Nowadays a bast majority of server workloads run using linux containers because of his flexibility and lightweight but have you ever think how does linux containers works. In this tutorial we will demystify how does linux containers works with some practical examples. Linux containers works thanks two kernel features:
A namespace wraps a global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource. Changes to the global resource are visible to other processes that are members of the namespace, but…
In this tutorial we gonna deploy a dns add-blocker with pihole using a recursive dns as upstream server accessible in LAN network and internet through wireguard vpn. We utilized K3S as kubernetes provider.
To follow this tutorial you need to have:
53/tcp, 53/udp, 80/tcp, 443/tcp, 51820/udp
When you are testing your deployments in a kubernetes cluster on the cloud you have a few options to expose your services outside world, for example you can use a
NodePort service, but also you need to configure the firewall rules for each
NodePort service, the other type of service that you can use is
LoadBalancer however each of them is billed by cloud provider. To solve this problem you can use a vpn running within your k8s cluster, this vpn can be exposed outside the cluster with a
LoadBalancer service. …
In this tutorial we will configure a raspberry pi to connect with hc-05 bluetooth module and arduino using a python script.
First connect Bluetooth module to USB serial and press EN button, then send AT commands.
In this tutorial, we will configure a raspberry pi as an access point to connect to the esp8266 WiFi board using the arduino SDK and a python script.
Download raspberry os lite from official repository
$ curl -LO https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2020-08-24/2020-08-20-raspios-buster-armhf-lite.zip
Write to sd card, in linux with dd command
When you browse at school or work you probably have experienced some problems browsing in certain websites or using certain applications. Is a common practice to block some kind of pages on internet at work or school environment also they block another kind of traffic such as torrents, adult-content or they just permit web traffic, you school or work don’t want you to browse sites they haven’t approved.
There are certain levels of firewall blocking, the most simple is based on blocking certain kind of web-pages. The other type of firewall blocking is based on protocols, they just allow certain…
Many users need to secure their laptop, workstation or regular PC, this users want to protect their information. In Linux exist many cryptographic techniques to protect a hard disk, directory and partition, one of this techniques is Linux Unified Key Setup (LUKS) which uses the kernel device mapper subsystem via the dm-crypt module which make the encrypted device transparent to the user.
This tutorial only encrypt an existing LVM installation, the EFI and boot partitions are in a non-encrypted partition. …
Security is one of the most important things now days specifically in enterprise environments, a vpn helps to encrypt traffic from client to internet. Wireguard is a vpn protocol than works on the kernel side and acts like a network interface, is one of the most modern vpn protocols it’s based in public and private key exchange just like ssh does. …
SSH tunneling is a method of transporting arbitrary networking data over an encrypted SSH connection. It can be used to add encryption to legacy applications. It can also be used to implement VPNs (Virtual Private Networks) and access intranet services across firewalls.
SSH has 3 types of tunneling: local, remote and dynamic. Each of than can be use for different purpose.
With local port forwarding we can forward remote port to local environment:
ssh -nNT -L 8000:remotehost:80 user@remotehost
In above example we forward remotehost:80 to local environment through 8000 port, then we can access to remotehost:80 typing localhost:8000 in our…
Engineer || MSc student || DevOps in progress