/hardware/openwrt/pine/images/portada.png

OpenWRT on Wifi Pineapple MARK VII

Author published on 2024-03-20 included in Devops Hardware Network

OpenWRT Installation

From this link we can download the OpenWRT firmware. Then we access the pineapple via SSH:

1
2
3
4


# We extract all installed packages and save the file:
opkg list-installed > installedPkgs
# With the firmware already uploaded to the pineapple, we install it with the command:
sysupgrade -n -p -v openwrt-23.05.0-ramips-mt76x8-hak5_wifi-pineapple-mk7-squashfs-sysupgrade.bin

We should wait for the firmware to finish installing; the LEDs will stop flashing and turn green.

/devops/incus/bridge/images/portada.jpeg

Bridge mode with access to local network in Incus

Author published on 2024-03-17 included in Devops Incus Containers

After the problems with LXD from Canonical, I was left with no choice but to switch to Incus (the new LXD). My problems began when I couldn’t make a container accessible from the local network with a bridge interface, as indicated by hundreds of tutorials on the internet. The only way I was able to achieve access was by creating a network bridge using Open vSwitch.

Installing and Configuring Open vSwitch

In my case, I used Arch Linux, so I followed the official guide for installation and creation of a bridge.

Installing k3s on Incus

Author published on 2024-03-15 included in Devops Incus Containers

After several attempts with Microk8s and its multiple errors on both LXC/LXD and physical servers, I switched to K3s, a simpler and lighter solution for K8s. The installation on physical servers and its performance were much better than Microk8s from the first hours, and I regret the hours I wasted trying to find the errors that Microk8s produced on the servers and in the deployment of services.

Here are some notes on how I installed K3s with HA using an external DB on Incus, as shown in the image:

/devops/kubernetes/persistence/images/portada.jpg

Persistence with NFS in Microk8s under LXD

Author published on 2024-01-21 included in Devops

During my attempts to enable persistence for services in the cluster, I found several options that seemed promising, such as the Mayastor plugin. However, despite my efforts, I was unable to get it to work in LXD. After searching for alternative solutions, I decided to use NFS, which worked flawlessly from the start and saved me a lot of time. Here are the steps to use it with Microk8s.

Installing the NFS Server on the Host Machine

Depending on the Linux distribution being used, the necessary packages must be installed. The most important options are found in the /etc/nfs.conf and /etc/exports files. Let’s take a look at the first one:

/devops/kubernetes/installation/images/portada.jpg

Microk8s Cluster in LXD

Author published on 2023-12-09 included in Devops

Problems with LXD

Due to the fact that LXD is no longer part of the Linux Containers project, images like Rocky Linux are no longer available in their repositories for use. Instead, it is recommended to use Incus. There is a new guide using K3s in Incus here:

The installation of a 6-node cluster in LXD for testing services of a SOC took me more time than expected, and after resolving several (and stressful) problems, I was finally able to get a functional cluster using Microk8s. Here are the steps:

Lab0: Ensuring Routers/Switches

Author published on 2022-09-01 included in Pentesting Lab Laboratorio

In this final delivery of lab 0, we will secure the routers/switches with simple, yet efficient authentication. The following commands will be executed on all routers (R1-R4) and switches (SWA-SWP-SWD):

Enabling Encryption and Lockout

First, we enable password encryption:

1

SWP(config)#service password-encryption

This is crucial, as failing to activate this service will result in visible passwords when backing up the configuration or using the command:

1

SWP(config)#do sh running-config

Console and Auxiliary Lines

We will enable password-protected access each time we connect using these ports: