• 1 Post
  • 48 Comments
Joined 1 year ago
cake
Cake day: June 9th, 2023

help-circle



  • Not for PiHole but I was testing this recently with traefik. This has a bunch of traefik stuff in there (I’m on mobile so it’s too hard to edit it) but hopefully you see how the networks work

    # Testing macvlan setup for traefik
    # Will only work on linux because of macvlan network
    
    version: '3'
    
    services:
      traefik-whoami:
        image: traefik/whoami
        container_name: traefik_whoami
        networks:
          - bridge_network
        labels:
          - "traefik.enable=true"
          - "traefik.http.routers.whoami.rule=Host(`whoami.test`)"
          - "traefik.http.routers.whoami.entrypoints=http"
      
      traefik-reverse-proxy:
        image: traefik:v2.10
        container_name: traefik_reverse_proxy
        command:
          - "--api.insecure=true"  # Enable the API dashboard (insecure for testing)
          - "--providers.docker=true"  # Enable Docker provider
          - "--providers.docker.exposedbydefault=false"  # Disable exposing all containers by default
          - "--entrypoints.http.address=:80"  # HTTP entrypoint
          - "--entrypoints.http.forwardedheaders.insecure=true"  # Insecure forwarding (for testing)
          - "--providers.docker.network=bridge_network"  # Use bridge network for traefik discovery
        ports:
          - "1180:80"  # Expose HTTP entrypoint
          - "12345:8080"  # Expose Traefik dashboard
        networks:
          bridge_network: {}
          macvlan_network:
            ipv4_address: 192.168.1.69
        volumes:
          # TODO: Use docker.sock proxy instead of mounting directly
          # https://github.com/Tecnativa/docker-socket-proxy
          - /var/run/docker.sock:/var/run/docker.sock:ro
        labels:
          - "traefik.enable=true"
          - "traefik.http.routers.reverse-proxy.rule=Host(`traefik.test`)"
          - "traefik.http.routers.reverse-proxy.entrypoints=http"
    
    networks:
      bridge_network:
        driver: bridge
    
      macvlan_network:
        driver: macvlan
        driver_opts:
          parent: eth0
        ipam:
          config:
            - subnet: 192.168.1.0/24
              gateway: 192.168.1.1
              ip_range: 192.168.1.69/32  # Must be outside router's DHCP range
    















  • It’s not NAS specific, it’s platform independent - that’s the whole point. You have an application you want to run, and you package it all up into a docker image which contains not only the application but it’s dependencies and their dependencies all the way down to the OS. That way you don’t need to worry about installing things (because the container already has the application installed), all you have to do is allocate some resources to the container and it’s guaranteed* to work

    *nothing is ever as simple as it first appears

    One area where this is really helpful is in horizontally scaling workloads like web servers. If you get a bunch more traffic, you just spin up a bunch more containers from your server image on whatever hardware you have laying around, and route some of the traffic to the new servers. All the servers are guaranteed to be the same so it doesn’t matter which one serves the request. This is the thing kubernetes is very good at.

    Edit: see caveats below


  • It’s absolutely orientalist, similar to Zelazny’s Lord of Light but for Islam instead of Hinduism. For these, I was able to view them as a product of their time and enjoy the story even while recognizing some problematic elements.

    I found the 2nd book to be a bit of a slog, and I enjoyed the 3rd a lot more again. Since it was about new characters once again coming of age (… kind of), it has that same sense of exploration and discovery as the 1st. The 1st is definitely my fave so far though.