From 58fdbe7e4297f8a73002b9651f51a4d6d8c77900 Mon Sep 17 00:00:00 2001 From: devopstales <42894256+devopstales@users.noreply.github.com> Date: Tue, 8 Oct 2024 07:38:17 +0000 Subject: [PATCH] 2024-10-08 --- 404.html | 2 +- atom.xml | 4 +- categories/ansible/index.html | 2 +- categories/calico/index.html | 2 +- categories/ceph/index.html | 2 +- categories/ceph/page/2/index.html | 2 +- categories/chef/index.html | 2 +- categories/cilium/index.html | 2 +- categories/cloud/index.html | 2 +- categories/containerd/index.html | 2 +- categories/cri-o/index.html | 2 +- categories/debian/index.html | 2 +- categories/gcp/index.html | 2 +- categories/gitlab/index.html | 2 +- categories/google-cloud-platform/index.html | 2 +- categories/index.html | 2 +- categories/k3s/index.html | 2 +- categories/kubernetes/index.html | 2 +- categories/kubernetes/page/10/index.html | 2 +- categories/kubernetes/page/11/index.html | 2 +- categories/kubernetes/page/12/index.html | 2 +- categories/kubernetes/page/13/index.html | 2 +- categories/kubernetes/page/14/index.html | 2 +- categories/kubernetes/page/15/index.html | 2 +- categories/kubernetes/page/2/index.html | 2 +- categories/kubernetes/page/3/index.html | 2 +- categories/kubernetes/page/4/index.html | 2 +- categories/kubernetes/page/5/index.html | 2 +- categories/kubernetes/page/6/index.html | 2 +- categories/kubernetes/page/7/index.html | 2 +- categories/kubernetes/page/8/index.html | 2 +- categories/kubernetes/page/9/index.html | 2 +- categories/linux/index.html | 2 +- categories/mikrotik/index.html | 2 +- categories/openshift/index.html | 2 +- categories/openshift/page/2/index.html | 2 +- categories/openshift/page/3/index.html | 2 +- categories/openshift/page/4/index.html | 2 +- categories/openshift/page/5/index.html | 2 +- categories/page/2/index.html | 2 +- categories/page/3/index.html | 2 +- categories/podman/index.html | 2 +- categories/postgresql/index.html | 2 +- categories/proxmox/index.html | 2 +- categories/proxmox/page/2/index.html | 2 +- categories/sso/index.html | 2 +- categories/virtualization/index.html | 2 +- categories/windows/index.html | 2 +- categories/zfs/index.html | 2 +- cloud/aks-azure-key-vault-akv2k8s/index.html | 23 +- cloud/aks-azure-key-vault-csi/index.html | 23 +- cloud/aks-ingress-controller-v2/index.html | 23 +- cloud/aks-ingress-controller/index.html | 39 +- cloud/aks-registry/index.html | 23 +- cloud/aks/index.html | 39 +- cloud/atom.xml | 4 +- cloud/aws-eks-amp-monitoring/index.html | 23 +- cloud/aws-eks-ecr/index.html | 23 +- cloud/aws-eks-ingress/index.html | 23 +- cloud/aws-eks-install/index.html | 23 +- cloud/aws-eks-networking/index.html | 23 +- cloud/aws-s2s-vpn/index.html | 23 +- cloud/azure-dc-deploy/index.html | 39 +- .../index.html | 23 +- cloud/azure-terraform/index.html | 23 +- .../index.html | 23 +- cloud/fcos-install/index.html | 39 +- .../index.html | 23 +- cloud/gcp-vm-export/index.html | 23 +- cloud/gke-egress/index.html | 39 +- cloud/gke-gitlab-terraform/index.html | 23 +- cloud/gke-ingress-controller/index.html | 39 +- cloud/index.html | 2 +- cloud/page/2/index.html | 2 +- cloud/page/3/index.html | 2 +- cloud/photon_basics/index.html | 23 +- cloud/protonos_vagrant_box/index.html | 23 +- cloud/proxmox-terraform/index.html | 23 +- devops/atom.xml | 4 +- devops/github-actions-basics/index.html | 23 +- .../index.html | 23 +- devops/gitlab-ci-artifacts/index.html | 23 +- devops/gitlab-ci-docker-bild-k8s/index.html | 23 +- devops/gitlab-ci-docker-bild/index.html | 23 +- devops/gitlab-install/index.html | 23 +- devops/index.html | 2 +- .../introduction-to-gitlab-ci-cd/index.html | 23 +- devops/openshift-gitlab-helm/index.html | 23 +- devops/openshift-gitlabrunner/index.html | 23 +- devops/openshift4-buildconfig/index.html | 23 +- devops/page/2/index.html | 2 +- devops/what-is-devops/index.html | 23 +- home/admission-controllers/index.html | 39 +- home/aks-azure-key-vault-akv2k8s/index.html | 23 +- home/aks-azure-key-vault-csi/index.html | 23 +- home/aks-ingress-controller-v2/index.html | 23 +- home/aks-ingress-controller/index.html | 39 +- home/aks-registry/index.html | 23 +- home/aks/index.html | 39 +- home/alerta-on-centos7/index.html | 41 +- home/alerta-on-centos8/index.html | 41 +- home/ansible-k8s-install/index.html | 39 +- home/ansible-openshift-install/index.html | 39 +- home/ansible-operator-overview/index.html | 39 +- home/argocd-image-updater/index.html | 39 +- home/argocd-kubeseal/index.html | 39 +- home/atom.xml | 575 +++--------- home/aws-eks-amp-monitoring/index.html | 23 +- home/aws-eks-ecr/index.html | 23 +- home/aws-eks-ingress/index.html | 23 +- home/aws-eks-install/index.html | 23 +- home/aws-eks-networking/index.html | 23 +- home/aws-s2s-vpn/index.html | 23 +- home/awx-docker/index.html | 39 +- home/awx-install/index.html | 39 +- home/azure-dc-deploy/index.html | 39 +- .../index.html | 23 +- home/azure-terraform/index.html | 23 +- home/backup-and-retore-prometheus/index.html | 39 +- home/being-productive-with-kubectl/index.html | 39 +- home/brew-repo/index.html | 23 +- home/centreon-install/index.html | 39 +- home/ceph-block-device/index.html | 39 +- home/ceph-cephfs/index.html | 39 +- home/ceph-change-journal-ssd/index.html | 39 +- home/ceph-full-osd/index.html | 39 +- home/ceph_backup_benji/index.html | 39 +- home/chef-first-cookbook/index.html | 39 +- home/chef-server-install/index.html | 39 +- home/cilium-clustermesh/index.html | 23 +- home/cilium-opnsense-bgp-v2/index.html | 23 +- home/cilium-opnsense-bgp/index.html | 23 +- home/clonedeploy/index.html | 39 +- home/cluster-mesh-with-cilium/index.html | 23 +- home/cluster-mesh-with-linkerd/index.html | 23 +- home/cluster-mesh-with-skupper/index.html | 23 +- home/cluster-mesh-with-submariner/index.html | 23 +- home/cni-genie/index.html | 23 +- .../index.html | 39 +- home/container-build-in-kubernetes/index.html | 23 +- home/container-runtimes/index.html | 41 +- home/containers-vs-pods/index.html | 23 +- home/continuous-image-security/index.html | 39 +- .../index.html | 23 +- .../index.html | 39 +- .../docker-credential-in-keepassxc/index.html | 23 +- home/docker-desktop-alternatives/index.html | 39 +- home/docker-on-fedora31/index.html | 39 +- home/elasticsearch-backup/index.html | 39 +- home/fcos-install/index.html | 39 +- home/firecracker-containerd/index.html | 23 +- home/firecracker-cri-o/index.html | 23 +- .../index.html | 39 +- home/foreman-pxe/index.html | 39 +- home/foreman-sso/index.html | 39 +- .../index.html | 23 +- home/gcp-vm-export/index.html | 23 +- home/github-actions-basics/index.html | 23 +- .../index.html | 23 +- home/gitlab-ci-artifacts/index.html | 23 +- home/gitlab-ci-docker-bild-k8s/index.html | 23 +- home/gitlab-ci-docker-bild/index.html | 23 +- home/gitlab-install/index.html | 23 +- home/gitlab-keycloak/index.html | 39 +- home/gitops-flux2-kubeseal/index.html | 39 +- home/gitops-flux2-sops/index.html | 39 +- home/gitops-flux2/index.html | 39 +- home/gke-egress/index.html | 39 +- home/gke-gitlab-terraform/index.html | 23 +- home/gke-ingress-controller/index.html | 39 +- home/gns3-linux-install/index.html | 39 +- home/grafana-loki/index.html | 39 +- home/grafana-sso/index.html | 39 +- home/graylog-pfsense-squid/index.html | 39 +- home/graylog3-install/index.html | 39 +- home/graylog3-pfsense/index.html | 39 +- home/graylog4-install/index.html | 39 +- home/graylog4-pfsense/index.html | 39 +- home/graylog5-install/index.html | 39 +- home/graylog5-pfsense/index.html | 39 +- home/graylog_kafka/index.html | 39 +- home/gvisor-containerd/index.html | 23 +- home/gvisor-cri-o/index.html | 23 +- home/harbor-install/index.html | 39 +- home/hashicorp-sso/index.html | 39 +- home/hashicorp-vault/index.html | 39 +- home/helm-repositoty/index.html | 39 +- home/helm3-loki/index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- home/icinga2_add_host/index.html | 39 +- home/icinga2_director/index.html | 39 +- home/icinga2_director_centos8/index.html | 39 +- home/icinga2_install/index.html | 39 +- home/icinga2_install_centos8/index.html | 39 +- home/icinga2_nrpe/index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- home/index.html | 50 +- home/index.xml | 56 +- home/install-ceph/index.html | 39 +- home/install-mattermost-for-gitlab/index.html | 39 +- home/install-postgresql/index.html | 39 +- home/install-prometheus-for-gitlab/index.html | 39 +- home/install-squid/index.html | 41 +- home/install-unifi-controller/index.html | 39 +- home/install-vmware-in-proxmox/index.html | 23 +- home/introduction-to-gitlab-ci-cd/index.html | 23 +- home/ipmitool-config/index.html | 41 +- home/jitsi-jibri/index.html | 39 +- home/jitsi-meet/index.html | 39 +- home/k0s/index.html | 39 +- home/k3s-cilium/index.html | 39 +- home/k3s-crio/index.html | 39 +- home/k3s-etcd-kube-vip/index.html | 39 +- home/k3s-fcos/index.html | 39 +- home/k3s-gvisor/index.html | 39 +- home/k3s-helm-controller/index.html | 39 +- home/k3sup-calico/index.html | 39 +- home/k8s-backup/index.html | 39 +- home/k8s-calico-ebpf/index.html | 39 +- home/k8s-central-oauth/index.html | 23 +- home/k8s-ceph-csi-extand/index.html | 23 +- .../index.html | 39 +- home/k8s-ceph/index.html | 39 +- .../index.html | 39 +- home/k8s-cert-manager/index.html | 39 +- home/k8s-cert/index.html | 39 +- home/k8s-change-ip/index.html | 23 +- home/k8s-checkpointing/index.html | 23 +- home/k8s-cisa-install/index.html | 23 +- home/k8s-connaisseur-v2/index.html | 23 +- home/k8s-connaisseur/index.html | 23 +- home/k8s-copy-secret/index.html | 39 +- home/k8s-crio/index.html | 39 +- home/k8s-crowdsec-ids/index.html | 23 +- home/k8s-custom-host/index.html | 39 +- home/k8s-dasboard-auth/index.html | 23 +- home/k8s-dmz-bgp/index.html | 23 +- home/k8s-dmz-vxlan/index.html | 23 +- home/k8s-ephemerald-pod/index.html | 23 +- home/k8s-error-at-kubectl-logs/index.html | 39 +- home/k8s-falco/index.html | 23 +- home/k8s-gangway/index.html | 23 +- home/k8s-git-backup/index.html | 23 +- home/k8s-gitops/index.html | 39 +- home/k8s-helm-rbac/index.html | 39 +- home/k8s-imagepullsecret-patcher/index.html | 39 +- home/k8s-install-containerd-v2/index.html | 39 +- home/k8s-install-containerd/index.html | 39 +- home/k8s-install-openebs/index.html | 39 +- home/k8s-install-with-swap/index.html | 23 +- home/k8s-install/index.html | 39 +- home/k8s-ipvs/index.html | 39 +- home/k8s-kubeadm-ha/index.html | 39 +- home/k8s-kuberos/index.html | 39 +- home/k8s-kyverno-cosign/index.html | 23 +- home/k8s-limits/index.html | 39 +- home/k8s-local-pv/index.html | 39 +- home/k8s-longhorn/index.html | 39 +- home/k8s-metallb-bgp-pfsense/index.html | 39 +- home/k8s-metallb/index.html | 39 +- home/k8s-migrate-from-psp/index.html | 23 +- home/k8s-migrate-pv/index.html | 39 +- home/k8s-network-separation/index.html | 863 ------------------ home/k8s-networkpolicy/index.html | 23 +- home/k8s-nginx-ingress/index.html | 39 +- home/k8s-pinniped/index.html | 39 +- home/k8s-pod-locations/index.html | 39 +- .../index.html | 23 +- .../index.html | 23 +- home/k8s-prometheus-stack/index.html | 23 +- home/k8s-ps/index.html | 23 +- home/k8s-rbac-gen/index.html | 23 +- .../index.html | 39 +- home/k8s-rolling-upgrade/index.html | 39 +- home/k8s-seccomp/index.html | 23 +- home/k8s-secure-install/index.html | 39 +- home/k8s-security/index.html | 39 +- home/k8s-selinux/index.html | 591 ------------ home/k8s-test-tools/index.html | 39 +- home/k8s-tillerless-helm/index.html | 39 +- home/k8s-user-accounts/index.html | 23 +- home/k8s-user-namespace/index.html | 23 +- home/k8s-vault-v2/index.html | 39 +- home/k8s-vault/index.html | 39 +- home/k8s-velero-backup/index.html | 39 +- home/k8s-vmware/index.html | 39 +- home/kata-container-containerd/index.html | 23 +- home/katello-client/index.html | 39 +- home/katello-errata/index.html | 39 +- home/katello-install/index.html | 39 +- home/keycloak1/index.html | 39 +- home/keycloak2/index.html | 39 +- home/kind-install/index.html | 39 +- home/kube-openid-connect-1.0/index.html | 23 +- home/kubectl-multi-cluster-config/index.html | 39 +- home/kubedash-1.0/index.html | 23 +- .../index.html | 39 +- home/kubernetes-networking-1/index.html | 23 +- home/kubernetes-networking-2/index.html | 23 +- home/kubernetes-policy/index.html | 23 +- home/kyverno-image-mirror/index.html | 23 +- home/lazyimage/index.html | 23 +- home/mattermost-keycloak-sso/index.html | 39 +- home/microk8s-expired-cert/index.html | 23 +- home/migrate-bind-to-windows-dns/index.html | 39 +- home/migrate-docker-to-containerd/index.html | 23 +- home/migrate-docker-to-crio/index.html | 23 +- .../index.html | 23 +- home/mod-auth-openidc/index.html | 39 +- .../index.html | 39 +- home/msad-ldaps/index.html | 39 +- home/multus-calico/index.html | 23 +- home/multus-nmstate/index.html | 23 +- home/multus/index.html | 23 +- home/naemon-influxdb/index.html | 39 +- home/nagios-ncpa/index.html | 39 +- home/nagios-nrpe/index.html | 39 +- home/networkmanagger-dnsmasq/index.html | 39 +- home/nextcloud-sso/index.html | 39 +- home/nextcloud/index.html | 39 +- home/nexus-sso/index.html | 39 +- home/oml/index.html | 39 +- home/openproject-sso/index.html | 39 +- home/openproject/index.html | 39 +- home/openshift-add-node/index.html | 39 +- home/openshift-auto-approval-csr/index.html | 39 +- home/openshift-ceph/index.html | 39 +- home/openshift-cert-manager/index.html | 39 +- home/openshift-cert/index.html | 39 +- home/openshift-elasticsearch-error/index.html | 39 +- home/openshift-extregistry/index.html | 39 +- home/openshift-gitlab-helm/index.html | 39 +- home/openshift-gitlabrunner/index.html | 39 +- home/openshift-helm/index.html | 23 +- home/openshift-hostalreadyclaimed/index.html | 39 +- home/openshift-kompose/index.html | 39 +- home/openshift-ldap/index.html | 39 +- home/openshift-letsencrypt/index.html | 39 +- home/openshift-log4shell/index.html | 39 +- home/openshift-rbd-fsck/index.html | 39 +- home/openshift-restrict-access/index.html | 39 +- home/openshift-secondary-router/index.html | 39 +- home/openshift-sso/index.html | 39 +- home/openshift-sso2/index.html | 39 +- home/openshift-vmware/index.html | 39 +- home/openshift4-auth/index.html | 39 +- home/openshift4-buildconfig/index.html | 23 +- home/openshift4-calico/index.html | 23 +- home/openshift4-ceph-rbd-csi/index.html | 39 +- home/openshift4-cilium/index.html | 23 +- home/openshift4-ingress/index.html | 39 +- home/openshift4-install/index.html | 23 +- home/openshift4-logging/index.html | 23 +- home/openshift4-monitoring/index.html | 39 +- .../index.html | 23 +- home/openshift4-registry/index.html | 23 +- .../index.html | 23 +- home/openshift4-tekton/index.html | 23 +- home/openshift_4/index.html | 39 +- home/opnsense-ha/index.html | 41 +- home/opnsense-nextcloud/index.html | 32 +- home/opnsense-openvpn/index.html | 34 +- .../index.html | 39 +- home/page/10/index.html | 50 +- home/page/11/index.html | 50 +- home/page/12/index.html | 50 +- home/page/13/index.html | 50 +- home/page/14/index.html | 50 +- home/page/15/index.html | 50 +- home/page/16/index.html | 50 +- home/page/17/index.html | 50 +- home/page/18/index.html | 50 +- home/page/19/index.html | 50 +- home/page/2/index.html | 50 +- home/page/20/index.html | 50 +- home/page/21/index.html | 50 +- home/page/22/index.html | 50 +- home/page/23/index.html | 50 +- home/page/24/index.html | 50 +- home/page/25/index.html | 50 +- home/page/26/index.html | 50 +- home/page/27/index.html | 50 +- home/page/28/index.html | 50 +- home/page/29/index.html | 50 +- home/page/3/index.html | 50 +- home/page/30/index.html | 50 +- home/page/31/index.html | 50 +- home/page/32/index.html | 50 +- home/page/33/index.html | 50 +- home/page/34/index.html | 50 +- home/page/35/index.html | 41 +- home/page/36/index.html | 578 ------------ home/page/4/index.html | 50 +- home/page/5/index.html | 50 +- home/page/6/index.html | 50 +- home/page/7/index.html | 50 +- home/page/8/index.html | 50 +- home/page/9/index.html | 50 +- home/pfsense-2fa/index.html | 41 +- home/pfsense-ad-join/index.html | 41 +- home/pfsense-cert/index.html | 39 +- home/pfsense-ha-ipsec/index.html | 23 +- home/pfsense-ha/index.html | 41 +- home/pfsense-ipsec-mss-clamping/index.html | 23 +- home/pfsense-openvpn/index.html | 32 +- home/pfsense-suidproxy/index.html | 39 +- home/pfsense-telegraf/index.html | 39 +- home/pfsense-usg/index.html | 39 +- home/pfsense-wlan/index.html | 41 +- home/pgbackrest_backup_server/index.html | 39 +- home/pgbackrest_backup_to_s3/index.html | 39 +- home/photon_basics/index.html | 23 +- home/postgresql_pg_rewind/index.html | 39 +- home/postgresql_pgbackrest/index.html | 39 +- home/postgresql_replication/index.html | 39 +- home/privacyidea-install/index.html | 39 +- home/prometheus-alertmanagger/index.html | 39 +- home/prometheus-influxdb/index.html | 39 +- home/prometheus-install/index.html | 39 +- .../index.html | 23 +- home/prometheus-node-exporter/index.html | 39 +- home/protonos_vagrant_box/index.html | 23 +- home/proxmox-backup-error/index.html | 39 +- home/proxmox-backup-pve-zsync/index.html | 39 +- home/proxmox-backup-sanoid/index.html | 39 +- home/proxmox-backup-znapzend/index.html | 39 +- home/proxmox-ceph-radosgw/index.html | 39 +- home/proxmox-cluster-join-error/index.html | 23 +- home/proxmox-custom-certificate/index.html | 23 +- home/proxmox-dark-theme/index.html | 23 +- home/proxmox-fail2ban/index.html | 23 +- home/proxmox-haproxy-lb/index.html | 23 +- home/proxmox-mail-gateway/index.html | 39 +- home/proxmox-node-remove/index.html | 39 +- home/proxmox-pci-passthrough/index.html | 39 +- home/proxmox-reload-network/index.html | 39 +- home/proxmox-terraform/index.html | 23 +- home/proxmox-xtermjs-enable/index.html | 39 +- home/pxe1/index.html | 39 +- home/redmine/index.html | 39 +- home/rke2-airgap-install/index.html | 39 +- home/rke2-calico/index.html | 39 +- home/rke2-cilium/index.html | 39 +- home/rke2-ingress-loadbalancer/index.html | 23 +- home/rke2-pod-security-policy/index.html | 39 +- home/ros-basic/index.html | 23 +- home/ros-pppoe-server/index.html | 23 +- home/ros-secure/index.html | 23 +- home/ros-web-content-filter/index.html | 23 +- home/ros-wifi/index.html | 23 +- home/rundeck-acl/index.html | 39 +- home/rundeck-ldap/index.html | 39 +- home/rundeck-sso/index.html | 39 +- home/rundeck/index.html | 39 +- .../index.html | 23 +- home/s3cmd-with-radosgw/index.html | 39 +- home/sonarkube-install/index.html | 39 +- home/spacewalk-install/index.html | 23 +- home/spacewalk-software-channels/index.html | 39 +- home/speed_up_zfs/index.html | 39 +- home/ssh-credential-in-keepassxc/index.html | 23 +- home/trivy-operator-1.0/index.html | 23 +- home/trivy-operator-2.1/index.html | 23 +- home/trivy-operator-2.2/index.html | 23 +- home/trivy-operator-2.3/index.html | 23 +- home/trivy-operator-2.4/index.html | 23 +- home/trivy-operator-2.5/index.html | 23 +- home/ubuntu-22.04-ad-join/index.html | 23 +- home/update-ilo/index.html | 39 +- home/vcluster/index.html | 23 +- home/veeam-cant-add-repo/index.html | 23 +- home/veeam-cant-create-job-to-s3/index.html | 23 +- home/wazuh-authentication/index.html | 39 +- .../index.html | 170 ++-- home/wazuh-siem/index.html | 39 +- home/what-is-devops/index.html | 23 +- home/who-mapping-rbd-device/index.html | 39 +- home/windows-server-radius/index.html | 39 +- img/include/pfsese_wazuh_syslog_00.webp | Bin 0 -> 8646 bytes img/include/pfsese_wazuh_syslog_01.webp | Bin 0 -> 20386 bytes img/include/pfsese_wazuh_syslog_02.webp | Bin 0 -> 101874 bytes img/include/pfsese_wazuh_syslog_03.webp | Bin 0 -> 87304 bytes img/include/pfsese_wazuh_syslog_04.webp | Bin 0 -> 30084 bytes index.html | 50 +- index.xml | 110 +-- kubernetes/admission-controllers/index.html | 39 +- kubernetes/ansible-k8s-install/index.html | 39 +- .../ansible-openshift-install/index.html | 39 +- .../ansible-operator-overview/index.html | 39 +- kubernetes/argocd-image-updater/index.html | 39 +- kubernetes/argocd-kubeseal/index.html | 39 +- kubernetes/atom.xml | 4 +- .../backup-and-retore-prometheus/index.html | 39 +- .../being-productive-with-kubectl/index.html | 39 +- kubernetes/cilium-clustermesh/index.html | 23 +- kubernetes/cilium-clustermesh2/index.html | 610 ------------- kubernetes/cilium-opnsense-bgp-v2/index.html | 23 +- kubernetes/cilium-opnsense-bgp/index.html | 23 +- .../cluster-mesh-with-cilium/index.html | 23 +- .../cluster-mesh-with-linkerd/index.html | 23 +- .../cluster-mesh-with-skupper/index.html | 23 +- .../cluster-mesh-with-submariner/index.html | 23 +- kubernetes/cni-genie/index.html | 23 +- .../container-build-in-kubernetes/index.html | 23 +- kubernetes/container-runtimes/index.html | 41 +- kubernetes/containers-vs-pods/index.html | 23 +- .../continuous-image-security/index.html | 39 +- .../index.html | 39 +- .../docker-desktop-alternatives/index.html | 39 +- kubernetes/firecracker-containerd/index.html | 23 +- kubernetes/firecracker-cri-o/index.html | 23 +- .../index.html | 39 +- kubernetes/gitops-flux2-kubeseal/index.html | 39 +- kubernetes/gitops-flux2-sops/index.html | 39 +- kubernetes/gitops-flux2/index.html | 39 +- kubernetes/gvisor-containerd/index.html | 23 +- kubernetes/gvisor-cri-o/index.html | 23 +- kubernetes/helm-repositoty/index.html | 39 +- kubernetes/helm3-loki/index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- .../index.html | 39 +- kubernetes/index.html | 2 +- kubernetes/index.xml | 43 - kubernetes/k0s/index.html | 39 +- kubernetes/k3s-cilium/index.html | 39 +- kubernetes/k3s-crio/index.html | 39 +- kubernetes/k3s-etcd-kube-vip/index.html | 39 +- kubernetes/k3s-fcos/index.html | 39 +- kubernetes/k3s-gvisor/index.html | 39 +- kubernetes/k3s-helm-controller/index.html | 39 +- kubernetes/k3sup-calico/index.html | 39 +- kubernetes/k8s-backup/index.html | 39 +- kubernetes/k8s-calico-ebpf/index.html | 39 +- kubernetes/k8s-central-oauth/index.html | 23 +- kubernetes/k8s-ceph-csi-extand/index.html | 23 +- .../index.html | 39 +- kubernetes/k8s-ceph/index.html | 39 +- .../index.html | 39 +- kubernetes/k8s-cert-manager/index.html | 39 +- kubernetes/k8s-cert/index.html | 39 +- kubernetes/k8s-change-ip/index.html | 23 +- kubernetes/k8s-checkpointing/index.html | 23 +- kubernetes/k8s-cisa-install/index.html | 23 +- kubernetes/k8s-connaisseur-v2/index.html | 23 +- kubernetes/k8s-connaisseur/index.html | 23 +- kubernetes/k8s-copy-secret/index.html | 39 +- kubernetes/k8s-crio/index.html | 39 +- kubernetes/k8s-crowdsec-ids/index.html | 23 +- kubernetes/k8s-custom-host/index.html | 39 +- kubernetes/k8s-dmz-bgp/index.html | 23 +- kubernetes/k8s-dmz-vxlan/index.html | 23 +- kubernetes/k8s-egress-gateway/index.html | 590 ------------ kubernetes/k8s-ephemerald-pod/index.html | 23 +- .../k8s-error-at-kubectl-logs/index.html | 39 +- kubernetes/k8s-falco/index.html | 23 +- kubernetes/k8s-git-backup/index.html | 23 +- kubernetes/k8s-gitops/index.html | 39 +- kubernetes/k8s-helm-rbac/index.html | 39 +- .../k8s-imagepullsecret-patcher/index.html | 39 +- .../k8s-install-containerd-v2/index.html | 39 +- kubernetes/k8s-install-containerd/index.html | 39 +- kubernetes/k8s-install-openebs/index.html | 39 +- kubernetes/k8s-install-with-swap/index.html | 23 +- kubernetes/k8s-install/index.html | 39 +- kubernetes/k8s-ipvs/index.html | 39 +- kubernetes/k8s-kubeadm-ha/index.html | 39 +- kubernetes/k8s-kyverno-cosign/index.html | 23 +- kubernetes/k8s-limits/index.html | 39 +- kubernetes/k8s-local-pv/index.html | 39 +- kubernetes/k8s-longhorn/index.html | 39 +- kubernetes/k8s-metallb-bgp-pfsense/index.html | 39 +- kubernetes/k8s-metallb/index.html | 39 +- kubernetes/k8s-migrate-from-psp/index.html | 23 +- kubernetes/k8s-migrate-pv/index.html | 39 +- kubernetes/k8s-network-separation/index.html | 863 ------------------ kubernetes/k8s-networkpolicy/index.html | 39 +- kubernetes/k8s-nginx-ingress/index.html | 39 +- kubernetes/k8s-pinniped/index.html | 39 +- kubernetes/k8s-pod-locations/index.html | 39 +- .../index.html | 23 +- .../index.html | 23 +- kubernetes/k8s-prometheus-stack/index.html | 23 +- kubernetes/k8s-ps/index.html | 23 +- kubernetes/k8s-rbac-gen/index.html | 23 +- .../index.html | 39 +- kubernetes/k8s-rolling-upgrade/index.html | 39 +- kubernetes/k8s-seccomp/index.html | 23 +- kubernetes/k8s-secure-install/index.html | 39 +- kubernetes/k8s-security/index.html | 39 +- kubernetes/k8s-selinux/index.html | 591 ------------ kubernetes/k8s-test-tools/index.html | 39 +- kubernetes/k8s-tillerless-helm/index.html | 39 +- kubernetes/k8s-user-accounts/index.html | 23 +- kubernetes/k8s-user-namespace/index.html | 23 +- kubernetes/k8s-vault-v2/index.html | 39 +- kubernetes/k8s-vault/index.html | 39 +- kubernetes/k8s-velero-backup/index.html | 39 +- kubernetes/k8s-vmware/index.html | 39 +- .../kata-container-containerd/index.html | 23 +- kubernetes/kind-install/index.html | 39 +- kubernetes/kube-openid-connect-1.0/index.html | 23 +- .../kubectl-multi-cluster-config/index.html | 39 +- kubernetes/kubedash-1.0/index.html | 23 +- .../index.html | 39 +- kubernetes/kubernetes-networking-1/index.html | 23 +- kubernetes/kubernetes-networking-2/index.html | 23 +- kubernetes/kubernetes-policy/index.html | 23 +- kubernetes/kyverno-image-mirror/index.html | 23 +- kubernetes/lazyimage/index.html | 23 +- kubernetes/microk8s-expired-cert/index.html | 23 +- .../migrate-docker-to-containerd/index.html | 23 +- kubernetes/migrate-docker-to-crio/index.html | 23 +- .../index.html | 23 +- kubernetes/multus-calico/index.html | 23 +- kubernetes/multus-nmstate/index.html | 23 +- kubernetes/multus/index.html | 23 +- kubernetes/oml/index.html | 39 +- kubernetes/openshift-add-node/index.html | 39 +- .../openshift-auto-approval-csr/index.html | 39 +- kubernetes/openshift-ceph/index.html | 39 +- kubernetes/openshift-cert-manager/index.html | 39 +- kubernetes/openshift-cert/index.html | 39 +- .../openshift-elasticsearch-error/index.html | 39 +- kubernetes/openshift-extregistry/index.html | 39 +- kubernetes/openshift-gitlab-helm/index.html | 39 +- kubernetes/openshift-gitlabrunner/index.html | 39 +- kubernetes/openshift-helm/index.html | 23 +- .../openshift-hostalreadyclaimed/index.html | 39 +- kubernetes/openshift-kompose/index.html | 39 +- kubernetes/openshift-ldap/index.html | 39 +- kubernetes/openshift-letsencrypt/index.html | 39 +- kubernetes/openshift-log4shell/index.html | 39 +- kubernetes/openshift-rbd-fsck/index.html | 39 +- .../openshift-restrict-access/index.html | 39 +- .../openshift-secondary-router/index.html | 39 +- kubernetes/openshift-vmware/index.html | 39 +- kubernetes/openshift4-auth/index.html | 39 +- kubernetes/openshift4-buildconfig/index.html | 23 +- kubernetes/openshift4-calico/index.html | 23 +- kubernetes/openshift4-ceph-rbd-csi/index.html | 39 +- kubernetes/openshift4-cilium/index.html | 23 +- kubernetes/openshift4-ingress/index.html | 39 +- kubernetes/openshift4-install/index.html | 23 +- kubernetes/openshift4-logging/index.html | 23 +- kubernetes/openshift4-monitoring/index.html | 39 +- .../index.html | 23 +- kubernetes/openshift4-registry/index.html | 23 +- .../index.html | 23 +- kubernetes/openshift4-tekton/index.html | 23 +- kubernetes/openshift_4/index.html | 39 +- kubernetes/page/10/index.html | 2 +- kubernetes/page/11/index.html | 2 +- kubernetes/page/12/index.html | 2 +- kubernetes/page/13/index.html | 2 +- kubernetes/page/14/index.html | 2 +- kubernetes/page/15/index.html | 2 +- kubernetes/page/16/index.html | 2 +- kubernetes/page/17/index.html | 2 +- kubernetes/page/18/index.html | 60 +- kubernetes/page/2/index.html | 2 +- kubernetes/page/3/index.html | 2 +- kubernetes/page/4/index.html | 2 +- kubernetes/page/5/index.html | 2 +- kubernetes/page/6/index.html | 2 +- kubernetes/page/7/index.html | 2 +- kubernetes/page/8/index.html | 2 +- kubernetes/page/9/index.html | 2 +- kubernetes/rke2-airgap-install/index.html | 39 +- kubernetes/rke2-calico/index.html | 39 +- kubernetes/rke2-cilium/index.html | 39 +- .../rke2-ingress-loadbalancer/index.html | 23 +- .../rke2-pod-security-policy/index.html | 39 +- kubernetes/trivy-operator-1.0/index.html | 23 +- kubernetes/trivy-operator-2.1/index.html | 23 +- kubernetes/trivy-operator-2.2/index.html | 23 +- kubernetes/trivy-operator-2.3/index.html | 23 +- kubernetes/trivy-operator-2.4/index.html | 23 +- kubernetes/trivy-operator-2.5/index.html | 23 +- kubernetes/vcluster/index.html | 23 +- kubernetes/who-mapping-rbd-device/index.html | 39 +- linux/atom.xml | 4 +- linux/awx-docker/index.html | 39 +- linux/awx-install/index.html | 39 +- linux/brew-repo/index.html | 23 +- linux/ceph-block-device/index.html | 39 +- linux/ceph-cephfs/index.html | 39 +- linux/ceph-change-journal-ssd/index.html | 39 +- linux/ceph-full-osd/index.html | 39 +- linux/ceph_backup_benji/index.html | 39 +- linux/chef-first-cookbook/index.html | 39 +- linux/chef-server-install/index.html | 39 +- linux/clonedeploy/index.html | 39 +- .../docker-credential-in-keepassxc/index.html | 23 +- linux/docker-on-fedora31/index.html | 39 +- linux/elasticsearch-backup/index.html | 39 +- linux/foreman-pxe/index.html | 39 +- linux/gitlab-install/index.html | 39 +- linux/gns3-linux-install/index.html | 39 +- linux/graylog-pfsense-squid/index.html | 39 +- linux/graylog3-install/index.html | 39 +- linux/graylog3-pfsense/index.html | 39 +- linux/graylog4-install/index.html | 39 +- linux/graylog4-pfsense/index.html | 39 +- linux/graylog5-install/index.html | 39 +- linux/graylog5-pfsense/index.html | 39 +- linux/graylog_kafka/index.html | 39 +- linux/harbor-install/index.html | 39 +- linux/hashicorp-vault/index.html | 39 +- linux/index.html | 50 +- linux/index.xml | 13 +- linux/install-ceph/index.html | 39 +- .../install-mattermost-for-gitlab/index.html | 39 +- linux/install-postgresql/index.html | 39 +- linux/install-squid/index.html | 55 +- linux/install-unifi-controller/index.html | 39 +- linux/ipmitool-config/index.html | 41 +- linux/jitsi-jibri/index.html | 39 +- linux/jitsi-meet/index.html | 39 +- linux/katello-client/index.html | 39 +- linux/katello-errata/index.html | 39 +- linux/katello-install/index.html | 39 +- linux/networkmanagger-dnsmasq/index.html | 39 +- linux/nextcloud/index.html | 39 +- linux/openproject/index.html | 39 +- linux/opnsense-ha/index.html | 41 +- linux/opnsense-nextcloud/index.html | 32 +- linux/opnsense-openvpn/index.html | 34 +- linux/page/2/index.html | 50 +- linux/page/3/index.html | 50 +- linux/page/4/index.html | 50 +- linux/page/5/index.html | 48 +- linux/page/6/index.html | 50 +- linux/page/7/index.html | 50 +- linux/page/8/index.html | 50 +- linux/page/9/index.html | 27 +- linux/pfsense-2fa/index.html | 41 +- linux/pfsense-ad-join/index.html | 41 +- linux/pfsense-cert/index.html | 39 +- linux/pfsense-ha-ipsec/index.html | 23 +- linux/pfsense-ha/index.html | 41 +- linux/pfsense-ipsec-mss-clamping/index.html | 23 +- linux/pfsense-openvpn/index.html | 32 +- linux/pfsense-suidproxy/index.html | 39 +- linux/pfsense-usg/index.html | 39 +- linux/pfsense-wlan/index.html | 41 +- linux/pgbackrest_backup_server/index.html | 39 +- linux/pgbackrest_backup_to_s3/index.html | 39 +- linux/postgresql_pg_rewind/index.html | 39 +- linux/postgresql_pgbackrest/index.html | 39 +- linux/postgresql_replication/index.html | 39 +- linux/privacyidea-install/index.html | 39 +- .../index.html | 23 +- linux/proxmox-cluster-join-error/index.html | 23 +- linux/proxmox-custom-certificate/index.html | 23 +- linux/proxmox-dark-theme/index.html | 23 +- linux/proxmox-fail2ban/index.html | 23 +- linux/proxmox-haproxy-lb/index.html | 23 +- linux/proxmox-mail-gateway/index.html | 39 +- linux/proxmox-node-remove/index.html | 39 +- linux/proxmox-reload-network/index.html | 39 +- linux/pxe1/index.html | 39 +- linux/redmine/index.html | 39 +- linux/rundeck-acl/index.html | 39 +- linux/rundeck-ldap/index.html | 39 +- linux/rundeck/index.html | 39 +- .../index.html | 23 +- linux/s3cmd-with-radosgw/index.html | 39 +- linux/sonarkube-install/index.html | 39 +- linux/spacewalk-install/index.html | 39 +- linux/spacewalk-software-channels/index.html | 39 +- linux/speed_up_zfs/index.html | 39 +- linux/ssh-credential-in-keepassxc/index.html | 23 +- linux/update-ilo/index.html | 39 +- linux/wazuh-authentication/index.html | 39 +- .../wazuh-pfsense-syslog}/index.html | 175 +++- linux/wazuh-siem/index.html | 39 +- mikrotik/atom.xml | 4 +- mikrotik/index.html | 2 +- mikrotik/ros-basic/index.html | 23 +- mikrotik/ros-pppoe-server/index.html | 23 +- mikrotik/ros-secure/index.html | 23 +- mikrotik/ros-web-content-filter/index.html | 23 +- mikrotik/ros-wifi/index.html | 23 +- monitoring/alerta-on-centos7/index.html | 41 +- monitoring/alerta-on-centos8/index.html | 41 +- monitoring/atom.xml | 4 +- monitoring/centreon-install/index.html | 39 +- monitoring/grafana-loki/index.html | 39 +- monitoring/icinga2_add_host/index.html | 39 +- monitoring/icinga2_director/index.html | 39 +- .../icinga2_director_centos8/index.html | 39 +- monitoring/icinga2_install/index.html | 39 +- monitoring/icinga2_install_centos8/index.html | 39 +- monitoring/icinga2_nrpe/index.html | 39 +- monitoring/index.html | 2 +- .../install-prometheus-for-gitlab/index.html | 39 +- monitoring/naemon-influxdb/index.html | 39 +- monitoring/nagios-ncpa/index.html | 39 +- monitoring/nagios-nrpe/index.html | 39 +- monitoring/page/2/index.html | 2 +- monitoring/pfsense-telegraf/index.html | 39 +- .../prometheus-alertmanagger/index.html | 39 +- monitoring/prometheus-influxdb/index.html | 39 +- monitoring/prometheus-install/index.html | 39 +- .../prometheus-node-exporter/index.html | 39 +- page/10/index.html | 50 +- page/11/index.html | 50 +- page/12/index.html | 50 +- page/13/index.html | 50 +- page/14/index.html | 50 +- page/15/index.html | 50 +- page/16/index.html | 50 +- page/17/index.html | 50 +- page/18/index.html | 50 +- page/19/index.html | 50 +- page/2/index.html | 50 +- page/20/index.html | 50 +- page/21/index.html | 50 +- page/22/index.html | 50 +- page/23/index.html | 50 +- page/24/index.html | 50 +- page/25/index.html | 50 +- page/26/index.html | 50 +- page/27/index.html | 50 +- page/28/index.html | 50 +- page/29/index.html | 50 +- page/3/index.html | 50 +- page/30/index.html | 50 +- page/31/index.html | 50 +- page/32/index.html | 50 +- page/33/index.html | 50 +- page/34/index.html | 50 +- page/35/index.html | 41 +- page/36/index.html | 587 ------------ page/4/index.html | 50 +- page/5/index.html | 50 +- page/6/index.html | 50 +- page/7/index.html | 50 +- page/8/index.html | 50 +- page/9/index.html | 50 +- privacy-policy/index.html | 12 +- series/cluster-mesh/index.html | 2 +- series/container-runtimes/index.html | 2 +- series/container-runtimes/page/2/index.html | 2 +- series/index.html | 2 +- series/k3s/index.html | 2 +- series/k8s-authentication/index.html | 2 +- series/k8s-gitops/index.html | 2 +- series/k8s-lessons/index.html | 2 +- series/k8s-network/index.html | 2 +- series/k8s-network/page/2/index.html | 2 +- series/k8s-network/page/3/index.html | 2 +- series/k8s-operators/index.html | 2 +- series/k8s-security/index.html | 2 +- series/k8s-security/page/2/index.html | 2 +- series/k8s-security/page/3/index.html | 2 +- series/k8s-security/page/4/index.html | 2 +- series/k8s-security/page/5/index.html | 2 +- series/k8s-security/page/6/index.html | 2 +- series/k8s-security/page/7/index.html | 2 +- series/kubernetes/index.html | 2 +- series/kubernetes/page/2/index.html | 2 +- series/kubernetes/page/3/index.html | 2 +- series/kubernetes/page/4/index.html | 2 +- series/mikrotik/index.html | 2 +- series/page/2/index.html | 2 +- series/virtualization/index.html | 2 +- sitemap.xml | 172 ++-- sso/atom.xml | 4 +- sso/foreman-sso/index.html | 39 +- sso/gitlab-keycloak/index.html | 39 +- sso/grafana-sso/index.html | 39 +- sso/hashicorp-sso/index.html | 39 +- sso/index.html | 2 +- sso/k8s-dasboard-auth/index.html | 23 +- sso/k8s-gangway/index.html | 23 +- sso/k8s-kuberos/index.html | 39 +- sso/keycloak1/index.html | 39 +- sso/keycloak2/index.html | 39 +- sso/mattermost-keycloak-sso/index.html | 39 +- sso/mod-auth-openidc/index.html | 39 +- sso/nextcloud-sso/index.html | 39 +- sso/nexus-sso/index.html | 39 +- sso/openproject-sso/index.html | 39 +- sso/openshift-sso/index.html | 39 +- sso/openshift-sso2/index.html | 39 +- sso/page/2/index.html | 2 +- sso/rundeck-sso/index.html | 39 +- tags/2fa/index.html | 2 +- tags/active-directory/index.html | 2 +- tags/admission-controller/index.html | 2 +- tags/aks/index.html | 2 +- tags/alerta/index.html | 2 +- tags/almalinux/index.html | 2 +- tags/ansible-tower/index.html | 2 +- tags/ansible/index.html | 2 +- tags/aws/index.html | 2 +- tags/awx/index.html | 2 +- tags/azure/index.html | 2 +- tags/backup/index.html | 2 +- tags/bgp/index.html | 2 +- tags/calico/index.html | 2 +- tags/calico/page/2/index.html | 2 +- tags/centos/index.html | 2 +- tags/centos/page/10/index.html | 2 +- tags/centos/page/11/index.html | 2 +- tags/centos/page/2/index.html | 2 +- tags/centos/page/3/index.html | 2 +- tags/centos/page/4/index.html | 2 +- tags/centos/page/5/index.html | 2 +- tags/centos/page/6/index.html | 2 +- tags/centos/page/7/index.html | 2 +- tags/centos/page/8/index.html | 2 +- tags/centos/page/9/index.html | 2 +- tags/centreon/index.html | 2 +- tags/ceph/index.html | 2 +- tags/ceph/page/2/index.html | 2 +- tags/chef/index.html | 2 +- tags/cilium/index.html | 2 +- tags/cilium/page/2/index.html | 2 +- tags/cloud-sql/index.html | 2 +- tags/cluster-mesh/index.html | 2 +- tags/cluster/index.html | 2 +- tags/cni-genie/index.html | 2 +- tags/container-runtimes/index.html | 2 +- tags/container-runtimes/page/2/index.html | 2 +- tags/containerd/index.html | 2 +- tags/coredns/index.html | 2 +- tags/cosign/index.html | 2 +- tags/cri-o/index.html | 2 +- tags/debian/index.html | 2 +- tags/debian/page/2/index.html | 2 +- tags/devops/index.html | 2 +- tags/dns/index.html | 2 +- tags/docker-compose/index.html | 2 +- tags/docker/index.html | 2 +- tags/ebpf/index.html | 2 +- tags/ecr/index.html | 2 +- tags/eks/index.html | 2 +- tags/elasticsearch/index.html | 25 +- tags/elasticsearch/index.xml | 13 +- tags/falco/index.html | 2 +- tags/fedora-coreos/index.html | 2 +- tags/fedora/index.html | 2 +- tags/firecracker/index.html | 2 +- tags/flannel/index.html | 2 +- tags/foreman/index.html | 2 +- tags/gcp/index.html | 2 +- tags/github/index.html | 2 +- tags/gitlab-runner/index.html | 2 +- tags/gitlab/index.html | 2 +- tags/gitlab/page/2/index.html | 2 +- tags/gitops/index.html | 2 +- tags/gke/index.html | 2 +- tags/gns3/index.html | 2 +- tags/google-cloud-platform/index.html | 2 +- tags/grafana/index.html | 2 +- tags/graylog/index.html | 2 +- tags/group-policy/index.html | 2 +- tags/gvisor/index.html | 2 +- tags/ha/index.html | 2 +- tags/haproxy/index.html | 2 +- tags/harbor/index.html | 2 +- tags/hashicorp-vault/index.html | 2 +- tags/helm-controller/index.html | 2 +- tags/helm/index.html | 2 +- tags/helm2/index.html | 2 +- tags/helm2/page/2/index.html | 2 +- tags/helm3/index.html | 2 +- tags/hp/index.html | 2 +- tags/httpd/index.html | 2 +- tags/icinga/index.html | 2 +- tags/ilo/index.html | 2 +- tags/index.html | 62 +- tags/index.xml | 102 +-- tags/influxdb/index.html | 2 +- tags/ingress/index.html | 2 +- tags/ipmitool/index.html | 2 +- tags/ipsec/index.html | 2 +- tags/jitsi/index.html | 2 +- tags/k0s/index.html | 2 +- tags/k3s/index.html | 2 +- tags/k8s/index.html | 2 +- tags/k8s/page/2/index.html | 2 +- tags/k8s/page/3/index.html | 2 +- tags/kafka/index.html | 2 +- tags/kata-container/index.html | 2 +- tags/katello/index.html | 2 +- tags/keepassxc/index.html | 2 +- tags/keycloak/index.html | 2 +- tags/keycloak/page/2/index.html | 2 +- tags/kube-apiserver/index.html | 2 +- tags/kube-openid-connect/index.html | 2 +- tags/kube-proxy/index.html | 2 +- tags/kube-vip/index.html | 2 +- tags/kubedash/index.html | 2 +- tags/kubernetes/index.html | 2 +- tags/kubernetes/page/10/index.html | 2 +- tags/kubernetes/page/11/index.html | 2 +- tags/kubernetes/page/12/index.html | 2 +- tags/kubernetes/page/13/index.html | 2 +- tags/kubernetes/page/14/index.html | 2 +- tags/kubernetes/page/15/index.html | 2 +- tags/kubernetes/page/16/index.html | 2 +- tags/kubernetes/page/2/index.html | 2 +- tags/kubernetes/page/3/index.html | 2 +- tags/kubernetes/page/4/index.html | 2 +- tags/kubernetes/page/5/index.html | 2 +- tags/kubernetes/page/6/index.html | 2 +- tags/kubernetes/page/7/index.html | 2 +- tags/kubernetes/page/8/index.html | 2 +- tags/kubernetes/page/9/index.html | 2 +- tags/kyverno/index.html | 2 +- tags/linkerd/index.html | 2 +- tags/logging/index.html | 48 +- tags/logging/index.xml | 13 +- tags/logging/page/2/index.html | 25 +- tags/loki/index.html | 2 +- tags/mattermost/index.html | 2 +- tags/metallb/index.html | 2 +- tags/microk8s/index.html | 2 +- tags/mikrotik/index.html | 2 +- tags/multus/index.html | 2 +- tags/mutating-webhook/index.html | 2 +- tags/mysql/index.html | 2 +- tags/naemon/index.html | 2 +- tags/nagios/index.html | 2 +- tags/nerdctl/index.html | 2 +- tags/nextcloud/index.html | 2 +- tags/nexus-oss/index.html | 2 +- tags/nmstate/index.html | 2 +- tags/nosql/index.html | 2 +- tags/notary/index.html | 2 +- tags/oauth2/index.html | 2 +- tags/oauth2/page/2/index.html | 2 +- tags/oidc/index.html | 2 +- tags/oidc/page/2/index.html | 2 +- tags/oidc/page/3/index.html | 2 +- tags/openid/index.html | 2 +- tags/openproject/index.html | 2 +- tags/openshift-3.11/index.html | 2 +- tags/openshift-3.11/page/2/index.html | 2 +- tags/openshift-3.11/page/3/index.html | 2 +- tags/openshift-4/index.html | 2 +- tags/openshift-4/page/2/index.html | 2 +- tags/openshift/index.html | 2 +- tags/openshift/page/2/index.html | 2 +- tags/openshift/page/3/index.html | 2 +- tags/openshift/page/4/index.html | 2 +- tags/openshift/page/5/index.html | 2 +- tags/openvpn/index.html | 2 +- tags/operator/index.html | 2 +- tags/opnsense/index.html | 2 +- tags/page/10/index.html | 2 +- tags/page/11/index.html | 2 +- tags/page/12/index.html | 2 +- tags/page/13/index.html | 2 +- tags/page/14/index.html | 2 +- tags/page/15/index.html | 2 +- tags/page/16/index.html | 2 +- tags/page/2/index.html | 62 +- tags/page/3/index.html | 62 +- tags/page/4/index.html | 32 +- tags/page/5/index.html | 2 +- tags/page/6/index.html | 2 +- tags/page/7/index.html | 2 +- tags/page/8/index.html | 2 +- tags/page/9/index.html | 2 +- tags/pfsense/index.html | 48 +- tags/pfsense/index.xml | 13 +- tags/pfsense/page/2/index.html | 48 +- tags/pfsense/page/3/index.html | 25 +- tags/postgresql/index.html | 2 +- tags/postgresql/page/2/index.html | 2 +- tags/postgresql/page/3/index.html | 2 +- tags/powershell/index.html | 2 +- tags/privacyidea/index.html | 2 +- tags/prometheus/index.html | 2 +- tags/prometheus/page/2/index.html | 2 +- tags/proxmox/index.html | 2 +- tags/proxmox/page/2/index.html | 2 +- tags/proxy/index.html | 25 +- tags/proxy/index.xml | 11 + tags/pxe/index.html | 2 +- tags/radius/index.html | 2 +- tags/rancher/index.html | 2 +- tags/rancher/page/2/index.html | 2 +- tags/rbac/index.html | 2 +- tags/redmine/index.html | 2 +- tags/registry/index.html | 2 +- tags/rke2/index.html | 2 +- tags/routeros/index.html | 2 +- tags/rsyslog/index.html | 2 +- tags/rundeck/index.html | 2 +- tags/s3/index.html | 2 +- tags/seccomp/index.html | 2 +- tags/secuity/index.html | 2 +- tags/secuity/page/2/index.html | 2 +- tags/secuity/page/3/index.html | 2 +- tags/siem/index.html | 25 +- tags/siem/index.xml | 13 +- tags/skupper/index.html | 2 +- tags/sonarqube/index.html | 2 +- tags/spacewalk/index.html | 2 +- tags/squid/index.html | 25 +- tags/squid/index.xml | 11 + tags/sso/index.html | 2 +- tags/submariner/index.html | 2 +- tags/supermicro/index.html | 2 +- tags/telegraf/index.html | 2 +- tags/terraform/index.html | 2 +- tags/trivy-operator/index.html | 2 +- tags/ubuntu/index.html | 2 +- tags/unifi-controller/index.html | 2 +- tags/unifi/index.html | 2 +- tags/vagrant/index.html | 2 +- tags/veeam-backup/index.html | 2 +- tags/vmware/index.html | 2 +- tags/volume-expansion/index.html | 2 +- tags/vsphere/index.html | 2 +- tags/vxlan/index.html | 2 +- tags/wazuh/index.html | 25 +- tags/wazuh/index.xml | 13 +- tags/wildfly/index.html | 2 +- tags/windows/index.html | 2 +- tags/zfs/index.html | 2 +- virtualization/atom.xml | 4 +- virtualization/index.html | 2 +- .../install-vmware-in-proxmox/index.html | 23 +- .../proxmox-backup-error/index.html | 39 +- .../proxmox-backup-pve-zsync/index.html | 39 +- .../proxmox-backup-sanoid/index.html | 39 +- .../proxmox-backup-znapzend/index.html | 39 +- .../proxmox-ceph-radosgw/index.html | 39 +- .../proxmox-pci-passthrough/index.html | 39 +- .../proxmox-xtermjs-enable/index.html | 39 +- virtualization/veeam-cant-add-repo/index.html | 23 +- .../veeam-cant-create-job-to-s3/index.html | 23 +- windows/atom.xml | 4 +- .../index.html | 39 +- windows/index.html | 2 +- .../migrate-bind-to-windows-dns/index.html | 39 +- .../index.html | 39 +- windows/msad-ldaps/index.html | 39 +- .../index.html | 39 +- windows/ubuntu-22.04-ad-join/index.html | 23 +- windows/windows-server-radius/index.html | 39 +- 1155 files changed, 22488 insertions(+), 12924 deletions(-) delete mode 100644 home/k8s-network-separation/index.html delete mode 100644 home/k8s-selinux/index.html delete mode 100644 home/page/36/index.html rename home/{cilium-clustermesh2 => wazuh-pfsense-syslog}/index.html (83%) create mode 100644 img/include/pfsese_wazuh_syslog_00.webp create mode 100644 img/include/pfsese_wazuh_syslog_01.webp create mode 100644 img/include/pfsese_wazuh_syslog_02.webp create mode 100644 img/include/pfsese_wazuh_syslog_03.webp create mode 100644 img/include/pfsese_wazuh_syslog_04.webp delete mode 100644 kubernetes/cilium-clustermesh2/index.html delete mode 100644 kubernetes/k8s-egress-gateway/index.html delete mode 100644 kubernetes/k8s-network-separation/index.html delete mode 100644 kubernetes/k8s-selinux/index.html rename {home/k8s-egress-gateway => linux/wazuh-pfsense-syslog}/index.html (82%) delete mode 100644 page/36/index.html diff --git a/404.html b/404.html index 87c989d806..e57788799f 100644 --- a/404.html +++ b/404.html @@ -302,6 +302,7 @@

Social

Recent Posts

diff --git a/atom.xml b/atom.xml index 8c48883600..4cb8401dfb 100644 --- a/atom.xml +++ b/atom.xml @@ -9,11 +9,11 @@ - 2024-09-20T11:01:52+00:00 + 2024-10-08T07:37:44+00:00 - Blaiserman + Balázs Páldi https://devopstales.github.io/ diff --git a/categories/ansible/index.html b/categories/ansible/index.html index 360d7af0a9..068a10ea03 100644 --- a/categories/ansible/index.html +++ b/categories/ansible/index.html @@ -503,6 +503,7 @@

Social

Recent Posts

diff --git a/categories/calico/index.html b/categories/calico/index.html index bedc364f85..f42d053249 100644 --- a/categories/calico/index.html +++ b/categories/calico/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/categories/ceph/index.html b/categories/ceph/index.html index 3cc768296e..55a06a49c3 100644 --- a/categories/ceph/index.html +++ b/categories/ceph/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/categories/ceph/page/2/index.html b/categories/ceph/page/2/index.html index 62c708c1ba..4e1d78f845 100644 --- a/categories/ceph/page/2/index.html +++ b/categories/ceph/page/2/index.html @@ -457,6 +457,7 @@

Social

Recent Posts

diff --git a/categories/chef/index.html b/categories/chef/index.html index 3f6d04dc09..e37be97b5c 100644 --- a/categories/chef/index.html +++ b/categories/chef/index.html @@ -353,6 +353,7 @@

Social

Recent Posts

diff --git a/categories/cilium/index.html b/categories/cilium/index.html index 4a1ad02a10..30ce31b1e6 100644 --- a/categories/cilium/index.html +++ b/categories/cilium/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/categories/cloud/index.html b/categories/cloud/index.html index 4351e6e84b..819cbfb151 100644 --- a/categories/cloud/index.html +++ b/categories/cloud/index.html @@ -403,6 +403,7 @@

Social

Recent Posts

diff --git a/categories/containerd/index.html b/categories/containerd/index.html index 2b392a9d5f..876259f4e5 100644 --- a/categories/containerd/index.html +++ b/categories/containerd/index.html @@ -403,6 +403,7 @@

Social

Recent Posts

diff --git a/categories/cri-o/index.html b/categories/cri-o/index.html index 2a432c4771..ae73d9937a 100644 --- a/categories/cri-o/index.html +++ b/categories/cri-o/index.html @@ -403,6 +403,7 @@

Social

Recent Posts

diff --git a/categories/debian/index.html b/categories/debian/index.html index 7069ae56d0..43b26c61ea 100644 --- a/categories/debian/index.html +++ b/categories/debian/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/categories/gcp/index.html b/categories/gcp/index.html index 1220707a53..93cb75b39f 100644 --- a/categories/gcp/index.html +++ b/categories/gcp/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/categories/gitlab/index.html b/categories/gitlab/index.html index d238e6e453..6c7dd42c6b 100644 --- a/categories/gitlab/index.html +++ b/categories/gitlab/index.html @@ -353,6 +353,7 @@

Social

Recent Posts

diff --git a/categories/google-cloud-platform/index.html b/categories/google-cloud-platform/index.html index 6c658534de..4479a2a13e 100644 --- a/categories/google-cloud-platform/index.html +++ b/categories/google-cloud-platform/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/categories/index.html b/categories/index.html index 63b58f9220..1985addf75 100644 --- a/categories/index.html +++ b/categories/index.html @@ -457,6 +457,7 @@

Social

Recent Posts

diff --git a/categories/k3s/index.html b/categories/k3s/index.html index 048f1c6e79..27ee28df2d 100644 --- a/categories/k3s/index.html +++ b/categories/k3s/index.html @@ -453,6 +453,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/index.html b/categories/kubernetes/index.html index 3e277b2c2a..553c93b7f0 100644 --- a/categories/kubernetes/index.html +++ b/categories/kubernetes/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/10/index.html b/categories/kubernetes/page/10/index.html index 6f74e4d38b..1b9eebd151 100644 --- a/categories/kubernetes/page/10/index.html +++ b/categories/kubernetes/page/10/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/11/index.html b/categories/kubernetes/page/11/index.html index eb16eb727b..47d0d4010a 100644 --- a/categories/kubernetes/page/11/index.html +++ b/categories/kubernetes/page/11/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/12/index.html b/categories/kubernetes/page/12/index.html index 06639e5b5e..d394b7fe91 100644 --- a/categories/kubernetes/page/12/index.html +++ b/categories/kubernetes/page/12/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/13/index.html b/categories/kubernetes/page/13/index.html index 07b1adf089..98b6fb50bd 100644 --- a/categories/kubernetes/page/13/index.html +++ b/categories/kubernetes/page/13/index.html @@ -564,6 +564,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/14/index.html b/categories/kubernetes/page/14/index.html index 261b8cec6e..90488153c9 100644 --- a/categories/kubernetes/page/14/index.html +++ b/categories/kubernetes/page/14/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/15/index.html b/categories/kubernetes/page/15/index.html index 5dca6fad4d..cc8d6a2456 100644 --- a/categories/kubernetes/page/15/index.html +++ b/categories/kubernetes/page/15/index.html @@ -332,6 +332,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/2/index.html b/categories/kubernetes/page/2/index.html index 602d77eab8..2d8551d797 100644 --- a/categories/kubernetes/page/2/index.html +++ b/categories/kubernetes/page/2/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/3/index.html b/categories/kubernetes/page/3/index.html index 2ce1680729..e3259d97c6 100644 --- a/categories/kubernetes/page/3/index.html +++ b/categories/kubernetes/page/3/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/4/index.html b/categories/kubernetes/page/4/index.html index f6c053afb5..b4885434f1 100644 --- a/categories/kubernetes/page/4/index.html +++ b/categories/kubernetes/page/4/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/5/index.html b/categories/kubernetes/page/5/index.html index 346098f0c3..218272ed12 100644 --- a/categories/kubernetes/page/5/index.html +++ b/categories/kubernetes/page/5/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/6/index.html b/categories/kubernetes/page/6/index.html index 9e8be54c4a..771e4a48f2 100644 --- a/categories/kubernetes/page/6/index.html +++ b/categories/kubernetes/page/6/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/7/index.html b/categories/kubernetes/page/7/index.html index bb1e07021a..ea6ceb9d5a 100644 --- a/categories/kubernetes/page/7/index.html +++ b/categories/kubernetes/page/7/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/8/index.html b/categories/kubernetes/page/8/index.html index f3e0611128..66ba0160d6 100644 --- a/categories/kubernetes/page/8/index.html +++ b/categories/kubernetes/page/8/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/kubernetes/page/9/index.html b/categories/kubernetes/page/9/index.html index 0987190ffc..993bb768e1 100644 --- a/categories/kubernetes/page/9/index.html +++ b/categories/kubernetes/page/9/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/linux/index.html b/categories/linux/index.html index cdc77e16c7..fcb8490b54 100644 --- a/categories/linux/index.html +++ b/categories/linux/index.html @@ -553,6 +553,7 @@

Social

Recent Posts

diff --git a/categories/mikrotik/index.html b/categories/mikrotik/index.html index 8549fb0392..52fe380629 100644 --- a/categories/mikrotik/index.html +++ b/categories/mikrotik/index.html @@ -428,6 +428,7 @@

Social

Recent Posts

diff --git a/categories/openshift/index.html b/categories/openshift/index.html index 04ba5e91a6..0d54a36419 100644 --- a/categories/openshift/index.html +++ b/categories/openshift/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/categories/openshift/page/2/index.html b/categories/openshift/page/2/index.html index 32ff14e4ca..1ac96d27fd 100644 --- a/categories/openshift/page/2/index.html +++ b/categories/openshift/page/2/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/openshift/page/3/index.html b/categories/openshift/page/3/index.html index 93949281b8..da5ffafd21 100644 --- a/categories/openshift/page/3/index.html +++ b/categories/openshift/page/3/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/categories/openshift/page/4/index.html b/categories/openshift/page/4/index.html index 282b0d3319..4cd425addb 100644 --- a/categories/openshift/page/4/index.html +++ b/categories/openshift/page/4/index.html @@ -559,6 +559,7 @@

Social

Recent Posts

diff --git a/categories/openshift/page/5/index.html b/categories/openshift/page/5/index.html index ddde49a14a..2151ac69c4 100644 --- a/categories/openshift/page/5/index.html +++ b/categories/openshift/page/5/index.html @@ -407,6 +407,7 @@

Social

Recent Posts

diff --git a/categories/page/2/index.html b/categories/page/2/index.html index 5905970bfd..7c40fbff9a 100644 --- a/categories/page/2/index.html +++ b/categories/page/2/index.html @@ -458,6 +458,7 @@

Social

Recent Posts

diff --git a/categories/page/3/index.html b/categories/page/3/index.html index 25668ba502..6f21f463b0 100644 --- a/categories/page/3/index.html +++ b/categories/page/3/index.html @@ -367,6 +367,7 @@

Social

Recent Posts

diff --git a/categories/podman/index.html b/categories/podman/index.html index ea88642fc2..010d2c24a7 100644 --- a/categories/podman/index.html +++ b/categories/podman/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/categories/postgresql/index.html b/categories/postgresql/index.html index b4bdedafea..b89502d8eb 100644 --- a/categories/postgresql/index.html +++ b/categories/postgresql/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/categories/proxmox/index.html b/categories/proxmox/index.html index d58233667a..98f0cab99d 100644 --- a/categories/proxmox/index.html +++ b/categories/proxmox/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/categories/proxmox/page/2/index.html b/categories/proxmox/page/2/index.html index f5cab87abb..9869d5643d 100644 --- a/categories/proxmox/page/2/index.html +++ b/categories/proxmox/page/2/index.html @@ -507,6 +507,7 @@

Social

Recent Posts

diff --git a/categories/sso/index.html b/categories/sso/index.html index ead5f50891..17c12b6919 100644 --- a/categories/sso/index.html +++ b/categories/sso/index.html @@ -353,6 +353,7 @@

Social

Recent Posts

diff --git a/categories/virtualization/index.html b/categories/virtualization/index.html index 11cb44169d..460252d8fa 100644 --- a/categories/virtualization/index.html +++ b/categories/virtualization/index.html @@ -378,6 +378,7 @@

Social

Recent Posts

diff --git a/categories/windows/index.html b/categories/windows/index.html index b4e277705d..4071e1d68a 100644 --- a/categories/windows/index.html +++ b/categories/windows/index.html @@ -453,6 +453,7 @@

Social

Recent Posts

diff --git a/categories/zfs/index.html b/categories/zfs/index.html index 24cda30aa9..115711791d 100644 --- a/categories/zfs/index.html +++ b/categories/zfs/index.html @@ -328,6 +328,7 @@

Social

Recent Posts

diff --git a/cloud/aks-azure-key-vault-akv2k8s/index.html b/cloud/aks-azure-key-vault-akv2k8s/index.html index 15ccfb3be3..6ba9cc4b0b 100644 --- a/cloud/aks-azure-key-vault-akv2k8s/index.html +++ b/cloud/aks-azure-key-vault-akv2k8s/index.html @@ -20,11 +20,11 @@ "headline" : "Azure Key Vault AKS integration with akv2k8s", "description" : "In this Post I will show you how you can use akv2k8s to synchronize secrets from Azure Key Vault to AKS.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2023", "datePublished": "2023-03-05", "dateModified" : "2023-03-05", @@ -323,6 +323,17 @@

+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -347,8 +347,35 @@

Install alerta on Centos7

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -352,8 +352,35 @@

Install alerta on Centos8

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -308,8 +308,35 @@

What is gvisor

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -336,8 +336,35 @@

Install Squid

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -256,8 +256,35 @@

Ipmitool on pfsense

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - - - - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
-
-
-

