http://vikipranata.is-a.dev/posts/ Recent content in Posts on Viki Pranata Hugo -- 0.146.0 en Mon, 15 Dec 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/vllm-gpt-oss-20b/ Mon, 15 Dec 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/vllm-gpt-oss-20b/ Running LLM OpenAI Open Source Model with vLLM and GPU NVIDIA L4 http://vikipranata.is-a.dev/posts/rke2-with-cillium-cni/ Mon, 16 Jun 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/rke2-with-cillium-cni/ Building Rancher Kubernetes Engine 2 without kube-proxy with Cilium eBPF CNI http://vikipranata.is-a.dev/posts/k3s-multi-master/ Fri, 06 Jun 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/k3s-multi-master/ Create lightweight container orchestrations with Kubernetes Rancher K3S and CRI-O for Container Runtime http://vikipranata.is-a.dev/posts/setup-docker-swarm/ Thu, 05 Jun 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/setup-docker-swarm/ Create container orchestrations with Docker Swarm http://vikipranata.is-a.dev/posts/vyos-router-setup-ha/ Sat, 05 Apr 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/vyos-router-setup-ha/ Installing and setup VyOS 1.5 Stream version with high availability and config sync http://vikipranata.is-a.dev/posts/openstack-operational-cli/ Sun, 16 Mar 2025 00:30:00 +0700 http://vikipranata.is-a.dev/posts/openstack-operational-cli/ Operating OpenStack via the command line, which can be used for preparing COA (Certified OpenStack Administrator) http://vikipranata.is-a.dev/posts/openstack-kolla-ansible-2024.2/ Sun, 16 Mar 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/openstack-kolla-ansible-2024.2/ Deployment Openstack Cloud with Kolla Ansible http://vikipranata.is-a.dev/posts/ceph-reef-deployment/ Sat, 15 Mar 2025 00:00:00 +0700 http://vikipranata.is-a.dev/posts/ceph-reef-deployment/ Deployment Software Defined Storage with Ceph Reef http://vikipranata.is-a.dev/posts/high-availability-keepalived/ Wed, 04 Sep 2024 09:00:00 +0700 http://vikipranata.is-a.dev/posts/high-availability-keepalived/ <h1 id="installing-packages-dependencies"><strong>Installing Packages Dependencies</strong></h1> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">dnf install -y keepalived </span></span></code></pre></div><h1 id="keepalived-configuration"><strong>Keepalived Configuration</strong></h1> <p>Keepalived state reference</p> <ul> <li>MASTER-MASTER (if down, back to top priority)</li> <li>MASTER-BACKUP (if down, back to MASTER)</li> <li>BACKUP-BACKUP (if down, respect to node with MASTER state)</li> <li>Routers with priority 101 will become MASTER and Routers with priority 100 will become BACKUP.</li> </ul> <h2 id="configure-first-node">Configure First Node</h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">cat <span class="s">&lt;&lt;EOF | tee /etc/keepalived/keepalived.conf </span></span></span><span class="line"><span class="cl"><span class="s">global_defs { </span></span></span><span class="line"><span class="cl"><span class="s"> router_id JumpServer </span></span></span><span class="line"><span class="cl"><span class="s"> enable_script_security </span></span></span><span class="line"><span class="cl"><span class="s"> vrrp_check_unicast_src </span></span></span><span class="line"><span class="cl"><span class="s">} </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s">vrrp_track_process track_openvpn { </span></span></span><span class="line"><span class="cl"><span class="s"> process openvpn </span></span></span><span class="line"><span class="cl"><span class="s"> weight 2 </span></span></span><span class="line"><span class="cl"><span class="s">} </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s">vrrp_instance VIP { </span></span></span><span class="line"><span class="cl"><span class="s"> state MASTER </span></span></span><span class="line"><span class="cl"><span class="s"> interface eth1 </span></span></span><span class="line"><span class="cl"><span class="s"> virtual_router_id 69 </span></span></span><span class="line"><span class="cl"><span class="s"> priority 101 </span></span></span><span class="line"><span class="cl"><span class="s"> advert_int 1 </span></span></span><span class="line"><span class="cl"><span class="s"> nopreempt </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s"> authentication { </span></span></span><span class="line"><span class="cl"><span class="s"> auth_type PASS </span></span></span><span class="line"><span class="cl"><span class="s"> auth_pass Pa\$\$w0rd </span></span></span><span class="line"><span class="cl"><span class="s"> } </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s"> unicast_src_ip 10.79.80.1 </span></span></span><span class="line"><span class="cl"><span class="s"> unicast_peer { </span></span></span><span class="line"><span class="cl"><span class="s"> 10.79.80.2 </span></span></span><span class="line"><span class="cl"><span class="s"> } </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s"> virtual_ipaddress { </span></span></span><span class="line"><span class="cl"><span class="s"> 103.150.80.130/28 dev eth0 </span></span></span><span class="line"><span class="cl"><span class="s"> 10.79.80.254/24 dev eth1 </span></span></span><span class="line"><span class="cl"><span class="s"> } </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s"> virtual_routes { </span></span></span><span class="line"><span