DiaryFolio

  Kubernetes & n8n: Setup n8n using K8S (Part 2) Summary We have briefly discussed on automating various tasks using n8n and installation of n8n within Kubernetes in Part1 . In this part, we mostly concentrate on how to enable TLS (for https) and terminate before it hits n8n Pre-Reqs Setting up of n8n in Kubernetes ; Read  Part1 Knowledge of TLS, certificates Summary Steps Ensure n8n is configured properly with by http Implement Kubernetes Ingress with https There are two options from here End to end TLS by redirecting proxy to n8n  TLS termination at proxy and private network to be non-secure We follow the second option as it is easier, thus creating Ingress and pointing to n8n service Steps Steps in  lab_server Ensure Certificate is created and implemented as a secret in Kubernetes preferably in same namespace kubectl -n n8n create secret tls tls-secret --key test.key --cert test.crt Use the same tls-secret in the Ingress config apiVersion: networking.k8s.io/v1 kind: Ingress m

Setting up Kubernetes Cluster in your home lab Summary Kubernetes is the future of automating deployment, scaling, and management of containerised applications which makes development of projects easier and portable. Additionally setting up such an environment within your local lab environment makes it easy to deploy and test out softwares at unprecedented pace. You might have already setup Kubernetes in your laptop and must have used minikube to do so. But what if you want to setup it in your remote home lab? For instance i've got various DELL server ( lab_server ) running in my home lab and don't want my laptop to bear the pain of Kubernetes, but outsource the workloads to my  lab_server  while administering from laptop k3s is a lightweight alternative and k3sup will automate such an installation into your  lab_server  and pair your laptop with it Pre-Reqs Understanding of Kubernetes sudo permission on your home lab and connectivity from your laptop https://github.com/al

 AWS Lambda: Function to stream logs via SQS Summary As part of logging and monitoring strategy it is quite important to emit data from AWS services to another service or system or aggregation layer. AWS SQS (Amazon Simple Queue Service) is a great tool to communicate between such micro-services with real-time & between software components at any volume. Aim of this article is a snippet to stream logs via SQS to an external service (like logstash or siem tools) using Lambda Function Pre-Reqs Permission to pull data from specific SQS queue Steps Ensure lambda function can reach the SQS queue Below is a snippet of code to push the data in real-time import gzip import json import base64 import boto3 import time def lambda_handler(event, context): sqs = boto3.client('sqs') account = boto3.client('sts').get_caller_identity()['Account'] queue_url = "https://sqs.eu-west-1.amazonaws.com/12345567928/my-app-{}.fifo".format(account) cw_da

Visual Studio Code & GIT Portable shell Integration Summary Many of your corporate laptop cannot install programs and it is quite good to have them as portable executables. Here we find a way to have Portable VS Code and Portable GIT and integrate the GIT shell into VS Code Pre-Reqs VS Code (Install version or Portable ) GIT portable Steps Create a directory in your Windows device (eg:  C:\installables\ ) Unpack GIT portable into the above directory (eg it becomes: C:\installables\PortableGit ) Now unpack Visual Studio (VS) Code and run it. The default shell would be windows based Update User or Workspace settings of VS Code (ShortCut is:  Control+Shift+p ) Update the settings with following setting { "workbench.colorTheme": "Default Dark+", "git.ignoreMissingGitWarning": true, "git.enabled": true, "git.path": "C:\\installables\\PortableGit\\bin\\git.exe", "terminal.integrated.shell.windows"

pfsense: Create multiple vLAN and segregate traffic Summary pfSense is an excellent product and can be customised better than professional devices available from large vendors. pfSense is open-source, can be installed into an old laptop or Mini-PC and can scale from home lab setup to medium-large enterprises. This article focus on Creating "multiple LAN segments" within your home network, thus segregating traffic for different type of devices Pre-Reqs device with pfsense installed. I have installed pfsense in an OLD laptop with 2 ethernet ports VLAN switch  with ability to Securely separate networks (VLAN) (New type of plus switches are cheaper around £20/$30 for 8 ports) Quite few Ethernet cables (short lengths would be perfect) Setup within pfsense The settings are divided mainly into 3 parts Creation of VLANs (For instance I've created 3 VLANs as below). The VLAN tag is quite important setting which is used to filter within the Switch Configuration of VLANs (eg shown

Setup VPN secured Private Wifi from Public Wifi A word on Privacy While you are travelling, it is essential that you connect your mobile phone or laptop to Public Wifi especially in Airports, Hotels, Cafe's, Malls etc. Remember quite a lot of your personal information is exposed by such direct connections and is quintessential you isolate your personal device from public Wifi even if you have VPN. It is recommended to turn-off WiFi , BlueTooth during the course of journey but until unless you need it. What are we trying to do So the aim of this article is to ensure that you detach your device from public network as below.  So using the GL.inet device, we will  Accept a Public Network connection (WAN) via wired or wireless Apply VPN settings Create a separate Private Network (LAN) which your personal devices can connect to Pre-Reqs OpenWRT based devices (such as GL-MT300N , GL-MT1300 Beryl etc LAN cable (for first time setup) is highly recommended VPN connection (eg NORDVPN, SurfS

Deploying n8n workflow automation with Kubernetes  Intro Aim of this article is to Publish n8n workflow automation tool into a Kubernetes environment.  n8n is quite flexible and can be used for IOT devices for your hobby projects to act as a SOAR tool at enterprise level. Pre-Reqs Familiarity with Kubernetes (k8s) Package components The deployment is split into following n8n-pvc0.yaml   - PersistentVolumeClaim To mount directory for n8n database and configs n8n-pvc1.yaml   - PersistentVolumeClaim To mount directory for n8n workflows n8n-deployment.yaml   - Actual deployment definitions n8n-svc.yaml   - Service To expose n8n for UI access n8n-pvc0.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: creationTimestamp: null labels: io.kompose.service: n8n-claim0 name: n8n-claim0 spec: accessModes: - ReadWriteOnce resources: requests: storage: 2Gi status: {} n8n-pvc1.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: creationTimestamp: null