... it's better to have good questions

Containers and Capabilities

2022-07-14 5 min read technology Ronny Trommer
I have to work with container images from time to time, and sometimes I need to do networking stuff. Of course, you want to do this as an unprivileged user. Especially when you mix and match with Docker or Kubernetes, it gets sometimes a bit tricky and a lot of people in our community including myself struggled on this part. To document it for my future-self and the ones interested – here is my scenario. Continue reading

A cookbook for a K8s playground

2022-02-11 5 min read technology Ronny Trommer
In my last weeks, I had to work with deployments of OpenNMS with Kubernetes. Instead of spending dollars on cloud providers for my lab, I’ve bought a beefy cheap box for my home network for less than 1.500,-€ about a year ago. It saved me probably already more than I would have spent on similar resources in the cloud for my playgrounds. It has an Intel(R) Core(TM) i9-10880H CPU, 64 GB RAM, and 2 TB SSD which has enough steam to run VMware ESXi on it. Continue reading

ioquake3 in a container

2022-01-06 5 min read technology Games Ronny Trommer
Once upon a time, people had no internet access, or it was very expensive and slow. To have some fun, they spent weekends with their friends and hung out playing games over a local area network. It was so much fun it gained some interest and the space from your friends house was just too small for all the people. Parents and families went crazy and electric bills went through the roof. Continue reading

This website is not available in your country

2021-12-22 4 min read technology Ronny Trommer
Note to my future self. You might find yourself in a situation where you are blocked from an internet service because of your geographic location. A way to get around is using a VPN from a friend in a non-evil geographic location or using a 3rd party VPN service. Sometimes you don’t have that option right away and you need something quickly - Torbrowser for the rescue. Download and install the latest Torbrowser. Continue reading

OpenNMS Horizon, Docker, Traefik and Let's Encrypt

2021-08-11 3 min read technology Ronny Trommer
I work from home for over 6 years now and especially when you like networking, want to get stuff up and running and breaking it - you start looking around :) You’ve heard about k8s, k{0,3}s or Microk8s but you don’t want to use it to run your private blog and you find yourself in a spot where the benefits running stuff in containers justify the pain - this article might be something for you :) Continue reading

Setting up a VMware Test environment

2021-08-04 4 min read technology Ronny Trommer
To test functions like importing OVA files in VMware ESXi and with vCenter the trial phase and a local deployment can be used. You need the following requirements: VMware Workstation on Windows or VMware Fusion on Mac OSX VMware Hypervisor ISO image to install the ESXi host system VMware vCenter ISO image for local deployment If you just want to learn how it works you can get a 60 days trial license registering an account on VMware. Continue reading

VMware multipathd log spam

2021-04-07 3 min read technology Ronny Trommer
While I was deploying Loki with Promtail I’ve seen a lot of log spam from Ubuntu virtual machines in my VMware environment. As a note to myself and for some others who want cleaner system logs – here is what I’ve found to get rid of it. The log entries look like these here: 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: failed to get sgio uid: No such file or directory 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: failed to get sysfs uid: Invalid argument 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: failed to get udev uid: Invalid argument 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: add missing path The best article I’ve found was from SUSE describing the problems source. Continue reading

Installing Node Exporter on Linux

2021-03-11 2 min read technology Open-Source Ronny Trommer
In OpenNMS Horizon 28+ is now a PrometheusCollector available. It scrapes the metrics from the provided exporter pages and allows to add data collections. As of speaking today it is not 100% feature complete, scraping data types like histograms is not implemented yet. If you want to play around here is a quick way to get the Linux Node_Exporter installed. The following steps are executed in a root shell with sudo -i. Continue reading

Hardening SSH for audit

2021-02-19 2 min read technology Ronny Trommer
Running a server in the public requires some additional work. Especially if you want management access via SSH for Ansible or if you want break stuff manually with fiddeling around :) You can run an SSH audit of your public server using This section here is a very condensed way to get an A rating. Just use strong host key for authentication of the host # file: /etc/ssh/sshd_config HostKey /etc/ssh/ssh_host_ed25519_key HostKey /etc/ssh/ssh_host_rsa_key Delete existing keys and re-generate the RSA and ED25519 keys Continue reading

UCARP and High Availability

2020-02-07 2 min read technology Open-Source Ronny Trommer
If you have ever played with BSD you probably ran into CARP. It allows you to build a high available service which is provided by two physical servers behind a virtual shared IP address. The CARP nodes define a master and a backup system. A master serves the content and if the master crashes, the backup system takes over automatically the virtual IP (VIP) and the client won’t notice. Disclaimer: You should be aware this setup will not share load and increase your network throughput. Continue reading
Older posts