class="cl"><span class="s"> 0.0.0.0/0 via 103.150.80.142 dev eth0 metric 100 </span></span></span><span class="line"><span class="cl"><span class="s"> } </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s"> static_routes { </span></span></span><span class="line"><span class="cl"><span class="s"> 0.0.0.0/0 via 10.79.80.251 dev eth1 metric 101 </span></span></span><span class="line"><span class="cl"><span class="s"> } </span></span></span><span class="line"><span class="cl"><span class="s"> </span></span></span><span class="line"><span class="cl"><span class="s"> track_process { </span></span></span><span class="line"><span class="cl"><span class="s"> track_openvpn </span></span></span><span class="line"><span class="cl"><span class="s"> } </span></span></span><span class="line"><span class="cl"><span class="s">} </span></span></span><span class="line"><span class="cl"><span class="s">EOF</span> </span></span></code></pre></div><p>Restart service and set to run while system boot</p> http://vikipranata.is-a.dev/posts/linux-openvpn-server/ Wed, 04 Sep 2024 09:00:00 +0700 http://vikipranata.is-a.dev/posts/linux-openvpn-server/ <h2 id="installing-package-dependencies"><em>Installing package dependencies</em></h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">dnf install -y epel-release </span></span><span class="line"><span class="cl">dnf install -y openvpn openssl easy-rsa policycoreutils-python-utils  </span></span></code></pre></div><h2 id="creating-and-setting-up-an-openvpn-server-certificates"><em>Creating and Setting Up an OpenVPN Server Certificates</em></h2> <p>Set of environment variable for easy_rsa</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">cat <span class="s">&lt;&lt;EOF | tee vars </span></span></span><span class="line"><span class="cl"><span class="s">set_var EASYRSA_ALGO ec </span></span></span><span class="line"><span class="cl"><span class="s">set_var EASYRSA_CURVE prime256v1 </span></span></span><span class="line"><span class="cl"><span class="s">set_var EASYRSA_CA_EXPIRE 3650 </span></span></span><span class="line"><span class="cl"><span class="s">set_var EASYRSA_CERT_EXPIRE 3650 </span></span></span><span class="line"><span class="cl"><span class="s">set_var EASYRSA_CRL_DAYS 3650 </span></span></span><span class="line"><span class="cl"><span class="s">EOF</span> </span></span></code></pre></div><p>Then execute <code>./easyresa init-pki</code><br> <img alt="init-pki" loading="lazy" src="http://vikipranata.is-a.dev/posts/linux-openvpn-server/uploads/init-pki.webp"></p> <p>Create certificate authority (CA) and sever certificate.</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="nv">SERVER_CN</span><span class="o">=</span>jumpserver </span></span><span class="line"><span class="cl"><span class="nv">SERVER_NAME</span><span class="o">=</span>jumpserver </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">./easyrsa --batch --req-cn<span class="o">=</span><span class="s2">&#34;</span><span class="nv">$SERVER_CN</span><span class="s2">&#34;</span> build-ca nopass </span></span><span class="line"><span class="cl">./easyrsa --batch build-server-full <span class="s2">&#34;</span><span class="nv">$SERVER_NAME</span><span class="s2">&#34;</span> nopass </span></span><span class="line"><span class="cl">./easyrsa gen-crl </span></span></code></pre></div><p><img alt="create-ca-cert" loading="lazy" src="http://vikipranata.is-a.dev/posts/linux-openvpn-server/uploads/create-ca-cert.webp"></p> http://vikipranata.is-a.dev/posts/linux-join-ad/ Tue, 03 Sep 2024 09:20:00 +0700 http://vikipranata.is-a.dev/posts/linux-join-ad/ <p>After we <a href="../setup-active-directory-server">Setup Active Directory Server in Windows Server 2022</a> now we can use this LDAP/AD User to login to server environments.</p> <h2 id="join-active-directory-and-configure-to-login-with-user-ad">Join Active Directory and Configure to Login with User AD</h2> <p>Installing packages</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">dnf install -y realmd oddjob oddjob-mkhomedir sssd adcli samba-common-tools </span></span></code></pre></div><p>Set dns server to AD server</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">cat <span class="s">&lt;&lt;EOF | tee -a /etc/resolv.conf </span></span></span><span class="line"><span class="cl"><span class="s">search lab.homelab.is-a.dev </span></span></span><span class="line"><span class="cl"><span class="s">nameserver 10.79.80.3 </span></span></span><span class="line"><span class="cl"><span class="s">EOF</span> </span></span></code></pre></div><p>Discover to AD server</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">realm discover lab.homelab.is-a.dev </span></span></code></pre></div><p><img alt="realm-discover" loading="lazy" src="http://vikipranata.is-a.dev/posts/linux-join-ad/uploads/realm-discover.webp"></p> <p>Joining linux host to AD server</p> http://vikipranata.is-a.dev/posts/setup-active-directory-server/ Tue, 03 Sep 2024 09:00:00 +0700 http://vikipranata.is-a.dev/posts/setup-active-directory-server/ <blockquote> <p>This pages is work in progress</p></blockquote> <h2 id="setup-active-directory-domain-services">Setup Active Directory Domain Services</h2> <p><img alt="Step 1" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/1.webp"> <br> <img alt="Step 2" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/2.webp"> <br> <img alt="Step 3" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/3.webp"> <br> <img alt="Step 4" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/4.webp"> <br> <img alt="Step 5" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/5.webp"> <br> <img alt="Step 6" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/6.webp"> <br> <img alt="Step 7" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/7.webp"> <br> <img alt="Step 8" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/8.webp"> <br> <img alt="Step 9" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/9.webp"> <br> <img alt="Step 10" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/10.webp"></p> <p>Setup finish and server will be restart.