Raspberry Pi Kubernetes Cluster

The Raspberry Pi Cluster is a cheap way to build and understand your very own supercomputer. Using Kubernetes, you can turn a handful of these cheap single board computers into a powerful cluster, capable of working multiple tasks at the same time. The best bit about this type of cluster is that it is completely scale-able, you can add more and more Raspberry Pis to it as you go.

I will be using 3 Raspberry Pi Model 3B as workers and 1 Raspberry Pi Model 4B 4GB as the master for this cluster. There are 2 reasons I have gone for this combination…. 1) that’s what I own, and 2) if you are using different models/spec of device, the most powerful should be the master.

Before I go any further, I will state that Raspbian is a version of Debian Linux, and as such this project can be adapted to work with most versions of Linux, such as Ubuntu or CentOS, on pretty much any device.

Items Needed

  • Raspberry PI 2 Model B (at least 2)
  • Power Cable for each Raspberry Pi
  • Ethernet Cable
  • Micro SD Card (at least 8gb each)

Desirable Items

  • Raspberry PI 3 Model B (at least 4)
  • Gigabit Ethernet Switch
  • 4 Short Ethernet Cable
  • 1 Ethernet Cable (long enough to reach your router)
  • Short (1 ft) Power cable
  • USB Charging HUB (1 port per Raspberry Pi
  • Cluster Case
  • Micro SD Card (32gb each)

Software

Setup

So the quickest way to set this up is to install and configure the SDs, Insert them into the Raspberry Pis, and bring them up 1 by 1 and configure the IPs/Hostnames.

To start with you will need to download and set up Etcher on your PC/Laptop. Next download the latest Raspbian Lite image and unpack it.
Now insert a MicroSD into the reader on your PC/Laptop and format it to FAT32. Once this is done, open Etcher, select the Raspbian image, select the MicroSD and click “Flash”. Once completed, add and empty file to the boot file system called “ssh”

Now connect to the Raspberry Pis using ssh. The first thing to do is change the hostnames by using the command below

nano /etc/hostname

I have called mine RPI-1 RPI-2, RPI-3 and RPI-4, but you can choose a name that suits you.

Next you need to set static IPs on all of your Raspberry Pis using the following command, then paste in the block below and modify it for your network.

nano /etc/dhcpcd.conf

interface eth0
static ip_address=0.0.0.0/24
static routers=0.0.0.1
static domain_name_servers=8.8.8.8

Now reboot your Raspberry Pis, then log back into them using the new static IPs you have assigned. Use this command to switch to root

sudo su

Now we need to install Docker using the following

curl -sSL get.docker.com | sh && sudo usermod pi -aG docker && newgrp docker

And next disable swap memory, as swap will cause issues going forwards.

dphys-swapfile swapoff && dphys-swapfile uninstall && update-rc.d dphys-swapfile remove

Now we need to add the repository for Kubernetes by editing the following file and adding the line below

nano /etc/apt/sources.list.d/kubernetes.list

deb http://apt.kubernetes.io/ kubernetes-xenial main

Once saved, use the next command to download the keys

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -

Now we need to update the repository and download Kubernetes

apt update && apt install -y kubeadm

Now reboot your Raspberry Pis and SSH back into them once they come back up

Master Node

We now need to pull the Master Node image

sudo kubeadm config images pull -v3

Now to initialise the cluster, this will give you a code at the end that you will need to run later

sudo kubeadm init --token-ttl=0

Next we run the configuration

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

Now install the Weave Network drivers

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

Worker Nodes

You will need to run the following on each worker using the code you got earlier)

sudo kubeadm join --token <token> <master-node-ip>:6443 --discovery-token-ca-cert-hash sha256:<sha256>

Now run the below command, and you should see a printout as below

kubectl get nodes

NAME    STATUS   ROLES    AGE    VERSION
rpi-1   Ready    master   116m   v1.17.3
rpi-2   Ready    <none>   92m    v1.17.3
rpi-3   Ready    <none>   92m    v1.17.3
rpi-4   Ready    <none>   91m    v1.17.3

This guide is based on the work of Alex Ellis, and has been created step by step as I have carried out the setup myself

Semblant – What Lies Ahead

So for those who don’t know me, one of my favourite ways to pass time is to hunt for new bands and artists to listen to. No I have a massive thing for metal, especially female fronted metal acts. So there I was crawling through my recommended list on Youtube Music, and there is a band called Semblant, who I’ve not heard of, listed as Metal, and looked female fronted, top marks to Youtube Music so far. The song recommended is called What Lies Ahead, so I thought I’ll give it a listen. Being Youtube Music, naturally they have links to the videos, so jackpot, I get to see their style as well.

So I watch and listen, loving every second. Mizuho Lin has a beautiful voice, as well as a gothic look (another plus for me). Her voice is strong and powerful, and with my eyes closed, her voice reminds me very much of Cristina Scabbia from Lacuna Coil, one of my all time fave bands.

Mizuho Lins clean melodic lyrics are contrasted by the harsh screams of
Sergio Mazul, who also seems capable of holding a melody between screams.

This track has it all for me, with an awesome guitar solo, and machine gun drumming. I was truly sucked into this song from start to finish, and have now listened to it at least 6 times.

So who are Semblant? exactly what I wanted to know having never heard of them. So I turned to my old friend Google for the answers, and found precious little, even Wikipedia came up rather low on information. Aside from now knowing they are from Brazil, who the band members are and their discography, there is little further that I could see about them.

I have listened to a few more tracks from them, and have to say I am quite enjoying what I’m hearing, and will be continuing to listen to the I am sure.

A Roller Coaster Couple of Weeks

So its been a pretty up and down week for me. Work has been busy an my diet has been chaotic.

Thankfully it was back to Scouting again following the half term break, and this involved me taking our Cubs for a hike through some local woods, which was muddy, and they loved it.

I have also been working on skilling myself up to run a sleep over for the Cubs, so they can earn their Digital Maker badge. This has meant buying a Micro:bit (to see my blog on this click HERE), and learning how to use it, as I will need to teach the Cubs. Now don’t get me wrong, I don’t really need an excuse to buy a new tech toy. but this is really not the kind I would normally buy.

Yesterday I got a pile of bits delivered for Survival Kits I’m making for the Cubs for our Easter Camp, and spent a hour or 2 putting the kits together yesterday evening. There are still a couple of little bits to come, but once they are complete, I will get a blog made showing them off, as I think there may be other leaders out there who may be interested.

So once I got done with the kits, Claire came over, and we spent time cuddled up watching Final Destination and just chilling in each others arms. I don’t care who may think it sappy, but I’m never more relaxed than when I’m cuddled up with Claire.

The next week is going to be a busy one, tomorrow its inventory day at the Scout Hut, so there will be a bunch of leaders hauling everything out of the stores, checking the condition and then deciding what we need to replace. Monday is rehearsals for Spot On Productions, so I will be there watching and making notes for stage sets, props and cues. Tuesday is a district Scouts Planning meeting, where we will be deciding on what we are going to do at promotional events the district is taking part in this year. Ant Thursday is Cubs, so Wednesday will be preparing the activities for that.

On top of that I will be working 9 – 5.30 in the office, and I’m on call 24/7 for work until Friday morning, so its going to be crazy.

I will, of course, get a blog or 2 in when I can, as I have really been enjoying doing this, and if nothing else it has been a great way for me to get out whatever is rolling round in my head at the time.

Micro:bit

The Micro:bit is a small programmable board from the BBC. This tiny device is designed to help teach coding to kids, and weighs in at an equally tiny £16 to buy the full stater kit available from Amazon HERE, with a case available from Amazon for just £3.50 HERE.

The Micro:bit has a number of sensors on board, including temperature, G sensor and audio sensor. There there are 25 LEDs in a 5×5 grid on the front, with 2 function buttons to interact with the programs you create.

There is a micro USB connector and Bluetooth which can both be used to download programs to the device. The micro USB can also be used for power, as well as there being a battery pack available (included in the starter kit), which uses 2x AAA batteries, to allow for projects such as a step counter.

Along the bottom of the board are a series of connectors, which can be used with a number of addon breakout boards, and connectors, which as well as being equally as low cost as the Micro:bit, add new features and abilities to the board, and increase the scope of projects that are available.

Now my interest in this little bit of kit comes from Scouting. One of the badges I am putting together activities for my Cubs to do is the Digital Maker badge. This badge is sponsored by the Raspberry Pi Foundation so, as you can imagine, is full of activities designed to get young minds engaged with coding. The best part of this, is that all of the projects can be done using a Raspberry Pi, so I also get to teach the Cubs how to use Linux, as well as coding.

So the Micro:bit uses hex code, which isn’t something I’m familiar with. However, the good people who created the Micro:bit have also provided a couple of ways to create code, either via an online Python editor HERE, or using a Scratch style Javascript editor HERE. In both cases they have a download button which will convert the code to .hex files, which can then simply be dragged and dropped onto the device, as the Micro:bits storage will show as a drive when connected to a computer. Along side these editors, there is also capability to use MU Editor (which has a specific mode for Micro:bit), and also Scratch, as well as other editors.

