/tcp   laughing_cartwright

open Brower http://localhost:8080 -> Welcome Page

how to operate nginx as reverse proxy and loadbalancer

sha256: 23ec4f8fb8b94de4b26d5184ae41bc3f36bf41dcda2695db9af14ac7eeb52ed1

got a Server behing NAT / Firewall ? Need Shell access to … ?

Server behind NAT/FW

user@server$ ssh -R 1234:localhost:22 my.public.jumpbox

Access Server

ssh my.public.jumpbox

user@jumpbox$ ssh -p 1234 localhost

user@server$

and you’re in :)

sha256: 81b4dc1d84f9f8bcbf5060f382853759fffa1e5824e2ae98ad5508a082db5dfd

another component of OpenBSD is relayd. it’s an integrated Loadbalancer & Proxy Service, like F5, Nginx and Others. But just like other BSD Services, straight, simple and easy to use … wanna see … ?

Setup 4 VM’s, one Loadbalancer and 3 Webserver. The Webserver should server the same content, while the Loadbalancer checks if a Webserver is running and redirects traffic to the host or not.

the configuration on the loadbalancer is simple like that:

did you always wanted to have a fullbgp table at home once ? Over your DSL / CM / LTE or whatever connection ? here a little howto :)

Setup VM

Install a VM with OpenBSD. Add 1 CPU, 1 GB RAM, 20 GB Disk, nothing special

Check our Upstream Provider

Check the Page from Lukasz and spend him a Beer if you ever meet him. He also mentioned my Post in his Slides (Thanks Lukas)

Clear History

have you ever checked in some binarys, confidential stuff or something else by mistake ? Git will keep all your history, that’s their design and purpose.

how ever, if you need to cleanup once, here is a short tutorial.

Kill Git Config

cd myrepo
cat .git/config -> note down the url
url=$(git config --get remote.origin.url)
rm -rf .git

Create New Repo

git init
git add .
git commit -m "Removed history, ..."

Push Remote

git remote add origin git@host/yourrepo  <- URL you noted down above
git remote add origin $url
git push -u --force origin master

All in One

_url=$(git remote -v |awk '/fetch/ { print $2 }')
rm -rf .git
git init
git add .
git commit -m "Removed history ..."
git remote add origin ${_url}
git push -u --force origin main
unset _url

and you’re done :)

assuming you have a apu2|apu3|apu4 from pcengines or a virtual machine running on KVM/Qemu. And you don’t have vga/dvi/hdmi whatever kind of video output. of course, you can install and run OpenBSD (or Linux) on this boxes.

Prepare USB Stick

write openbsdxx.img to an USB Stick. On MacOS, you can use Balena Etcher for example.

boot.conf

if you wanna install from an USB Stick, set the correct Port and Speed before booting.

stumpled upon a bug in openssh … did a small config change in sshd_config, deployed it with ansible … and lost connectifity to all these boxes immediately … and of course, i did a config check before reloading the sshd daemon, and the config check was fine.

i can’t belife that nobody else found this before, as it’s really simple to reproduce. and it’s working with openbsd, debian, centos and mostly on all system which have opensshd implemented (and that’s a lot of …)