VMs are coming any day now ~q3k, A.D. 2018
Our new internal highly-available Infrastructure/Platform-as-a-Service.
This runs in our datacenter (dcr01 on netbox). This is different from our ISP services or internal machines.
Currently hscloud is made up of a Kubernetes cluster named k0.hswaw.net. It runs on the following machines: bc01n01, bc01n02, bc01n03, dcr01s22, dcr01s24. In total we have 328GB of RAM and 144 x86 cores. We also have a half PB of storage on old SAS drives (most of it currently cold), accessible via Ceph (radosgw or Kubernets PersistentVolumes).
We are moving services from our old machines into Kubernetes. Amongst other, currently running on the cluster is:
With more to come.
You are also free to host your own personal stuff there within reason. See below for access.
Here's a list of services that currently live on Boston Packets, but we'd like to migrate to hscloud. Ask on #infra on how to contribute.
Self-documenting in hackdoc (hscloud documentation stored within hscloud): https://hackdoc.hackerspace.pl/doc/codelabs/index.md
TBD, WIP: You need to describe a deployment of your docker image in the same way as it's done for https://cs.hackerspace.pl/hscloud/-/tree/hswaw/paperless .
Build your docker image by running following command:
docker build --tag registry.k0.hswaw.net/$YOUR_USERNAME/$APP_NAME-$APP_VERSION
Get your login credentials by going to this site https://registry.k0.hswaw.net/ and authenticating via SSO. You should get a command by which you'll login to our docker registry.
Afterwards, push your image by using
docker push registry.k0.hswaw.net/$YOUR_USERNAME/$YOUR_IMAGE_TAG
docker build --tag registry.k0.hswaw.net/palid/walne-generator:1.0-alpha docker push registry.k0.hswaw.net/palid/walne-generator:1.0-alpha
Here is a list of common external/internal services used by apps hosted in hscloud, with guidelines on how to get access to those:
PersistentVolumeClaim
in waw-hdd-redundant-3
storage class//cluster/kube/k0.libsonnet:k0.ceph.clients
//cluster/kube/k0.libsonnet:k0.cockroach.clients
registry.k0.hswaw.net/USERNAME/…
is your personal container namespace*.hackerspace.pl
, *.hswaw.net
: Ask hscloud ops to create/update relevant DNS entries in ns{1,2}.bytesexual.net
, adjust admitomatic config (see below)*
: create your own DNS CNAME record pointing at ingress.k0.hswaw.net
//cluster/kube/k0.libsonnet:k0.admitomatic.cfg.proto.allow_domain
if you want your domain to be secured against hijacking by other cluster users (*.hackerspace.pl
is one such domain)//kube/postgres.libsonnet
to create local deployment in app namespace//kube/redis.libsonnet
to create local deployment in app namespacecn=…,ou=Services,dc=hackerspace,dc=pl
in LDAPboston-packets.hackerspace.pl
//hswaw/machines/customs.hackerspace.pl/beyondspace.nix
) and create a service authentication token on customsboston-packets.hackerspace.pl
: useradd -rm SERVICE; passwd SERVICE
boston-packets.hackerspace.pl
: mkdir /var/spool/mail/SERVICE; chown SERVICE:mail /var/spool/mail/SERVICE
/etc/mail/aliases