Proxmox cluster setup

I recently created a Proxmox cluster for some physical machine … for making it short, it sometime more efficient to run its own machine that going to cloud, in particular when you can manage a lower service level. So I use a mix of solutions, some on VM running on cloud provider solution like for critical production (Helium services as an example) and I have some bare-metal machine for high computation service (like Helium ETL) where cloud provider would invoice $3000 a month and for the rest I decided to run a Proxmox cluster to have an intermediate low cost infra with a minimum of redundancy I can master.

I started with 2 nodes with the ability to move workload from one to the other and as recently i got a corruption on one of my ZFS storage loosing one of the NVME, I’ve been happy of this setup. Unfortunately, when restarting the damaged node after being repaired, the second one restarted all the VMs causing an unexpected service failure. Let’s see how to setup a Proxmox cluster for not getting into this.

Continue reading

Deploying Helium-ETL instance with API

Helium blockchain ETL is basically a copy of the Helium Blockchain into a database. That way you can query the helium blockchain history to build apps like monitoring, tax management…

The Helium blockchain API project is connected to the Helium ETL to get an easy access to these data.

I’m currently building a tool to monitor and alarm a fleet of hotspots (stay tuned) and it currently uses the Helium API (api.helium.io). But helium APIs are a bit overloaded and not made to support high rate querying from each of the application any member of the community is developing. So I’ve been decided to make my own instance of ETL and API for my own purpose. This is the experience I’ll describe in this blog post:

Continue reading

BalenaFin – compute module motherboard

The BalenaFin board, made by balena.io is a compact Raspberry Pi compute module 3 mother board.

This kind of setup is really useful when making industrial embedded systems in small to average volume like I did and described in a previous post presenting my solution on waveshare system.

I thank you Balena.io, especially Marc, for giving me the opportunity to test this product. So you understand I did not payed to get that one, but as usual, I’m totally free about what I’m writing about it.

The BalenaFin costs $129 w/o taxes and can be ordered on the balena shop. So, let’s how to use it and get benefit of the balena.io platform.

Continue reading

Secure your children Internet access

I’m a big fan of PiHole for my children but also for my IoT devices [not the one I build but the one I’m purchasing 🙂 ]. That said, there are two things missing in it:

  • The first one is that Pi-Hole is operating on DNS request so any malicious solution using its own DNS or direct IP will bypass Pi-Hole protection.
  • The second one is the lake of functionalities like stopping Internet for a certain group of user during certain period of time.

So, when a friend of me contacted me to share its work on a different solution using a proxy, I’ve been happy to let him make a blog post here to introduce his solution. And this solution can be used in complement of PiHole. So, let’s make some place here to Manu PILLANT

Continue reading

Transfer UDP over SSH

When you want to transfer some UDP protocol from a remote server not directly accessible from your local host you can use a combination of SSH and socat to make this communication possible.

The application case is, as an exemple, a SNMP communication with a server in a DMZ to get metrics in a local area dashboard. Like in this exemple.

You have an intermediate host where SSH is accessible you can use as a gateway.

1- on the local host (on the left side), create a SSH tunnel with a TCP port forwarding (here 10000).

ssh -L 10000:localhost:10000 **gateway_host_ip**

2- on the gateway host, route the traffic received from the port we have previously associated to the UDP target host:port

socat tcp4-listen:10000,reuseaddr,fork UDP:**target_host_ip**:**udp_port**

3 – on the local host, route the traffic received from the given UDP port to the previously associated TCP port for tunnelling

socat -T15 udp4-recvfrom:**udp_port**,reuseaddr,fork tcp:localhost:10000

That’s it.

Pi Day – Sigma Lambda Pi

Sigma Lambda Pi is the perfect thing to talk about on the 3/14 Pi day!

This crazy machine is a 16 Raspberry Pi-4 cluster in a 2U server rack, set to execute FaaS (Function as a Service) with a green-it approach. Don’t make a dream of Raspberry-Pi high performance demonstration, you will be disappointed and it’s not the purpose of this project. This is not a commercial product, the objective of the company who made it, was research, team building and team skills improvement. This has been made by friends of my, working at Be|ys, a team of 9 people, under the lead of Christophe Prugnaud. They made a demo of it during the Clermont’Tech Api Hour #46, the video will be soon accessible.

Continue reading