Below, I have compiled a .zip file with the original files on the Micro:bit, as well as a selection of .hex files I have collected from other sites, and a couple I have created myself using the online editors

If you find a .hex file doesn’t do much, or you want to reset the device, simply drag and drop the OutOfBoxExperience-v2.hex, and this will rest the device to factory settings. The .zip also includes 3 firmware files, the one that came on my device out of the box, and 2 upgrades. To do a firmware upgrade, simply hold the reset button on the back of the device and connect it to your computer, the MAINTENANCE drive will show, and simply drag and drop the firmware file into this drive, once the device resets itself, unplug it from the computer, and plug it back in again to return to normal mode. Again if this fails, put the device back into maintenance mode, and simply drag and drop a different firmware in to downgrade/upgrade. I currently have the latest version running perfectly on my device, so this should work OK for you.

Installing Tor on Linux

Tor is a great browser, which actively routes your connection across multiple nodes in different countries. It is designed to allow the user to remain completely anonymous while online. It also has the ability to access the Dark Web and Deep Web, which although theses areas of the internet have gotten a bad rap (as authorities cant track users in these areas), they are full of all kinds of information and resources.

Recently a number of people have reported issues with installing the Tor browser on Linux, and I myself have had issues with “signature verification failed” errors.

This simple guide will show you how to install this browser, without getting this problem.

Run the following command in the terminal of your choice

# sudo su

# cat <<EOF | sudo tee /etc/apt/sources.list.d/tor.list
deb https://deb.torproject.org/torproject.org bionic main
deb-src https://deb.torproject.org/torproject.org bionic main
EOF

# curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import

# gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

# add-apt-repository ppa:micahflee/ppa

# apt update

# apt install apt-transport-https tor deb.torproject.org-keyring torbrowser-launcher

# exit

# torbrowser-launcher

You should now see the screen below

Click on connect, and you will then get access to the main browser

You can now visit any site you want completely anonymously, as your connection will be routed via the Tor network.

2 Days Until Pay Day

This really is the worst point in the month!

2 days until payday, and my bank balance is £0, thankfully I have everything I need to get through this evening and tomorrow, but hate having an empty bank account.

I am going to be so glad when I get my degree finished, and will be able to start looking for better money, either in my current company or somewhere else.

I am in the process of reducing a number of my bills, as its coming up to renewal time for most of them, but its going to take a couple of months to get them all sorted. Once that’s done I should have a fair bit more available each month,

With some luck my bosses will push the button a day early as they sometimes do, as it would be nice to be able to get a takeaway tomorrow when I get in from Cubs, but naturally I cant count on that, as payday is officially the last working day of each month (so Friday),

A Much Better Day

Following yesterdays little slip, which left me feeling really low, I woke up this morning determined to keep on track today.

Although I did go a few calories over my daily target, everything I had was healthy, and I am absolutely buzzing.

I know people will say that having a little cake wont hurt, but for me it impacts how I feel about myself. Don’t get me wrong, I do have treat days, and I do enjoy a Chinese or a a bit of chocolate or something along those lines. For me, I tend to weigh in on a Thursday evening before I eat, so I tend to do the treats after my weigh in.

I am hoping to have another good day tomorrow, and am feeling certain that, following today, I will be able to keep my willpower in check.

Following last weeks weight gain, I really do want to see at least a little of that gain lost again on Thursday. This will be helped by the fact Thursday is also Cubs night, and this week we are taking them on a short hike in the local woodland. Add that to the 20,000+ steps from Saturdays hike, and 10,000+ steps both yesterday and today, and it should make at least a little dent in the weight.

I know it may seem a little odd to some people to read a guy going on about weight issues, but for me it is something important, and does have a big impact not just on my physical health, but also my mental health.

Mass Distribution Of SSH Keys Across Server Estate

This guide assumes that you have your SSH key on all the servers you need to access, and that you have a new key that needs to be distributed across these servers. If you don’t have your SSH key across your estate, please follow the SSH Bash Script -Copy ID guide on this blog.

Why would you need to distribute a new SSH Key? there are several reasons, but this is something I have to do when we have a new starter within my team at work, or if a Developer or system needs to access certain servers. The key you will need to have is the .pub key, the user generates this by running the following in their terminal, and will then find the file at ~/.ssh/id_rsa.pub (or something similar)

# ssh-keygen

Once you have the key, place it somewhere easy to access

No create a new file called sshaddkey.sh or something easy to remember, the command below will allow you to do this (change “path” to the path of the file). I prefer to use nano, but you could use vi, or whatever editor you prefer

# nano /path/sshaddkey.sh

Now simply copy and paste the code from below, and modify it to match your credentials and host details. I rename the key file, so I can keep track of who they belong to

HOSTS="
192.168.0.150
192.168.0.151
192.168.0.152
192.168.0.155
"
function update {
	ssh -oConnectTimeout=5 -oPubKeyAuthentication=yes -oStrictHostKeyChecking=no -oPasswordAuthentication=no [email protected]$1 "echo \"`cat ~/ssh-keys/jsmith.pub`\" >> .ssh/authorized_keys"
    echo "Closing connection to $HOST"
  