</p> <h2 id="create-organizational-unit-and-security-group">Create Organizational Unit and Security Group</h2> <p><img alt="Step 11" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/11.webp"> <br> <img alt="Step 12" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/12.webp"></p> <h2 id="create-user-and-assign-to-security-group">Create User and Assign to Security Group</h2> <p><img alt="Step 13" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/13.webp"> <br> <img alt="Step 14" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/14.webp"></p> <h2 id="add-a-domain-controller-to-an-existing-domain">Add a Domain Controller to an Existing Domain</h2> <p><img alt="Step 15" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/15.webp"><br> <img alt="Step 16" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/16.webp"><br> <img alt="Step 17" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/17.webp"><br> <img alt="Step 18" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/18.webp"><br> <img alt="Step 19" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/19.webp"><br> <img alt="Step 20" loading="lazy" src="http://vikipranata.is-a.dev/posts/setup-active-directory-server/uploads/20.webp"></p> <p>Setup finish and server will be restart.</p> http://vikipranata.is-a.dev/posts/linux-networking/ Mon, 02 Sep 2024 09:10:00 +0700 http://vikipranata.is-a.dev/posts/linux-networking/ <h2 id="configure-linux-nat-forwarding"><em>Configure Linux NAT Forwarding</em></h2> <p>Enable kernel parameter</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s1">&#39;net.ipv4.ip_forward = 1&#39;</span> &gt; /etc/sysctl.d/99-forwarding.conf </span></span><span class="line"><span class="cl">sysctl --system </span></span></code></pre></div><p>Setup firewalld configuration</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">nmcli connection migrate </span></span><span class="line"><span class="cl">nmcli connection modify eth0 connection.zone public </span></span><span class="line"><span class="cl">nmcli device modify eth0 connection.zone public </span></span><span class="line"><span class="cl">nmcli connection modify eth1 connection.zone internal </span></span><span class="line"><span class="cl">nmcli device modify eth1 connection.zone internal </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">firewall-cmd --permanent --zone<span class="o">=</span>public --add-masquerade </span></span><span class="line"><span class="cl">firewall-cmd --permanent --new-policy NAT-int-to-ext </span></span><span class="line"><span class="cl">firewall-cmd --permanent --policy NAT-int-to-ext --add-ingress-zone internal </span></span><span class="line"><span class="cl">firewall-cmd --permanent --policy NAT-int-to-ext --add-egress-zone public </span></span><span class="line"><span class="cl">firewall-cmd --permanent --policy NAT-int-to-ext --set-target ACCEPT </span></span><span class="line"><span class="cl">firewall-cmd --reload </span></span></code></pre></div><p>Special case for Proxmox Virtual Environment</p> http://vikipranata.is-a.dev/posts/linux-resize-disk/ Sun, 01 Sep 2024 09:00:00 +0700 http://vikipranata.is-a.dev/posts/linux-resize-disk/ <h2 id="expand-space-without-rebooting-vm"><em>Expand Space without Rebooting VM</em></h2> <p>Current usage disk with <code>lsblk</code> command <img alt="disk-overview" loading="lazy" src="http://vikipranata.is-a.dev/posts/linux-resize-disk/uploads/disk-overview.webp"></p> <p>And here is LVM partition table<br> <img alt="lvm-overview" loading="lazy" src="http://vikipranata.is-a.dev/posts/linux-resize-disk/uploads/lvm-overview.webp"></p> <p>First step we need grow partition in <code>/dev/sda3</code>, install package growpart first</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">dnf install -y cloud-utils-growpart </span></span></code></pre></div><p>Then we resize partition with this command</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">growpart /dev/sda <span class="m">3</span> </span></span></code></pre></div><p><img alt="growpart-result" loading="lazy" src="http://vikipranata.is-a.dev/posts/linux-resize-disk/uploads/growpart-result.webp"></p> <p>See the different before and after, if you don&rsquo;t use LVM partition scheme just execute <code>resize2fs /dev/sda3</code> to full fill the partition.</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">pvresize /dev/sda3 </span></span><span class="line"><span class="cl">pvs </span></span><span class="line"><span class="cl">vgs </span></span></code></pre></div><p><img alt="pvresize-result" loading="lazy" src="http://vikipranata.is-a.dev/posts/linux-resize-disk/uploads/pvresize-result.webp"></p>