- -
-
-

https://www.redhat.com/en/blog/openshift-and-network-security-zones-coexistence-approaches -https://docs.cilium.io/en/latest/network/l2-announcements/ -https://docs.cilium.io/en/latest/network/egress-gateway/#id1 -https://docs.cilium.io/en/latest/network/servicemesh/ingress/#gs-ingress -https://docs.cilium.io/en/latest/network/concepts/ipam/multi-pool/ -https://docs.cilium.io/en/latest/network/kubernetes/ipam-multi-pool/#enable-multi-pool-ipam-mode -https://stackoverflow.com/questions/52487333/how-to-assign-a-namespace-to-certain-nodes

-
    -
  • -

    Install Cilium CNI

    -
      -
    • with L2 Announcements enabled
      • -
    • with Egress Gateway enabled
      • -
    • with Multi-Pool
      • -
    -
    • -
  • -

    Configuration

    -
      -
    • Create two LB pools (DMZ and LAN)
      • -
    • Create two Ingress Controller within ther LB pools (DMZ and LAN)
      • -
    • Create two cilium Egress Gateway within ther LB pools (DMZ and LAN)
      • -
    • Create Network policy for ingress/egress communication separation
      • -
    • Create two IP pools (DMZ and LAN) for network separation in Kubernetes
      • -
    -
    • -
-
kubectl taint nodes --all node-role.kubernetes.io/control-plane:NoSchedule-
-kubectl taint nodes --all node-role.kubernetes.io/master:NoSchedule-
-
kubeProxyReplacement: true
-
-k8sServiceHost: 10.0.2.15
-k8sServicePort: 6443
-containerRuntime:
-  integration: containerd
-rollOutCiliumPods: true
-priorityClassName: system-cluster-critical
-
-ipv4:
-  enabled: true
-ipv6:
-  enabled: false
-
-# L2 LoadBalancer service
-l2announcements:
-  enabled: true
-
-# Policy audit log
-config:
-  policyAuditMode: true
-
-# egressGateway
-egressGateway:
-  enabled: true
-bpf:
-  masquerade: true
-l7Proxy: false
-
-endpointStatus:
-  enabled: true
-  status: policy
-
-dashboards:
-  enabled: false
-  namespace: "monitoring-system"
-  annotations:
-    grafana_folder: "cilium"
-
-hubble:
-  metrics:
-    enableOpenMetrics: true
-    enabled:
-    - dns
-    - drop
-    - tcp
-    - flow:sourceContext=workload-name|reserved-identity;destinationContext=workload-name|reserved-identity
-    - port-distribution
-    - icmp
-    - kafka:labelsContext=source_namespace,source_workload,destination_namespace,destination_workload,traffic_direction;sourceContext=workload-name|reserved-identity;destinationContext=workload-name|reserved-identity
-    - policy:sourceContext=app|workload-name|pod|reserved-identity;destinationContext=app|workload-name|pod|dns|reserved-identity;labelsContext=source_namespace,destination_namespace
-    - httpV2:exemplars=true;labelsContext=source_ip,source_namespace,source_workload,destination_ip,destination_namespace,destination_workload,traffic_direction
-    serviceMonitor:
-      enabled: false
-    dashboards:
-      enabled: false
-      namespace: "monitoring-system"
-      annotations:
-        grafana_folder: "cilium"
-
-  ui:
-    enabled: true
-    replicas: 1
-    ingress:
-      enabled: true
-      hosts:
-        - hubble.k8s.intra
-      annotations:
-        kubernetes.io/ingress.class: nginx
-        cert-manager.io/cluster-issuer: ca-issuer
-      tls:
-      - secretName: hubble-ingress-tls
-        hosts:
-        - hubble.k8s.intra
-    tolerations:
-      - key: "node-role.kubernetes.io/master"
-        operator: "Exists"
-        effect: "NoSchedule"
-      - key: "node-role.kubernetes.io/control-plane"
-        operator: "Exists"
-        effect: "NoSchedule"
-    backend:
-      resources:
-        limits:
-          cpu: 60m
-          memory: 300Mi
-        requests:
-          cpu: 20m
-          memory: 64Mi
-    frontend:
-      resources:
-        limits:
-          cpu: 1000m
-          memory: 1024M
-        requests:
-          cpu: 100m
-          memory: 64Mi
-    proxy:
-      resources:
-        limits:
-          cpu: 1000m
-          memory: 1024M
-        requests:
-          cpu: 100m
-          memory: 64Mi
-
-  relay:
-    enabled: true
-    tolerations:
-      - key: "node-role.kubernetes.io/master"
-        operator: "Exists"
-        effect: "NoSchedule"
-      - key: "node-role.kubernetes.io/control-plane"
-        operator: "Exists"
-        effect: "NoSchedule"
-    resources:
-      limits:
-        cpu: 100m
-        memory: 500Mi
-    prometheus:
-      enabled: true
-      serviceMonitor:
-        enabled: false
-
-operator:
-  replicas: 1
-  resources:
-    limits:
-      cpu: 1000m
-      memory: 1Gi
-    requests:
-      cpu: 100m
-      memory: 128Mi
-  prometheus:
-    enabled: true
-    serviceMonitor:
-      enabled: false
-  dashboards:
-    enabled: false
-    namespace: "monitoring-system"
-    annotations:
-      grafana_folder: "cilium"
-
-ipam:
-  mode: "multi-pool"
-  operator:
-    clusterPoolIPv4PodCIDR: "10.43.0.0/16"
-    clusterPoolIPv4MaskSize: 24
-    clusterPoolIPv6PodCIDR: "fd00::/104"
-    clusterPoolIPv6MaskSize: 120
-    autoCreateCiliumPodIPPools:
-      default:
-        ipv4:
-          cidrs:
-            - 10.10.0.0/16
-          maskSize: 27
-
-routingMode: native
-autoDirectNodeRoutes: true
-endpointRoutes:
-  enabled: true
-
-ipv4NativeRoutingCIDR: 10.0.0.0/8
-

Create two LB pools (default and dmz)

-
kubectl get ciliumpodippool default -o yaml
-apiVersion: cilium.io/v2alpha1
-kind: CiliumPodIPPool
-metadata:
-  creationTimestamp: "2024-05-15T11:00:27Z"
-  generation: 1
-  name: default
-  resourceVersion: "3188"
-  uid: ce4288fa-e458-4ed6-b03c-c46af24e2a92
-spec:
-  ipv4:
-    cidrs:
-    - 10.10.0.0/16
-    maskSize: 27
-
cat <<EOF | kubectl apply -f -
-apiVersion: cilium.io/v2alpha1
-kind: CiliumPodIPPool
-metadata:
-  name: damz
-spec:
-  ipv4:
-    cidrs:
-    - 10.20.0.0/16
-    maskSize: 27
-EOF
-
kubectl get ciliumpodippools
-NAME      AGE
-damz      26s
-default   66m
-

Test with apps the two ip pools:

-
cat <<EOF | kubectl apply -f -
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nginx-default
-  namespace: default
-spec:
-  selector:
-    matchLabels:
-      app: nginx-default
-  replicas: 2
-  template:
-    metadata:
-      labels:
-        app: nginx-default
-    spec:
-      containers:
-      - name: nginx
-        image: nginx:1.25.1
-        ports:
-        - containerPort: 80
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nginx-damz
-  namespace: default
-spec:
-  selector:
-    matchLabels:
-      app: nginx-damz
-  replicas: 2
-  template:
-    metadata:
-      labels:
-        app: nginx-damz
-      annotations:
-        ipam.cilium.io/ip-pool: damz
-    spec:
-      containers:
-      - name: nginx
-        image: nginx:1.25.1
-        ports:
-        - containerPort: 80
-EOF
-
kubectl  get po -o wide
-NAME                             READY   STATUS    RESTARTS   AGE   IP           NODE                   NOMINATED NODE   READINESS GATES
-nginx-damz-769c564fc8-br85b      1/1     Running   0          30s   10.20.0.28   alma8.mydomain.intra   <none>           <none>
-nginx-damz-769c564fc8-zqxgw      1/1     Running   0          30s   10.20.0.10   alma8.mydomain.intra   <none>           <none>
-nginx-default-7d4b875895-7pz9f   1/1     Running   0          31s   10.10.0.30   alma8.mydomain.intra   <none>           <none>
-nginx-default-7d4b875895-tbstn   1/1     Running   0          31s   10.10.0.15   alma8.mydomain.intra   <none>           <none>
-
-
-
-
- - - -
-
- Blaiserman avatar -
-
- About Blaiserman -
-
- I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. -
-
- - - -
- -
- - -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/home/k8s-networkpolicy/index.html b/home/k8s-networkpolicy/index.html index 1fac2bcdfa..d6d5b0a0b4 100644 --- a/home/k8s-networkpolicy/index.html +++ b/home/k8s-networkpolicy/index.html @@ -20,11 +20,11 @@ "headline" : "Kubernetes Network Policy", "description" : "In this post I will show you how you can use NetworkPolicys in K8S.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2021", "datePublished": "2021-01-10", "dateModified" : "2021-01-10", @@ -593,6 +593,17 @@

Example

+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - - - - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
- -
- - - -
-
- Blaiserman avatar -
-
- About Blaiserman -
-
- I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. -
-
- - - -
- -
- - -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/home/k8s-test-tools/index.html b/home/k8s-test-tools/index.html index 8ffcc4cca1..67cc2b2588 100644 --- a/home/k8s-test-tools/index.html +++ b/home/k8s-test-tools/index.html @@ -20,11 +20,11 @@ "headline" : "Validate Kubernetes Deployment in CI/CD", "description" : "I this blog post I will show you how you can validate your kubernetes objects, helm charts, images at CI\/CD.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2022", "datePublished": "2022-03-02", "dateModified" : "2022-03-02", @@ -571,8 +571,35 @@

kube-score

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -278,8 +278,35 @@

Change outbound NAT

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -257,14 +257,30 @@

Enable Connection fr +
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
- Blaiserman avatar + Balázs Páldi avatar
- About Blaiserman + About Balázs Páldi
I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. @@ -417,6 +433,7 @@

Social

Recent Posts

diff --git a/home/override-a-single-external-hostname-with-internal-dns-entry/index.html b/home/override-a-single-external-hostname-with-internal-dns-entry/index.html index 64442a27c9..5a5289713b 100644 --- a/home/override-a-single-external-hostname-with-internal-dns-entry/index.html +++ b/home/override-a-single-external-hostname-with-internal-dns-entry/index.html @@ -20,11 +20,11 @@ "headline" : "Override a single external hostname with internal DNS-entry", "description" : "Override a single external hostname with internal DNS-entry\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2019", "datePublished": "2019-06-04", "dateModified" : "2019-06-04", @@ -232,8 +232,35 @@

Solution:

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - Homes - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
-
-

Homes

-
- -
-

- - - -

- -
-
- https://spidernet-io.github.io/egressgateway/v0.4/usage/Install/ https://docs.cilium.io/en/stable/network/egress-gateway/ -
-
- -
-

- - - -

- -
-
- https://www.redhat.com/en/blog/openshift-and-network-security-zones-coexistence-approaches https://docs.cilium.io/en/latest/network/l2-announcements/ https://docs.cilium.io/en/latest/network/egress-gateway/#id1 https://docs.cilium.io/en/latest/network/servicemesh/ingress/#gs-ingress https://docs.cilium.io/en/latest/network/concepts/ipam/multi-pool/ https://docs.cilium.io/en/latest/network/kubernetes/ipam-multi-pool/#enable-multi-pool-ipam-mode https://stackoverflow.com/questions/52487333/how-to-assign-a-namespace-to-certain-nodes - Install Cilium CNI - with L2 Announcements enabled with Egress Gateway enabled with Multi-Pool Configuration - Create two LB pools (DMZ and LAN) Create two Ingress Controller within ther LB pools (DMZ and LAN) Create two cilium Egress Gateway within ther LB pools (DMZ and LAN) Create Network policy for ingress/egress communication separation Create two IP pools (DMZ and LAN) for network separation in Kubernetes kubectl taint nodes --all node-role. -
-
- Read more… -
-
- -
-

- - - -

- -
-
- https://suraj.io/post/single-node-k8s-fedora-selinux/ https://suraj.io/post/k8s-hostpat-nuke-nodes/ https://stackoverflow.com/questions/51000791/how-to-mount-hostpath-volume-in-kubernetes-with-selinux -
-
-
- - - -
- - -
-
- -
- -
- © 2024 devopstales. - Generated with Hugo and Mainroad theme. -
-
-
- -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/home/page/4/index.html b/home/page/4/index.html index 2d03ceaa5b..128699e0dd 100644 --- a/home/page/4/index.html +++ b/home/page/4/index.html @@ -163,6 +163,29 @@

Homes

@@ -538,6 +538,7 @@

Social

Recent Posts

diff --git a/home/page/5/index.html b/home/page/5/index.html index 0249a692fa..4924d63585 100644 --- a/home/page/5/index.html +++ b/home/page/5/index.html @@ -163,6 +163,29 @@

Homes

+
+ + GitHub Actions: Basics + +
+
+

+ + GitHub Actions: Basics + +

+
+
+
+
+
+

In this post I will show you how you can pass artifacts between in gitlab CI.

+
+
+ Read more… +
+
+
Understand OKD OpenShift 4 Buildconfig Configurations @@ -368,35 +391,12 @@

Read more…
-

- -
- - Microk8s: Unable to connect to the server: x509: certificate has expired or is not yet valid - -
-
-

- - Microk8s: Unable to connect to the server: x509: certificate has expired or is not yet valid - -

-
-
-
-
-
-

In this Post I will shoe you how to renew the kubernetes api cert in Microk8s.

-
-
- Read more… -
@@ -538,6 +538,7 @@

Social

Recent Posts

diff --git a/home/page/6/index.html b/home/page/6/index.html index a34ef3f58b..fb8dd6371f 100644 --- a/home/page/6/index.html +++ b/home/page/6/index.html @@ -163,6 +163,29 @@

Homes

+
+ + Microk8s: Unable to connect to the server: x509: certificate has expired or is not yet valid + +
+
+

+ + Microk8s: Unable to connect to the server: x509: certificate has expired or is not yet valid + +

+
+
+
+
+
+

In this Post I will shoe you how to renew the kubernetes api cert in Microk8s.

+
+
+ Read more… +
+
+
Proxmox: Set custom certificate @@ -368,35 +391,12 @@

Read more…
-

- -
- - How to Manage Kubernetes Resource Limits - -
-
-

- - How to Manage Kubernetes Resource Limits - -

-
-
-
-
-
-

In this post I will show you the usage of the Kubernetes limits and requests.

-
-
- Read more… -
@@ -538,6 +538,7 @@

Social

Recent Posts

diff --git a/home/page/7/index.html b/home/page/7/index.html index fe1144fe7c..22fb11aeef 100644 --- a/home/page/7/index.html +++ b/home/page/7/index.html @@ -163,6 +163,29 @@

Homes

+
+ + How to Manage Kubernetes Resource Limits + +
+
+

+ + How to Manage Kubernetes Resource Limits + +

+
+
+
+
+
+

In this post I will show you the usage of the Kubernetes limits and requests.

+
+
+ Read more… +
+
+
Linux user namespace management wit CRI-O in Kubernetes @@ -368,35 +391,12 @@

Read more…
-

- -
- - veeam backup: Cant Add Repository to a Scale Out Backup Repository? - -
-
-

- - veeam backup: Cant Add Repository to a Scale Out Backup Repository? - -

-
-
-
-
-
-

When adding repositories to a Veeam Scale Out Backup Repository you may see this error: Cant Add Repository to a Scale Out Backup Repository? In this Pos I will show you how you can fix is issue.

-
-
- Read more… -
@@ -538,6 +538,7 @@

Social

Recent Posts

diff --git a/home/page/8/index.html b/home/page/8/index.html index 1c5cacae67..bb0d798e52 100644 --- a/home/page/8/index.html +++ b/home/page/8/index.html @@ -163,6 +163,29 @@

Homes

+
+ + veeam backup: Cant Add Repository to a Scale Out Backup Repository? + +
+
+

+ + veeam backup: Cant Add Repository to a Scale Out Backup Repository? + +

+
+
+
+
+
+

When adding repositories to a Veeam Scale Out Backup Repository you may see this error: Cant Add Repository to a Scale Out Backup Repository? In this Pos I will show you how you can fix is issue.

+
+
+ Read more… +
+
+
How to install ESXi nested inside ProxMox VE @@ -368,35 +391,12 @@

Read more…
-

- -
- - Secure your applications with Pomerium Ingress Controller - -
-
-

- - Secure your applications with Pomerium Ingress Controller - -

-
-
-
-
-
-

In this blog post, I will show you how you can install Pomerium Ingress Controller and use it to secure your application.

-
-
- Read more… -
@@ -538,6 +538,7 @@

Social

Recent Posts

diff --git a/home/page/9/index.html b/home/page/9/index.html index eb42cffe34..292d691759 100644 --- a/home/page/9/index.html +++ b/home/page/9/index.html @@ -163,6 +163,29 @@

Homes

+
+ + Secure your applications with Pomerium Ingress Controller + +
+
+

+ + Secure your applications with Pomerium Ingress Controller + +

+
+
+
+
+
+

In this blog post, I will show you how you can install Pomerium Ingress Controller and use it to secure your application.