}

for HOST in $HOSTS; do
	echo $HOST
	update $HOST $1
done

Once saved, you will need to grant permissions to the file

# sudo chmod 766 /path/sshaddkey.sh

Ensure you have all your host names or IPs lists, you can add as many as you want, each on a new line

Now to run the code use navigate to the folder it’s in, and execute it using the commands below

# cd /path

# ./sshaddkey.sh

The script wil cycle through each of the IPs or host names in the list, adding the key to the “authorized_keys file for the designated account.

if you have multiple keys to add, you can place tham all in 1 file, with each key on a separate line, and give the file name in the script, this will then add them all in one go, saving you even more time.

As best practice, I advise to add a little text to show who the key is for, and the date added, and by who

####### Keys added 22/02/2020 by A Gordon #######

#### J Blogs - Dev
fake-key/kjdfkjhkjetiofoihn4wrlkjnoivdoi4

#### M Smith - SysAdmin
fake-key/ddocvueaoijtroiwjgoiogk;smglmign

#### Bob T Builder - QA
fake-key/dkjfheiuoihuefbubasfuhiuegfiufaa

################################################

SSH Bash Script – Copy ID

It is quite normal within a tech business to need to rapidly distribute SSH keys across a number of servers. This could be for an number of reasons, a new member of staff needing access to certain servers, a new Admin needing access to all servers, or even a system service of application needing access to a group of servers.

The current best practice for SSH access is to use an SSH key rather than a password, as this restricts access to a set computer, or group of computers, where as a password can be used from anywhere.

Naturally it is recommended that firewall and ACL rules be set up, but to reinforce this the SSH key is key.

Many companies will have a set password, or short list of passwords, for internal server access. This is to facilitate easy access for staff to systems inside a firewall. My company have over 700 servers, and 3/4 of them are internal systems used for development and staging. As you can imagine, trying to add an SSH key to that many servers can take forever, and that is where this simple bash script comes in.

To use this script you will need to be using a bash terminal, and have sshpass installed, to do this select the install option for your system, and run the command in a terminal window

Ubuntu/Debian Systems

# sudo apt install -y sshpass

CentOS/Redhat Ssystems

# sudo yum install -y sshpass

# sudo dnf install -y sshpass   [Fedora 22 or above]

sshpass allows you to logon to SSH including your password in the command line, although not something you should leave hanging around once this script is finished with, for the purpose of this script is is essential.

This script removed the need to manually add your key to each server using the following command

# ssh-copy-id [email protected]

Imagine having to run that command 50 times, 100 times or more, each time typing in your password when prompted, pretty time consuming.

This little script will automatically carry out this action in a fraction of the time.

Next you need to create a .txt file contain a list of host names or IPs you need to get your key added to, creating this in your user folder (/home/<username>/) will make it easier to use. Each host or IP should be on a new line like so

host1
host2
host3
host4

I advise calling the file hosts.txt, this makes it easy to remember, and use when executing the script

Now create a new file called sshcopyid.sh, again I advise doing this in your user folder. Add the following to this file changing the words USER and PASSWORD for your own details

#!/bin/bash

remotehosts="$1"
username="USER"
password="PASSWORD"

for host in `cat ${remotehosts}`
do
sshpass -p${password} ssh-copy-id -o StrictHostKeyChecking=no ${username}@${host}
echo "Uploaded key to " ${host}
done

echo "Finished!"

Once saved, you need to set the permissions as follows

# sudo chmod 766 sshcopyid.sh

Your script is now ready to run. Make sure you have all the host names or IPs needed in the hosts.txt file and use the following command to run it

./sshcopyid.sh ~/hosts.txt

The script will now cycle through each host name or IP and add your SSH key to that system. If the password isn’t correct for any of the servers, a permission denied warning will be displayed in the terminal under the host name or IP. You can then amend the password in the script and re-run it.

Seriously Weak Willed

So again today one of my colleagues brought in home baked cakes, and again I couldn’t resist getting stuck in.

I really feel I have let myself down once again.

I made sure I had a pot of instant porridge for breakfast, and a healthy meal for lunch, so I wouldn’t be tempted to go to the shop or get junk food from the take aways, and then all determined that I was going to stay on track today, stumbled within an hour of being in the office.

Unfortunately my go to comfort has always been food, so feeling bad from eating the cake just made me want to eat more.

I need to get a grip, and get some willpower. I am so sick of being over weight, and really want to get myself back down to a healthy weight, but seem to be failing at every temptation over the last 2 weeks.

I really do need to find something that will help me to feel full between meals, so I won’t be so tempted to snack.