From 13c7ebd7059084bf4c637c5a504ec008d030a803 Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Sun, 11 May 2025 12:08:58 +0300 Subject: Update content for html --- gemfeed/2025-05-11-f3s-kubernetes-with-freebsd-part-5.html | 10 ++++------ gemfeed/atom.xml | 12 +++++------- 2 files changed, 9 insertions(+), 13 deletions(-) (limited to 'gemfeed') diff --git a/gemfeed/2025-05-11-f3s-kubernetes-with-freebsd-part-5.html b/gemfeed/2025-05-11-f3s-kubernetes-with-freebsd-part-5.html index 510e56a5..05aa458f 100644 --- a/gemfeed/2025-05-11-f3s-kubernetes-with-freebsd-part-5.html +++ b/gemfeed/2025-05-11-f3s-kubernetes-with-freebsd-part-5.html @@ -77,9 +77,9 @@
We won't cover all the details in this blog post, as we only focus on setting up the Mesh network in this blog post. Subsequent posts in this series will cover the other details.
@@ -120,8 +120,6 @@ http://www.lorenzobettini.it http://www.gnu.org/software/src-highlite --> 
paul@f0:~ % doas freebsd-update fetch
 paul@f0:~ % doas freebsd-update install
-paul@f0:~ % doas freebsd-update -r 14.2-RELEASE upgrade
-paul@f0:~ % doas freebsd-update install
 paul@f0:~ % doas shutdown -r now
 ..
 ..
@@ -1000,9 +998,9 @@ peer: 2htXdNcxzpI2FdPDJy4T4VGtm1wpMEQu1AkQHjNY6F8=
 

 
Conclusion


 

-Having a mesh network on our hosts is great for securing all the traffic between them for our future k3s setup. A self-managed WireGuard mesh network is better than Tailscale as it eliminates reliance on a third party and provides full control over the configuration. It reduces unnecessary abstraction and "magic," enabling easier debugging and ensuring full ownership of our network.

+Having a mesh network on our hosts is great for securing all the traffic between them for our future k3s setup. A self-managed WireGuard mesh network is better than Tailscale as it eliminates reliance on a third party and provides full control over the configuration. It reduces unnecessary abstraction and "magic," enabling easier debugging and ensuring full ownership of our network.

 

-I look forward to the next blog post in this series. We may start setting up k3s or take a first look at the NFS server (for persistent storage) side of things. I hope you liked all the posts so far in this series.

+I look forward to the next blog post in this series. We may start setting up k3s or take a first look at the NFS server (for persistent storage) side of things. I hope you liked all the posts so far in this series.

 

 Other *BSD-related posts:

 

diff --git a/gemfeed/atom.xml b/gemfeed/atom.xml
index 766a586f..40407b63 100644
--- a/gemfeed/atom.xml
+++ b/gemfeed/atom.xml
@@ -1,6 +1,6 @@
 
 
-    2025-05-11T12:01:01+03:00
+    2025-05-11T12:07:47+03:00
     foo.zone feed
     To be in the .zone!
     
@@ -84,9 +84,9 @@
 
    
 
  • fN <-> rN: The traffic between the FreeBSD hosts and the Rocky Linux VMs will be routed through the VPN tunnels for persistent storage. In a later post in this series, we will set up an NFS server on the fN hosts. 
    • 
 
  • fN <-> blowfish,fishfinger: The traffic between the FreeBSD hosts and the OpenBSD host blowfish,fishfinger will be routed through the VPN tunnels for management. We may want to log in via the internet to set it up remotely. The VPN tunnel will also be used for monitoring purposes.
    • 
-
  • rN <-> blowfish,fishfinger: The traffic between the Rocky Linux VMs and the OpenBSD host blowfish,fishfinger will be routed through the VPN tunnels for usage traffic. Since k3s will be running on the rN hosts, the OpenBSD servers will route the traffic through relayd to the services running in Kubernetes.
    • 
+
  • rN <-> blowfish,fishfinger: The traffic between the Rocky Linux VMs and the OpenBSD host blowfish,fishfinger will be routed through the VPN tunnels for usage traffic. Since k3s will be running on the rN hosts, the OpenBSD servers will route the traffic through relayd to the services running in Kubernetes.
    • 
 
  • fN <-> fM: The traffic between the FreeBSD hosts may be later used for data replication for the NFS storage.
    • 
-
  • rN <-> rM: The traffic between the Rocky Linux VMs will later be used by the k3s cluster itself, as every rN will be a Kubernetes worker node.
    • 
+
  • rN <-> rM: The traffic between the Rocky Linux VMs will later be used by the k3s cluster itself, as every rN will be a Kubernetes worker node.
    • 
 
  • blowfish <-> fishfinger: The traffic between the OpenBSD hosts isn't strictly required for this setup, but I set it up anyway for future use cases.
    • 
 


 We won't cover all the details in this blog post, as we only focus on setting up the Mesh network in this blog post. Subsequent posts in this series will cover the other details.

@@ -127,8 +127,6 @@ http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
 
paul@f0:~ % doas freebsd-update fetch
 paul@f0:~ % doas freebsd-update install
-paul@f0:~ % doas freebsd-update -r 14.2-RELEASE upgrade
-paul@f0:~ % doas freebsd-update install
 paul@f0:~ % doas shutdown -r now
 ..
 ..
@@ -1007,9 +1005,9 @@ peer: 2htXdNcxzpI2FdPDJy4T4VGtm1wpMEQu1AkQHjNY6F8=
 

 
Conclusion


 

-Having a mesh network on our hosts is great for securing all the traffic between them for our future k3s setup. A self-managed WireGuard mesh network is better than Tailscale as it eliminates reliance on a third party and provides full control over the configuration. It reduces unnecessary abstraction and "magic," enabling easier debugging and ensuring full ownership of our network.

+Having a mesh network on our hosts is great for securing all the traffic between them for our future k3s setup. A self-managed WireGuard mesh network is better than Tailscale as it eliminates reliance on a third party and provides full control over the configuration. It reduces unnecessary abstraction and "magic," enabling easier debugging and ensuring full ownership of our network.

 

-I look forward to the next blog post in this series. We may start setting up k3s or take a first look at the NFS server (for persistent storage) side of things. I hope you liked all the posts so far in this series.

+I look forward to the next blog post in this series. We may start setting up k3s or take a first look at the NFS server (for persistent storage) side of things. I hope you liked all the posts so far in this series.

 

 Other *BSD-related posts:

 

-- 
cgit v1.2.3