+
+
+ Read more… +
+
+
How to build containers in Kubernetes @@ -368,35 +391,12 @@

Read more…
-

- -
- - How to: Enable Serial Console for guest virtual machine (VM) on Proxmox VE (PVE) - -
-
-

- - How to: Enable Serial Console for guest virtual machine (VM) on Proxmox VE (PVE) - -

-
-
-
-
-
-

This article explains how to redirect messages to a serial console in on Debian and use Serial Console on Proxmox VE.

-
-
- Read more… -
@@ -538,6 +538,7 @@

Social

Recent Posts

diff --git a/home/pfsense-2fa/index.html b/home/pfsense-2fa/index.html index b640178ec9..4f056eb360 100644 --- a/home/pfsense-2fa/index.html +++ b/home/pfsense-2fa/index.html @@ -20,17 +20,17 @@ "headline" : "Google Authenticator on pfSense", "description" : "This article explains how to set up OpenVPN with Google Authenticator on pfSense.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2019", "datePublished": "2019-04-29", "dateModified" : "2019-04-29", "url" : "https://devopstales.github.io/home/pfsense-2fa/", "wordCount" : "310", - "keywords" : [ "kubernetes", "openshift", "devops", "Blog" ] + "keywords" : [ "devops", "tales", "pfsense", "2FA", "radius", "firewall", "Blog" ] } @@ -453,8 +453,35 @@

Configurate openvpn

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -248,8 +248,35 @@

Firewall Rules in pfesense Firewall +
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -286,8 +286,35 @@

Change outbound NAT

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -271,8 +271,35 @@

Example with Google Gmail SMTP

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -38,15 +38,15 @@ - - devopstales + Send Pfsense logs to Wazuh - devopstales - - + + - - - + + + @@ -80,10 +80,10 @@ - - + + - + @@ -191,47 +191,105 @@
-

- +

Send Pfsense logs to Wazuh

+
+
+
-
- 
kind: Cluster
-apiVersion: kind.x-k8s.io/v1alpha4
-networking:
-  podSubnet: "10.11.0.0/16"
-  # the default CNI will not be installed
-  disableDefaultCNI: true
-nodes:
-- role: control-plane
-- role: worker
-- role: worker
-
-
kind: Cluster
-apiVersion: kind.x-k8s.io/v1alpha4
-networking:
-  podSubnet: "10.12.0.0/16"
-  # the default CNI will not be installed
-  disableDefaultCNI: true
-nodes:
-- role: control-plane
-- role: worker
-- role: worker
-
-
kind create cluster -n cilium01 --config clilium-cluster-mesh-c01.yaml
-kind create cluster -n cilium02 --config clilium-cluster-mesh-c02.yaml
-
+ +
+
Page content
+
+ +
+
+

In this post I will show you how to send PFSense logs to Wazuh SIEM server.

+

Many examples on the internet says that you can use Wazuh agent to send logs to Wazuh Server. Well from PFsense 2.5 you can not install the agent without braking the PFsense upgrade manager UI. The next option is to send the PFsense logs directly from the firewall to the Wazuh Server syslog endpoint. I tried this method but my problem was the Log Message Format. From PFsense 2.5 you can use RFC5424 format but the Wazuh server syslog input dose not decode it well and the default log decoders for PFsense Dose not work. So I tried the legacy RFC3164 format. Well There is a bug in the FreeBSD implementation of the syslogd and it dose not include the hostname to the syslog message. It means this is not a valid syslog formatted message, and the Wazuh default log decoders for PFsense still not working. So first I tried the create custom decoders for the log messages. In the end I found a suggestion on PFsense forum to use the syslog-ng plugin of PFsense because it formats the syslog messages correctly.

+

Install Syslog-ng plugin

+

Navigate to System > Package Manager > Avaiable Packages and search for syslog the only result will be the syslog-ng package. Click on the install button to add it to the firewall.

+

wazuh infra

+

Setting syslog-ng

+

Navigate to Services > Syslog-ng > Settings Tab and set the syslog-ng on the GUI as the image below and click on the save button.

+

wazuh infra

+

Send pfSense Logs to syslog-ng

+

Navigate to Status > System Logs > Settings Tab and at the button check the Enable Remote Logging checkbox.

+

Set the settings as the picture below and click the save button.

+

wazuh infra

+

wazuh infra

+

Configure Wazuh syslog input

+

Edit the /var/ossec/etc/ossec.cfg on the Wazuh Manger:

+
<ossec_config>
+  <!-- pfsense syslog input -->
+  <remote>
+    <connection>syslog</connection>
+    <port>5514</port>
+    <protocol>tcp</protocol>
+    <allowed-ips>192.168.1.10</allowed-ips>
+    <local_ip>192.168.1.5</local_ip>
+  </remote>
+  <remote>
+    <connection>syslog</connection>
+    <port>5514</port>
+    <protocol>udp</protocol>
+    <allowed-ips>192.168.1.10</allowed-ips>
+    <local_ip>192.168.1.5</local_ip>
+  </remote>
+</ossec_config>
+

The pfsense server’s ip is 192.168.1.10 and the wazuh server1s ip is 192.168.1.5.

+

Sending syslog-ng Logs to Remote Server

+

Syslog-ng is very flexible with its sources and destinations and the next step will be to crate a new destination to connect the local instance to the remote server.

+

First, we need to add a new destination entry named DST_WAZUH_SYSLOG. Navigate to Services > Syslog-ng > Advanced Tab and add a new destination as the picture below.

+
{ network("192.168.1.5" transport(udp) port(5514)); };
+

After, adding the destination we need to connect with the remote server adding a new log object as seen below.

+
{ source(_DEFAULT); destination(DST_WAZUH_SYSLOG); };
+
+

If you want to rewrite the hostname create a rewrite object named REWRITE_HOSTNAME:

+
+
{ set("pfsense.mydomain.intra", value("HOST")); };
+

The add the rewrite rule to the destination:

+
{ source(_DEFAULT); rewrite(REWRITE_HOSTNAME); destination(DST_WAZUH_SYSLOG); };
+

Check if the Service is running.

+

wazuh infra

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
- Blaiserman avatar + Balázs Páldi avatar
- About Blaiserman + About Balázs Páldi
I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. @@ -384,6 +442,7 @@

Social

Recent Posts

@@ -580,6 +638,8 @@

Tags

+ +
This website makes use of third-party cookies. diff --git a/home/wazuh-siem/index.html b/home/wazuh-siem/index.html index 4e98f82622..ae671794f2 100644 --- a/home/wazuh-siem/index.html +++ b/home/wazuh-siem/index.html @@ -20,11 +20,11 @@ "headline" : "Install Wazuh SIEM", "description" : "In this post I will show you how to install and configure the Wazuh Open Source SIEM solution.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2023", "datePublished": "2023-09-01", "dateModified" : "2023-09-01", @@ -385,8 +385,35 @@

Install wazuh-indexer

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - - - - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
-
-
-

- -
-
- 
kind: Cluster
-apiVersion: kind.x-k8s.io/v1alpha4
-networking:
-  podSubnet: "10.11.0.0/16"
-  # the default CNI will not be installed
-  disableDefaultCNI: true
-nodes:
-- role: control-plane
-- role: worker
-- role: worker
-
-
kind: Cluster
-apiVersion: kind.x-k8s.io/v1alpha4
-networking:
-  podSubnet: "10.12.0.0/16"
-  # the default CNI will not be installed
-  disableDefaultCNI: true
-nodes:
-- role: control-plane
-- role: worker
-- role: worker
-
-
kind create cluster -n cilium01 --config clilium-cluster-mesh-c01.yaml
-kind create cluster -n cilium02 --config clilium-cluster-mesh-c02.yaml
-
-
-
-
- - - -
-
- Blaiserman avatar -
-
- About Blaiserman -
-
- I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. -
-
- - - -
- -
-
- -
- -
- © 2024 devopstales. - Generated with Hugo and Mainroad theme. -
-
-
- -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/kubernetes/cilium-opnsense-bgp-v2/index.html b/kubernetes/cilium-opnsense-bgp-v2/index.html index d70085abea..f3f94fcc3a 100644 --- a/kubernetes/cilium-opnsense-bgp-v2/index.html +++ b/kubernetes/cilium-opnsense-bgp-v2/index.html @@ -20,11 +20,11 @@ "headline" : "Use Cilium BGP integration with OPNsense", "description" : "In this tutorial I will show you how to install Cilium with BGP integration for Kubernetes.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2023", "datePublished": "2023-01-25", "dateModified" : "2023-01-25", @@ -399,6 +399,17 @@

+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -332,8 +332,35 @@

What is gvisor

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - - - - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
- -
- - - -
-
- Blaiserman avatar -
-
- About Blaiserman -
-
- I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. -
-
- - - -
- -
-
- -
- -
- © 2024 devopstales. - Generated with Hugo and Mainroad theme. -
-
-
- -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/kubernetes/k8s-ephemerald-pod/index.html b/kubernetes/k8s-ephemerald-pod/index.html index 9511ff0cbb..2119f5004d 100644 --- a/kubernetes/k8s-ephemerald-pod/index.html +++ b/kubernetes/k8s-ephemerald-pod/index.html @@ -20,11 +20,11 @@ "headline" : "Debug with Ephemeral Containers", "description" : "In this post I will show you how you can debug your application in a pod with a new function called Ephemeral Containers released in Kubernetes 1.25.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2022", "datePublished": "2022-09-12", "dateModified" : "2022-09-12", @@ -445,6 +445,17 @@

+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - - - - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
-
-
-

- -
-
-

https://www.redhat.com/en/blog/openshift-and-network-security-zones-coexistence-approaches -https://docs.cilium.io/en/latest/network/l2-announcements/ -https://docs.cilium.io/en/latest/network/egress-gateway/#id1 -https://docs.cilium.io/en/latest/network/servicemesh/ingress/#gs-ingress -https://docs.cilium.io/en/latest/network/concepts/ipam/multi-pool/ -https://docs.cilium.io/en/latest/network/kubernetes/ipam-multi-pool/#enable-multi-pool-ipam-mode -https://stackoverflow.com/questions/52487333/how-to-assign-a-namespace-to-certain-nodes

-
    -
  • -

    Install Cilium CNI

    -
      -
    • with L2 Announcements enabled
      • -
    • with Egress Gateway enabled
      • -
    • with Multi-Pool
      • -
    -
    • -
  • -

    Configuration

    -
      -
    • Create two LB pools (DMZ and LAN)
      • -
    • Create two Ingress Controller within ther LB pools (DMZ and LAN)
      • -
    • Create two cilium Egress Gateway within ther LB pools (DMZ and LAN)
      • -
    • Create Network policy for ingress/egress communication separation
      • -
    • Create two IP pools (DMZ and LAN) for network separation in Kubernetes
      • -
    -
    • -
-
kubectl taint nodes --all node-role.kubernetes.io/control-plane:NoSchedule-
-kubectl taint nodes --all node-role.kubernetes.io/master:NoSchedule-
-
kubeProxyReplacement: true
-
-k8sServiceHost: 10.0.2.15
-k8sServicePort: 6443
-containerRuntime:
-  integration: containerd
-rollOutCiliumPods: true
-priorityClassName: system-cluster-critical
-
-ipv4:
-  enabled: true
-ipv6:
-  enabled: false
-
-# L2 LoadBalancer service
-l2announcements:
-  enabled: true
-
-# Policy audit log
-config:
-  policyAuditMode: true
-
-# egressGateway
-egressGateway:
-  enabled: true
-bpf:
-  masquerade: true
-l7Proxy: false
-
-endpointStatus:
-  enabled: true
-  status: policy
-
-dashboards:
-  enabled: false
-  namespace: "monitoring-system"
-  annotations:
-    grafana_folder: "cilium"
-
-hubble:
-  metrics:
-    enableOpenMetrics: true
-    enabled:
-    - dns
-    - drop
-    - tcp
-    - flow:sourceContext=workload-name|reserved-identity;destinationContext=workload-name|reserved-identity
-    - port-distribution
-    - icmp
-    - kafka:labelsContext=source_namespace,source_workload,destination_namespace,destination_workload,traffic_direction;sourceContext=workload-name|reserved-identity;destinationContext=workload-name|reserved-identity
-    - policy:sourceContext=app|workload-name|pod|reserved-identity;destinationContext=app|workload-name|pod|dns|reserved-identity;labelsContext=source_namespace,destination_namespace
-    - httpV2:exemplars=true;labelsContext=source_ip,source_namespace,source_workload,destination_ip,destination_namespace,destination_workload,traffic_direction
-    serviceMonitor:
-      enabled: false
-    dashboards:
-      enabled: false
-      namespace: "monitoring-system"
-      annotations:
-        grafana_folder: "cilium"
-
-  ui:
-    enabled: true
-    replicas: 1
-    ingress:
-      enabled: true
-      hosts:
-        - hubble.k8s.intra
-      annotations:
-        kubernetes.io/ingress.class: nginx
-        cert-manager.io/cluster-issuer: ca-issuer
-      tls:
-      - secretName: hubble-ingress-tls
-        hosts:
-        - hubble.k8s.intra
-    tolerations:
-      - key: "node-role.kubernetes.io/master"
-        operator: "Exists"
-        effect: "NoSchedule"
-      - key: "node-role.kubernetes.io/control-plane"
-        operator: "Exists"
-        effect: "NoSchedule"
-    backend:
-      resources:
-        limits:
-          cpu: 60m
-          memory: 300Mi
-        requests:
-          cpu: 20m
-          memory: 64Mi
-    frontend:
-      resources:
-        limits:
-          cpu: 1000m
-          memory: 1024M
-        requests:
-          cpu: 100m
-          memory: 64Mi
-    proxy:
-      resources:
-        limits:
-          cpu: 1000m
-          memory: 1024M
-        requests:
-          cpu: 100m
-          memory: 64Mi
-
-  relay:
-    enabled: true
-    tolerations:
-      - key: "node-role.kubernetes.io/master"
-        operator: "Exists"
-        effect: "NoSchedule"
-      - key: "node-role.kubernetes.io/control-plane"
-        operator: "Exists"
-        effect: "NoSchedule"
-    resources:
-      limits:
-        cpu: 100m
-        memory: 500Mi
-    prometheus:
-      enabled: true
-      serviceMonitor:
-        enabled: false
-
-operator:
-  replicas: 1
-  resources:
-    limits:
-      cpu: 1000m
-      memory: 1Gi
-    requests:
-      cpu: 100m
-      memory: 128Mi
-  prometheus:
-    enabled: true
-    serviceMonitor:
-      enabled: false
-  dashboards:
-    enabled: false
-    namespace: "monitoring-system"
-    annotations:
-      grafana_folder: "cilium"
-
-ipam:
-  mode: "multi-pool"
-  operator:
-    clusterPoolIPv4PodCIDR: "10.43.0.0/16"
-    clusterPoolIPv4MaskSize: 24
-    clusterPoolIPv6PodCIDR: "fd00::/104"
-    clusterPoolIPv6MaskSize: 120
-    autoCreateCiliumPodIPPools:
-      default:
-        ipv4:
-          cidrs:
-            - 10.10.0.0/16
-          maskSize: 27
-
-routingMode: native
-autoDirectNodeRoutes: true
-endpointRoutes:
-  enabled: true
-
-ipv4NativeRoutingCIDR: 10.0.0.0/8
-

Create two LB pools (default and dmz)

-
kubectl get ciliumpodippool default -o yaml
-apiVersion: cilium.io/v2alpha1
-kind: CiliumPodIPPool
-metadata:
-  creationTimestamp: "2024-05-15T11:00:27Z"
-  generation: 1
-  name: default
-  resourceVersion: "3188"
-  uid: ce4288fa-e458-4ed6-b03c-c46af24e2a92
-spec:
-  ipv4:
-    cidrs:
-    - 10.10.0.0/16
-    maskSize: 27
-
cat <<EOF | kubectl apply -f -
-apiVersion: cilium.io/v2alpha1
-kind: CiliumPodIPPool
-metadata:
-  name: damz
-spec:
-  ipv4:
-    cidrs:
-    - 10.20.0.0/16
-    maskSize: 27
-EOF
-
kubectl get ciliumpodippools
-NAME      AGE
-damz      26s
-default   66m
-

Test with apps the two ip pools:

