OpenRC Script for 'podman kube play'

In June, I’ve written about my approach to starting and stopping Podman Pods using OpenRC scripts on Alpine Linux. However, that approach had two major drawbacks: First, the pods were started in the foreground, causing OpenRC to wait for all pod initialization tasks to complete. If an image needed to be pulled first, this could lead to longer delays, significantly increasing system startup times. Secondly, requesting the status of a previously started pod always stated “crashed”....

October 26, 2022 · 3 min · 483 words · Heiner

Connecting multiple networks to a Podman container

I’m running my containers with Podman in Rootless Mode on Alpine for about four months now. However, an annoying problem has haunted me ever since: When a container was connected to more than one network, outgoing connections were not working correctly. Consider a container connected to two bridge networks: $ podman run --rm -it \ --network net1 \ --network net2 \ alpine /bin/ash Inside the container, the two networks are connected correctly:...

October 16, 2022 · 2 min · 274 words · Heiner

Setting up Alpine Linux with Podman

Recently, I’ve written a blog post on how to set up Rootless Docker on Alpine Linux. Today I’m showing you how to set up Podman. Podman has a rootless architecture built in. It’s an alternative to Docker, providing an almost identical command line interface. Thus, if you’re used to Docker CLI, you won’t have any issues working with Podman. Podman was initially developed by RedHat and is available as an open source project....

June 25, 2022 · 4 min · 852 words · Heiner

Setting up Alpine Linux with Rootless Docker

As of Docker Engine v20.10, it’s possible to run the Docker daemon as a non-root user (Rooless mode). This is especially valuable in view of security aspects. Rootless mode mitigates potential vulnerabilities in the Docker daemon. However, at the time of writing, setting up Docker in rootless mode is not straightforward if you’re using Alpine Linux as your host system. This is why I summarized the steps to get Docket Rootless up and running on Alpine Linux....

June 19, 2022 · 3 min · 479 words · Heiner

Setting up a Kubernetes cluster with K3S, GlusterFS and Load Balancing

I’ve recently written a tutorial which will guide you through setting up a Kubernetes cluster using K3S with virtual machines hosted at Hetzner, a German (Cloud) hosting provider. The tutorial uses K3S, a lightweight Kubernetes distribution which is perfectly suited for small VMs like Hetzner’s CX11. Additionally, the tutorial will show you how to set up Hetzner’s cloud load balancer which performs SSL offloading and forwards traffic to your Kubernetes system....

September 3, 2021 · 1 min · 118 words · Heiner

Back up server to OneDrive’s special App Folder

I’m a convinced user of OneDrive Personal. Bundled with M365, it’s a cheap option to get 1 TB of cloud storage. Having plenty of cloud storage at hand, I’m also using my OneDrive to run automated backups of my servers. There are various solutions capable of uploading files to OneDrive, including rclone. However, I was looking for a solution which enables me to grant my backup script only access to one specific folder instead of my entire cloud drive – better safe than sorry....

September 2, 2021 · 4 min · 682 words · Heiner

Unifi USG: Multiple IP addresses on PPPoE

My DSL provider TAL.de offers to assign a static and a dynamic IP address on PPPoE dial in. The dynamic IP address is the primary one, used for accessing the internet. Packets to the static IP address are routed to the router as well. Here’s how to set up things up on a Unifi Security Gateway (USG). By default, USG only allows for one IP address when dialing in via PPPoE....

August 16, 2021 · 2 min · 353 words · Heiner

Raspberry Pi OS: Remove unnecessary packages

Recently, I wrote about the availability of the 64 bit beta version of Raspberry Pi OS (formerly known as Raspbian). Unfortunately, the new 64 bit beta is only available in the Desktop variant, containing lots of packages most lightweight server systems won’t need. There’s no lite variant of the 64 bit beta version available at the time of writing. However, you can easily remove the Desktop packages from a running installation with two easy commands....

June 7, 2020 · 1 min · 161 words · Heiner

Analyze Traefik access log using InfluxDB and Grafana

Traefik is a Cloud Native Edge Router, often deployed in Docker and Kubernetes environments. With little effort, you can use Telegraf to transport Traefik’s access logs to an InfluxDB, where it can be analyzed using Grafana. This setup contains the following elements: Traefik v2 runs as a Docker container on a Linux host. Traefik outputs access logs in JSON format to STDOUT. Telegraf fetched the Traefik container’s JSON output using the docker_log input plugin....

June 3, 2020 · 2 min · 373 words · Heiner

Export trainings from Endomondo as GPX files

I’ve been using Endomondo for years to track my trainings. However, I’ve been experiencing a lot of issues with Endomondo over the last months: Sometimes it’s not possible to log in. Other times, my trainings won’t get synced. So it’s time a new app. I’ve decided to give Strava a try. With a few lines of code, I’ve managed to export all my training data as GPX files. These can be imported to Strava, so my training history won’t get lost....

June 1, 2020 · 2 min · 341 words · Heiner