-
cat <<EOF | kubectl apply -f -
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nginx-default
-  namespace: default
-spec:
-  selector:
-    matchLabels:
-      app: nginx-default
-  replicas: 2
-  template:
-    metadata:
-      labels:
-        app: nginx-default
-    spec:
-      containers:
-      - name: nginx
-        image: nginx:1.25.1
-        ports:
-        - containerPort: 80
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nginx-damz
-  namespace: default
-spec:
-  selector:
-    matchLabels:
-      app: nginx-damz
-  replicas: 2
-  template:
-    metadata:
-      labels:
-        app: nginx-damz
-      annotations:
-        ipam.cilium.io/ip-pool: damz
-    spec:
-      containers:
-      - name: nginx
-        image: nginx:1.25.1
-        ports:
-        - containerPort: 80
-EOF
-
kubectl  get po -o wide
-NAME                             READY   STATUS    RESTARTS   AGE   IP           NODE                   NOMINATED NODE   READINESS GATES
-nginx-damz-769c564fc8-br85b      1/1     Running   0          30s   10.20.0.28   alma8.mydomain.intra   <none>           <none>
-nginx-damz-769c564fc8-zqxgw      1/1     Running   0          30s   10.20.0.10   alma8.mydomain.intra   <none>           <none>
-nginx-default-7d4b875895-7pz9f   1/1     Running   0          31s   10.10.0.30   alma8.mydomain.intra   <none>           <none>
-nginx-default-7d4b875895-tbstn   1/1     Running   0          31s   10.10.0.15   alma8.mydomain.intra   <none>           <none>
-
-
-
-
- - - -
-
- Blaiserman avatar -
-
- About Blaiserman -
-
- I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. -
-
- - - -
- -
- - -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/kubernetes/k8s-networkpolicy/index.html b/kubernetes/k8s-networkpolicy/index.html index 975c5d4ca2..a72e28157c 100644 --- a/kubernetes/k8s-networkpolicy/index.html +++ b/kubernetes/k8s-networkpolicy/index.html @@ -20,11 +20,11 @@ "headline" : "Kubernetes Network Policy", "description" : "In this post I will show you how you can use NetworkPolicys in K8S.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2021", "datePublished": "2021-01-10", "dateModified" : "2021-01-10", @@ -612,8 +612,35 @@

Example

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - - - - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
- -
- - - -
-
- Blaiserman avatar -
-
- About Blaiserman -
-
- I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. -
-
- - - -
- -
- - -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/kubernetes/k8s-test-tools/index.html b/kubernetes/k8s-test-tools/index.html index a6005450db..9ad7bd3c1e 100644 --- a/kubernetes/k8s-test-tools/index.html +++ b/kubernetes/k8s-test-tools/index.html @@ -20,11 +20,11 @@ "headline" : "Validate Kubernetes Deployment in CI/CD", "description" : "I this blog post I will show you how you can validate your kubernetes objects, helm charts, images at CI\/CD.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2022", "datePublished": "2022-03-02", "dateModified" : "2022-03-02", @@ -591,8 +591,35 @@

kube-score

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -333,11 +333,52 @@

Install Squid

tailf /var/log/squid/access.log + +
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -276,8 +276,35 @@

Ipmitool on pfsense

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -295,8 +295,35 @@

Change outbound NAT

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -277,14 +277,30 @@

Enable Connection fr +
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
- Blaiserman avatar + Balázs Páldi avatar
- About Blaiserman + About Balázs Páldi
I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. @@ -437,6 +453,7 @@

Social

Recent Posts

diff --git a/linux/page/2/index.html b/linux/page/2/index.html index 898f2b4cef..86ea790c25 100644 --- a/linux/page/2/index.html +++ b/linux/page/2/index.html @@ -163,6 +163,31 @@

Linuxes

@@ -548,6 +550,7 @@

Social

Recent Posts

diff --git a/linux/page/3/index.html b/linux/page/3/index.html index a12821828e..26830819c0 100644 --- a/linux/page/3/index.html +++ b/linux/page/3/index.html @@ -163,6 +163,29 @@

Linuxes

+
+ + Firewall Ports for AD Domain Join + +
+
+

+ + Firewall Ports for AD Domain Join + +

+
+
+
+
+
+

In this post I will show you what port you need to enable for AD Domain Join.

+
+
+ Read more… +
+
+
HA IPSec VPN with BGP Dynamic Routing between two pfSense Appliances @@ -373,31 +396,6 @@

Read more…
-

- -
- - Install Chef server - -
-
-

- - Install Chef server - -

-
-
-
Chef - -
-
-
-

Chef is a powerful configuration management utility writy in ruby. This post will help you to setup a chef 13 on CentOS 7

-
-
- Read more… -
@@ -545,6 +543,7 @@

Social

Recent Posts

diff --git a/linux/page/4/index.html b/linux/page/4/index.html index 165e05b3a9..36336ad485 100644 --- a/linux/page/4/index.html +++ b/linux/page/4/index.html @@ -163,6 +163,31 @@

Linuxes

+
+ + Install Chef server + +
+
+

+ + Install Chef server + +

+
+
+
Chef + +
+
+
+

Chef is a powerful configuration management utility writy in ruby. This post will help you to setup a chef 13 on CentOS 7

+
+
+ Read more… +
+
+
CEPH backup with Benji @@ -380,29 +405,6 @@

Read more…
-

- -
- - Configure Rundeck LADAP - -
-
-

- - Configure Rundeck LADAP - -

-
-
-
-
-
-

In this post I will configure Rundeck to use LDAP as a User backend.

-
-
- Read more… -
@@ -550,6 +552,7 @@

Social

Recent Posts

diff --git a/linux/page/5/index.html b/linux/page/5/index.html index 66b3ac963c..e62843ae20 100644 --- a/linux/page/5/index.html +++ b/linux/page/5/index.html @@ -163,6 +163,29 @@

Linuxes

+
+ + Configure Rundeck LADAP + +
+
+

+ + Configure Rundeck LADAP + +

+
+
+
+
+
+

In this post I will configure Rundeck to use LDAP as a User backend.

+
+
+ Read more… +
+
+
Install docker on fedora 31 @@ -372,29 +395,6 @@

Read more…
-

- -
- - Install Graylog3 - -
-
-

- - Install Graylog3 - -

-
-
-
-
-
-

Graylog is defined in terms of log management platform for collecting, indexing, and analyzing both structured and unstructured data from almost any source.

-
-
- Read more… -
@@ -542,6 +542,7 @@

Social

Recent Posts

diff --git a/linux/page/6/index.html b/linux/page/6/index.html index c1e1467209..6b24440a5f 100644 --- a/linux/page/6/index.html +++ b/linux/page/6/index.html @@ -163,6 +163,29 @@

Linuxes

+
+ + Install Graylog3 + +
+
+

+ + Install Graylog3 + +

+
+
+
+
+
+

Graylog is defined in terms of log management platform for collecting, indexing, and analyzing both structured and unstructured data from almost any source.

+
+
+ Read more… +
+
+
Install mattermost for Gitlab @@ -370,31 +393,6 @@

Read more…
-

- -
- - Install AWX - -
-
-

- - Install AWX - -

-
-
-
Ansible - -
-
-
-

AWX is an open source web application that provides a user interface, REST API, and task engine for Ansible.

-
-
- Read more… -
@@ -542,6 +540,7 @@

Social

Recent Posts

diff --git a/linux/page/7/index.html b/linux/page/7/index.html index 69982c72a7..866d6c99c9 100644 --- a/linux/page/7/index.html +++ b/linux/page/7/index.html @@ -163,6 +163,31 @@

Linuxes

+
+ + Install AWX + +
+
+

+ + Install AWX + +

+
+
+
Ansible + +
+
+
+

AWX is an open source web application that provides a user interface, REST API, and task engine for Ansible.

+
+
+ Read more… +
+
+
Install AWX in docker @@ -372,29 +397,6 @@

Read more…
-

- -
- - Pfsese USG S2S VPN - -
-
-

- - Pfsese USG S2S VPN - -

-
-
-
-
-
-

I will show you how to create a site-to-site VPN for pfSense and unifi usg.

-
-
- Read more… -
@@ -542,6 +544,7 @@

Social

Recent Posts

diff --git a/linux/page/8/index.html b/linux/page/8/index.html index 7045cf7dfb..7392311e93 100644 --- a/linux/page/8/index.html +++ b/linux/page/8/index.html @@ -163,6 +163,29 @@

Linuxes

+
+ + Pfsese USG S2S VPN + +
+
+

+ + Pfsese USG S2S VPN + +

+
+
+
+
+
+

I will show you how to create a site-to-site VPN for pfSense and unifi usg.

+
+
+ Read more… +
+
+
Install vMWare Harbor @@ -368,31 +391,6 @@

Read more…
-

- -
- - Install Ceph cluster - -
-
-

- - Install Ceph cluster - -

-
-
-
Ceph - -
-
-
-

Ceph is free and open source distributed objectstorage solution. With Ceph we can easily provide and manage block storage, object storage and file storage.

-
-
- Read more… -
@@ -540,6 +538,7 @@

Social

Recent Posts

diff --git a/linux/page/9/index.html b/linux/page/9/index.html index 654d2baa3f..c97960fdc4 100644 --- a/linux/page/9/index.html +++ b/linux/page/9/index.html @@ -163,6 +163,31 @@

Linuxes

+
+ + Install Ceph cluster + +
+
+

+ + Install Ceph cluster + +

+
+
+
Ceph + +
+
+
+

Ceph is free and open source distributed objectstorage solution. With Ceph we can easily provide and manage block storage, object storage and file storage.

+
+
+ Read more… +
+
+
Use Ceph Block Device @@ -405,6 +430,7 @@

Social

Recent Posts

diff --git a/linux/pfsense-2fa/index.html b/linux/pfsense-2fa/index.html index c62f63b69f..180fc1e48b 100644 --- a/linux/pfsense-2fa/index.html +++ b/linux/pfsense-2fa/index.html @@ -20,17 +20,17 @@ "headline" : "Google Authenticator on pfSense", "description" : "This article explains how to set up OpenVPN with Google Authenticator on pfSense.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2019", "datePublished": "2019-04-29", "dateModified" : "2019-04-29", "url" : "https://devopstales.github.io/linux/pfsense-2fa/", "wordCount" : "310", - "keywords" : [ "kubernetes", "openshift", "devops", "Blog" ] + "keywords" : [ "pfsense", "2FA", "radius", "firewall", "Blog" ] } @@ -467,8 +467,35 @@

Configurate openvpn

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -262,8 +262,35 @@

Firewall Rules in pfesense Firewall +
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -303,8 +303,35 @@

Change outbound NAT

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -288,8 +288,35 @@

Example with Google Gmail SMTP

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -38,15 +38,15 @@ - - devopstales + Send Pfsense logs to Wazuh - devopstales - - + + - - - + + + @@ -80,10 +80,10 @@ - - + + - + @@ -191,27 +191,128 @@
-

- +

Send Pfsense logs to Wazuh

+
+
+
-
- - + +
+
Page content
+
+ +
+
+

In this post I will show you how to send PFSense logs to Wazuh SIEM server.

+

Many examples on the internet says that you can use Wazuh agent to send logs to Wazuh Server. Well from PFsense 2.5 you can not install the agent without braking the PFsense upgrade manager UI. The next option is to send the PFsense logs directly from the firewall to the Wazuh Server syslog endpoint. I tried this method but my problem was the Log Message Format. From PFsense 2.5 you can use RFC5424 format but the Wazuh server syslog input dose not decode it well and the default log decoders for PFsense Dose not work. So I tried the legacy RFC3164 format. Well There is a bug in the FreeBSD implementation of the syslogd and it dose not include the hostname to the syslog message. It means this is not a valid syslog formatted message, and the Wazuh default log decoders for PFsense still not working. So first I tried the create custom decoders for the log messages. In the end I found a suggestion on PFsense forum to use the syslog-ng plugin of PFsense because it formats the syslog messages correctly.

+

Install Syslog-ng plugin

+

Navigate to System > Package Manager > Avaiable Packages and search for syslog the only result will be the syslog-ng package. Click on the install button to add it to the firewall.

+

wazuh infra

+

Setting syslog-ng

+

Navigate to Services > Syslog-ng > Settings Tab and set the syslog-ng on the GUI as the image below and click on the save button.

+

wazuh infra

+

Send pfSense Logs to syslog-ng

+

Navigate to Status > System Logs > Settings Tab and at the button check the Enable Remote Logging checkbox.

+

Set the settings as the picture below and click the save button.

+

wazuh infra

+

wazuh infra

+

Configure Wazuh syslog input

+

Edit the /var/ossec/etc/ossec.cfg on the Wazuh Manger:

+
<ossec_config>
+  <!-- pfsense syslog input -->
+  <remote>
+    <connection>syslog</connection>
+    <port>5514</port>
+    <protocol>tcp</protocol>
+    <allowed-ips>192.168.1.10</allowed-ips>
+    <local_ip>192.168.1.5</local_ip>
+  </remote>
+  <remote>
+    <connection>syslog</connection>
+    <port>5514</port>
+    <protocol>udp</protocol>
+    <allowed-ips>192.168.1.10</allowed-ips>
+    <local_ip>192.168.1.5</local_ip>
+  </remote>
+</ossec_config>
+

The pfsense server’s ip is 192.168.1.10 and the wazuh server1s ip is 192.168.1.5.

+

Sending syslog-ng Logs to Remote Server

+

Syslog-ng is very flexible with its sources and destinations and the next step will be to crate a new destination to connect the local instance to the remote server.

+

First, we need to add a new destination entry named DST_WAZUH_SYSLOG. Navigate to Services > Syslog-ng > Advanced Tab and add a new destination as the picture below.

+
{ network("192.168.1.5" transport(udp) port(5514)); };
+

After, adding the destination we need to connect with the remote server adding a new log object as seen below.

+
{ source(_DEFAULT); destination(DST_WAZUH_SYSLOG); };
+
+

If you want to rewrite the hostname create a rewrite object named REWRITE_HOSTNAME:

+
+
{ set("pfsense.mydomain.intra", value("HOST")); };
+

The add the rewrite rule to the destination:

+
{ source(_DEFAULT); rewrite(REWRITE_HOSTNAME); destination(DST_WAZUH_SYSLOG); };
+

Check if the Service is running.

+

wazuh infra

+
+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
- Blaiserman avatar + Balázs Páldi avatar
- About Blaiserman + About Balázs Páldi
I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. @@ -364,6 +465,7 @@

Social

Recent Posts

@@ -560,6 +661,8 @@

Tags

+ +
This website makes use of third-party cookies. diff --git a/linux/wazuh-siem/index.html b/linux/wazuh-siem/index.html index 7eeb609e40..e2c6415157 100644 --- a/linux/wazuh-siem/index.html +++ b/linux/wazuh-siem/index.html @@ -20,11 +20,11 @@ "headline" : "Install Wazuh SIEM", "description" : "In this post I will show you how to install and configure the Wazuh Open Source SIEM solution.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2023", "datePublished": "2023-09-01", "dateModified" : "2023-09-01", @@ -408,8 +408,35 @@

Install wazuh-indexer

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -361,8 +361,35 @@

Install alerta on Centos7

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
@@ -366,8 +366,35 @@

Install alerta on Centos8

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+
- - - - - - devopstales - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
-
- - - - - -
-
-
-
- -
-
- -
-

- - - -

- -
-
- https://spidernet-io.github.io/egressgateway/v0.4/usage/Install/ https://docs.cilium.io/en/stable/network/egress-gateway/ -
-
- -
-

- - - -

- -
-
- https://www.redhat.com/en/blog/openshift-and-network-security-zones-coexistence-approaches https://docs.cilium.io/en/latest/network/l2-announcements/ https://docs.cilium.io/en/latest/network/egress-gateway/#id1 https://docs.cilium.io/en/latest/network/servicemesh/ingress/#gs-ingress https://docs.cilium.io/en/latest/network/concepts/ipam/multi-pool/ https://docs.cilium.io/en/latest/network/kubernetes/ipam-multi-pool/#enable-multi-pool-ipam-mode https://stackoverflow.com/questions/52487333/how-to-assign-a-namespace-to-certain-nodes - Install Cilium CNI - with L2 Announcements enabled with Egress Gateway enabled with Multi-Pool Configuration - Create two LB pools (DMZ and LAN) Create two Ingress Controller within ther LB pools (DMZ and LAN) Create two cilium Egress Gateway within ther LB pools (DMZ and LAN) Create Network policy for ingress/egress communication separation Create two IP pools (DMZ and LAN) for network separation in Kubernetes kubectl taint nodes --all node-role. -
-
- Read more… -
-
- -
-

- - - -

- -
-
- https://suraj.io/post/single-node-k8s-fedora-selinux/ https://suraj.io/post/k8s-hostpat-nuke-nodes/ https://stackoverflow.com/questions/51000791/how-to-mount-hostpath-volume-in-kubernetes-with-selinux -
-
-
- - - -
- -
-
- -
- -
- © 2024 devopstales. - Generated with Hugo and Mainroad theme. -
-
-
- -
- -
-
- This website makes use of third-party cookies. - Learn More -
-
- -
-
- - - - - - diff --git a/page/4/index.html b/page/4/index.html index b927a9a9b6..cc166a0105 100644 --- a/page/4/index.html +++ b/page/4/index.html @@ -173,6 +173,29 @@
@@ -547,6 +547,7 @@

Social

Recent Posts

diff --git a/page/5/index.html b/page/5/index.html index 1d641c0b79..cb93f710ca 100644 --- a/page/5/index.html +++ b/page/5/index.html @@ -173,6 +173,29 @@
@@ -547,6 +547,7 @@

Social

Recent Posts

diff --git a/page/6/index.html b/page/6/index.html index 64a206e640..0d995ea3ee 100644 --- a/page/6/index.html +++ b/page/6/index.html @@ -173,6 +173,29 @@
+
+ + Microk8s: Unable to connect to the server: x509: certificate has expired or is not yet valid + +
+
+

+ + Microk8s: Unable to connect to the server: x509: certificate has expired or is not yet valid + +

+
+
+
+
+
+

In this Post I will shoe you how to renew the kubernetes api cert in Microk8s.

+
+
+ Read more… +
+
+
Proxmox: Set custom certificate @@ -378,35 +401,12 @@

Read more…
-

- -
- - How to Manage Kubernetes Resource Limits - -
-
-

- - How to Manage Kubernetes Resource Limits - -

-
-
-
-
-
-

In this post I will show you the usage of the Kubernetes limits and requests.

-
-
- Read more… -
@@ -547,6 +547,7 @@

Social

Recent Posts

diff --git a/page/7/index.html b/page/7/index.html index 28a3d7173b..e947566354 100644 --- a/page/7/index.html +++ b/page/7/index.html @@ -173,6 +173,29 @@
+
+ + How to Manage Kubernetes Resource Limits + +
+
+

+ + How to Manage Kubernetes Resource Limits + +

+
+
+
+
+
+

In this post I will show you the usage of the Kubernetes limits and requests.

+
+
+ Read more… +
+
+
Linux user namespace management wit CRI-O in Kubernetes @@ -378,35 +401,12 @@

Read more…
-

- -
- - veeam backup: Cant Add Repository to a Scale Out Backup Repository? - -
-
-

- - veeam backup: Cant Add Repository to a Scale Out Backup Repository? - -

-
-
-
-
-
-

When adding repositories to a Veeam Scale Out Backup Repository you may see this error: Cant Add Repository to a Scale Out Backup Repository? In this Pos I will show you how you can fix is issue.

-
-
- Read more… -
@@ -547,6 +547,7 @@

Social

Recent Posts

diff --git a/page/8/index.html b/page/8/index.html index c225da4d2f..e3fdff8f1b 100644 --- a/page/8/index.html +++ b/page/8/index.html @@ -173,6 +173,29 @@
+
+ + veeam backup: Cant Add Repository to a Scale Out Backup Repository? + +
+
+

+ + veeam backup: Cant Add Repository to a Scale Out Backup Repository? + +

+
+
+
+
+
+

When adding repositories to a Veeam Scale Out Backup Repository you may see this error: Cant Add Repository to a Scale Out Backup Repository? In this Pos I will show you how you can fix is issue.

+
+
+ Read more… +
+
+
How to install ESXi nested inside ProxMox VE @@ -378,35 +401,12 @@

Read more…
-

- -
- - Secure your applications with Pomerium Ingress Controller - -
-
-

- - Secure your applications with Pomerium Ingress Controller - -

-
-
-
-
-
-

In this blog post, I will show you how you can install Pomerium Ingress Controller and use it to secure your application.

-
-
- Read more… -
@@ -547,6 +547,7 @@

Social

Recent Posts

diff --git a/page/9/index.html b/page/9/index.html index 067a6f49cc..5a619d60f2 100644 --- a/page/9/index.html +++ b/page/9/index.html @@ -173,6 +173,29 @@
+
+ + Secure your applications with Pomerium Ingress Controller + +
+
+

+ + Secure your applications with Pomerium Ingress Controller + +

+
+
+
+
+
+

In this blog post, I will show you how you can install Pomerium Ingress Controller and use it to secure your application.

+
+
+ Read more… +
+
+
How to build containers in Kubernetes @@ -378,35 +401,12 @@

Read more…
-

- -
- - How to: Enable Serial Console for guest virtual machine (VM) on Proxmox VE (PVE) - -
-
-

- - How to: Enable Serial Console for guest virtual machine (VM) on Proxmox VE (PVE) - -

-
-
-
-
-
-

This article explains how to redirect messages to a serial console in on Debian and use Serial Console on Proxmox VE.

-
-
- Read more… -
@@ -547,6 +547,7 @@

Social

Recent Posts

diff --git a/privacy-policy/index.html b/privacy-policy/index.html index 2d6a072088..eb9264c8f5 100644 --- a/privacy-policy/index.html +++ b/privacy-policy/index.html @@ -20,11 +20,11 @@ "headline" : "Privacy Policy", "description" : "Since this site is created with a static HTML generator and is not a web-based, database-driven application such as Wordpress, no personal information is stored in a database or in web browser cookies. However, there are a number of third-party services used by this website which may collect certain types of information. The services are listed below along with a link to their respective privacy policy pages.\nIf you do not agree with any of the policies below, please feel free to block any third-party services using the ad blocking software of your choice.", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2019", "datePublished": "2019-04-30", "dateModified" : "2019-04-30", @@ -374,6 +374,7 @@

Social

Recent Posts

diff --git a/series/cluster-mesh/index.html b/series/cluster-mesh/index.html index 1410fb7e22..87f3dab0bb 100644 --- a/series/cluster-mesh/index.html +++ b/series/cluster-mesh/index.html @@ -428,6 +428,7 @@

Social

Recent Posts

diff --git a/series/container-runtimes/index.html b/series/container-runtimes/index.html index c59969e854..5819f86a7a 100644 --- a/series/container-runtimes/index.html +++ b/series/container-runtimes/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/series/container-runtimes/page/2/index.html b/series/container-runtimes/page/2/index.html index 28e473edd2..474125fafd 100644 --- a/series/container-runtimes/page/2/index.html +++ b/series/container-runtimes/page/2/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/series/index.html b/series/index.html index d2622b23f6..0535186fe5 100644 --- a/series/index.html +++ b/series/index.html @@ -457,6 +457,7 @@

Social

Recent Posts

diff --git a/series/k3s/index.html b/series/k3s/index.html index ce9af07a1f..aaba9ba4ea 100644 --- a/series/k3s/index.html +++ b/series/k3s/index.html @@ -478,6 +478,7 @@

Social

Recent Posts

diff --git a/series/k8s-authentication/index.html b/series/k8s-authentication/index.html index 52f6dfb919..a3dfe29138 100644 --- a/series/k8s-authentication/index.html +++ b/series/k8s-authentication/index.html @@ -531,6 +531,7 @@

Social

Recent Posts

diff --git a/series/k8s-gitops/index.html b/series/k8s-gitops/index.html index 85d7e84786..4eda3d5962 100644 --- a/series/k8s-gitops/index.html +++ b/series/k8s-gitops/index.html @@ -478,6 +478,7 @@

Social

Recent Posts

diff --git a/series/k8s-lessons/index.html b/series/k8s-lessons/index.html index 4f0aeb024c..aaf29b9d6a 100644 --- a/series/k8s-lessons/index.html +++ b/series/k8s-lessons/index.html @@ -553,6 +553,7 @@

Social

Recent Posts

diff --git a/series/k8s-network/index.html b/series/k8s-network/index.html index d9af1e1ad6..4d6a6d6d9e 100644 --- a/series/k8s-network/index.html +++ b/series/k8s-network/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/series/k8s-network/page/2/index.html b/series/k8s-network/page/2/index.html index 65946503d8..91d85aa075 100644 --- a/series/k8s-network/page/2/index.html +++ b/series/k8s-network/page/2/index.html @@ -556,6 +556,7 @@

Social

Recent Posts

diff --git a/series/k8s-network/page/3/index.html b/series/k8s-network/page/3/index.html index e1e0f6ff87..12272d1c74 100644 --- a/series/k8s-network/page/3/index.html +++ b/series/k8s-network/page/3/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/series/k8s-operators/index.html b/series/k8s-operators/index.html index ab4dc53c1f..24d7335555 100644 --- a/series/k8s-operators/index.html +++ b/series/k8s-operators/index.html @@ -553,6 +553,7 @@

Social

Recent Posts

diff --git a/series/k8s-security/index.html b/series/k8s-security/index.html index d69b59d4da..a7d0bebc81 100644 --- a/series/k8s-security/index.html +++ b/series/k8s-security/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/series/k8s-security/page/2/index.html b/series/k8s-security/page/2/index.html index 594799520a..4f2078c723 100644 --- a/series/k8s-security/page/2/index.html +++ b/series/k8s-security/page/2/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/series/k8s-security/page/3/index.html b/series/k8s-security/page/3/index.html index 0b678c994c..81e042dfea 100644 --- a/series/k8s-security/page/3/index.html +++ b/series/k8s-security/page/3/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/series/k8s-security/page/4/index.html b/series/k8s-security/page/4/index.html index 4983aef0a2..7f61900a0c 100644 --- a/series/k8s-security/page/4/index.html +++ b/series/k8s-security/page/4/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/series/k8s-security/page/5/index.html b/series/k8s-security/page/5/index.html index 5cf3e96bc8..d3e9b5cfe9 100644 --- a/series/k8s-security/page/5/index.html +++ b/series/k8s-security/page/5/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/series/k8s-security/page/6/index.html b/series/k8s-security/page/6/index.html index e168228f52..9ca89465c0 100644 --- a/series/k8s-security/page/6/index.html +++ b/series/k8s-security/page/6/index.html @@ -561,6 +561,7 @@

Social

Recent Posts

diff --git a/series/k8s-security/page/7/index.html b/series/k8s-security/page/7/index.html index 3d7a395d44..78b8131326 100644 --- a/series/k8s-security/page/7/index.html +++ b/series/k8s-security/page/7/index.html @@ -357,6 +357,7 @@

Social

Recent Posts

diff --git a/series/kubernetes/index.html b/series/kubernetes/index.html index 4ea502e1da..a2597d37d9 100644 --- a/series/kubernetes/index.html +++ b/series/kubernetes/index.html @@ -557,6 +557,7 @@

Social

Recent Posts

diff --git a/series/kubernetes/page/2/index.html b/series/kubernetes/page/2/index.html index 785c069b33..878a28654b 100644 --- a/series/kubernetes/page/2/index.html +++ b/series/kubernetes/page/2/index.html @@ -558,6 +558,7 @@

Social

Recent Posts

diff --git a/series/kubernetes/page/3/index.html b/series/kubernetes/page/3/index.html index d9b5713624..64d04b019f 100644 --- a/series/kubernetes/page/3/index.html +++ b/series/kubernetes/page/3/index.html @@ -561,6 +561,7 @@

Social

Recent Posts

diff --git a/series/kubernetes/page/4/index.html b/series/kubernetes/page/4/index.html index a324f1d11c..9f24944a43 100644 --- a/series/kubernetes/page/4/index.html +++ b/series/kubernetes/page/4/index.html @@ -357,6 +357,7 @@

Social

Recent Posts

diff --git a/series/mikrotik/index.html b/series/mikrotik/index.html index f43661b73f..b2a97e28a2 100644 --- a/series/mikrotik/index.html +++ b/series/mikrotik/index.html @@ -428,6 +428,7 @@

Social

Recent Posts

diff --git a/series/page/2/index.html b/series/page/2/index.html index 3f302197be..8fac156185 100644 --- a/series/page/2/index.html +++ b/series/page/2/index.html @@ -337,6 +337,7 @@

Social

Recent Posts

diff --git a/series/virtualization/index.html b/series/virtualization/index.html index 295ca901c5..9efff7a0b6 100644 --- a/series/virtualization/index.html +++ b/series/virtualization/index.html @@ -378,6 +378,7 @@

Social

Recent Posts

diff --git a/sitemap.xml b/sitemap.xml index b379e57dd8..f9b8f8836a 100644 --- a/sitemap.xml +++ b/sitemap.xml @@ -3,70 +3,126 @@ xmlns:xhtml="http://www.w3.org/1999/xhtml"> - https://devopstales.github.io/tags/aks/ - 2024-07-19T00:00 + https://devopstales.github.io/ + 2024-09-10T00:00 daily 0.5 - https://devopstales.github.io/tags/azure/ - 2024-07-19T00:00 + https://devopstales.github.io/tags/elasticsearch/ + 2024-09-10T00:00 daily 0.5 - https://devopstales.github.io/cloud/ - 2024-07-19T00:00 + https://devopstales.github.io/home/ + 2024-09-10T00:00 daily 0.5 - https://devopstales.github.io/cloud/custom-ssl-and-dns-on-aks-ingress-controller/ + https://devopstales.github.io/linux/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/tags/logging/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/tags/pfsense/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/home/wazuh-pfsense-syslog/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/linux/wazuh-pfsense-syslog/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/tags/siem/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/tags/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/tags/wazuh/ + 2024-09-10T00:00 + daily + 0.5 + + + + https://devopstales.github.io/tags/aks/ 2024-07-19T00:00 daily 0.5 - https://devopstales.github.io/home/custom-ssl-and-dns-on-aks-ingress-controller/ + https://devopstales.github.io/tags/azure/ 2024-07-19T00:00 daily 0.5 - https://devopstales.github.io/ + https://devopstales.github.io/cloud/ 2024-07-19T00:00 daily 0.5 - https://devopstales.github.io/home/ + https://devopstales.github.io/cloud/custom-ssl-and-dns-on-aks-ingress-controller/ 2024-07-19T00:00 daily 0.5 - https://devopstales.github.io/tags/k8s/ + https://devopstales.github.io/home/custom-ssl-and-dns-on-aks-ingress-controller/ 2024-07-19T00:00 daily 0.5 - https://devopstales.github.io/tags/kubernetes/ + https://devopstales.github.io/tags/k8s/ 2024-07-19T00:00 daily 0.5 - https://devopstales.github.io/tags/ + https://devopstales.github.io/tags/kubernetes/ 2024-07-19T00:00 daily 0.5 @@ -261,13 +317,6 @@ 0.5 - - https://devopstales.github.io/tags/pfsense/ - 2024-02-15T00:00 - daily - 0.5 - - https://devopstales.github.io/tags/rancher/ 2024-02-15T00:00 @@ -436,13 +485,6 @@ 0.5 - - https://devopstales.github.io/linux/ - 2023-10-05T00:00 - daily - 0.5 - - https://devopstales.github.io/tags/proxmox/ 2023-10-05T00:00 @@ -548,34 +590,6 @@ 0.5 - - https://devopstales.github.io/tags/elasticsearch/ - 2023-09-05T00:00 - daily - 0.5 - - - - https://devopstales.github.io/tags/logging/ - 2023-09-05T00:00 - daily - 0.5 - - - - https://devopstales.github.io/tags/siem/ - 2023-09-05T00:00 - daily - 0.5 - - - - https://devopstales.github.io/tags/wazuh/ - 2023-09-05T00:00 - daily - 0.5 - - https://devopstales.github.io/home/wazuh-authentication/ 2023-09-05T00:00 @@ -6386,52 +6400,4 @@ 0.5 - - https://devopstales.github.io/home/cilium-clustermesh2/ - daily - 0.5 - - - - https://devopstales.github.io/home/k8s-egress-gateway/ - daily - 0.5 - - - - https://devopstales.github.io/home/k8s-network-separation/ - daily - 0.5 - - - - https://devopstales.github.io/home/k8s-selinux/ - daily - 0.5 - - - - https://devopstales.github.io/kubernetes/cilium-clustermesh2/ - daily - 0.5 - - - - https://devopstales.github.io/kubernetes/k8s-egress-gateway/ - daily - 0.5 - - - - https://devopstales.github.io/kubernetes/k8s-network-separation/ - daily - 0.5 - - - - https://devopstales.github.io/kubernetes/k8s-selinux/ - daily - 0.5 - - diff --git a/sso/atom.xml b/sso/atom.xml index cf61e12d85..8413bd5fc6 100644 --- a/sso/atom.xml +++ b/sso/atom.xml @@ -9,11 +9,11 @@ - 2024-09-20T11:01:52+00:00 + 2024-10-08T07:37:44+00:00 - Blaiserman + Balázs Páldi https://devopstales.github.io/sso/ diff --git a/sso/foreman-sso/index.html b/sso/foreman-sso/index.html index 15a6871bf1..1fcbce9750 100644 --- a/sso/foreman-sso/index.html +++ b/sso/foreman-sso/index.html @@ -20,11 +20,11 @@ "headline" : "Foreman openidc SSO with keycloak", "description" : "I this post I will show you how you can configure Foreman to use Keycloak asz an OIDC SSO authentication provider.\n", "inLanguage" : "en-US", - "author" : "Blaiserman", - "creator" : "Blaiserman", - "publisher": "Blaiserman", - "accountablePerson" : "Blaiserman", - "copyrightHolder" : "Blaiserman", + "author" : "Balázs Páldi", + "creator" : "Balázs Páldi", + "publisher": "Balázs Páldi", + "accountablePerson" : "Balázs Páldi", + "copyrightHolder" : "Balázs Páldi", "copyrightYear" : "2020", "datePublished": "2020-05-15", "dateModified" : "2020-05-15", @@ -281,8 +281,35 @@

Configure Foreman:

+
+
+

+ Your support is our everlasting motivation,
+ that cup of coffee is what keeps us going! +

+
+

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online. +

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee. +

+ + Coffee Box + +
+
+
+
+
+ Balázs Páldi avatar +
+
+ About Balázs Páldi +
+
+ I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer. +
+