jamesmoriarty/k3s-host-network-experiment

Stars
1
Language
Shell
Created almost 4 years ago
Updated almost 4 years ago

jamesmoriarty/k3s-host-network-experiment

jamesmoriarty

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Why did my minidlna setup stop working?

k3s-host-network-experiment

Why did my minidlna setup stop working?

Update 1.

securityContext:
  capabilities:
    add:
    - NET_ADMIN

Enables SSDP/udp multicast on :1900.

Commands

bin/k3s/uninstall

bin/k3s/<cni>/<strategy>/install

Matrix

cni	config	notes
flannel	default
flannel	custom	`INSTALL_K3S_EXEC="--disable-network-policy --no-deploy traefik --bind-address=$(bin/ip) --node-ip=$(bin/ip) --node-external-ip=$(bin/ip) --cluster-cidr=192.168.0.0/16 --service-cidr=192.168.0.0/16"`
none	custom	`INSTALL_K3S_EXEC="--flannel-backend=none --no-flannel --disable-network-policy --no-deploy traefik"`
cilium	default	`INSTALL_K3S_EXEC="--flannel-backend=none --no-flannel --disable-network-policy --no-deploy traefik"`

Debug

ss -lntp | grep -E ':(8200) '

netstat -lntp

Capture

tshark -f "udp port 1900"

Discovery

nmap -sU -p 1900 --script=upnp-info 10.0.0.0/24

Notes

Yes, you cannot access pods from outside the cluster when using flannel - they're on virtual interfaces with private addresses. This is normal. k3s-io/k3s#1879 (comment)
udp/upnp multicast (not broadcast) on 1900.
tcp/http serve on 8200.
can generally access internally from host ip e.g. http://10.0.0.238:8200/
external port block on :8200? iptables, ufw, ...
k3s installer options

forward-proxy

Minimal HTTP(S) forward proxy using 150LOC and only standard libraries.

scorched_earth

Scorched Earth clone in JRuby with no dependencies.

gohack

Experimental Go language CSGO exploit.

lisp

Minimal Lisp interpreter using 75LOC and only standard libraries.

gomem

A Go library for manipulating Windows processes.

nebula

WebGL top down space shooter.

react-instagram-authless-feed

React component to provide a token-less Instagram feed.

cfn-cheapest-nat

Cheapest AWS VPC NAT.

angularjs-rss-reader

RSS reader in Javascript / AngularJS.

goforward

Go forward proxy with bandwidth limiting.

poto

multi cloud storage to image gallery + image proxy + file api - 350 LOC.

alpaca-desktop

Experimental OSX menu bar widget for Alpaca.

call-graph

Capture execution and create dependency graphs.

interceptor

Ruby method interceptors.

trie

Ruby trie data structure.

chingu-template

Simple template for a Chingu application.

redux-paint

Simple "time-traveling" paint application.

simple-sinatra-sequel-blog

A simple blog with Sinatra and Sequel.

tf-idf

Ruby Gem to calculate tf*idf

k8s-gitops

k8s gitops home lab.

gobackground

Golang, winuser.dll, advapi32.dll, to create a random unsplashed background binary.

godll

Example of Go & Windows DLL build and usage.

gobat2exe

Convert Windows batch files into executable files.

vagrant-metasploit

pi-playbook

Configure Raspberry Pi with Ansible

chef-pptpd

Chef PPTPDrecipe.

thread-pool

Ruby thread pool.

gobot

Go learning exercise.

cfn-static-website-with-lambda-at-edge

Static website hosted from an S3 Bucket delivered via Cloudfront with Lambda@Edge.

jamesmoriarty.github.io

cfn-vpc

A simple VPC including public and private subnets over multiple AZs.

react-email-signature

scala-robot

mini-aasm

A State Machine library intended to be compatible with lightweight implementations of the Ruby language using 100LOC and only standard libraries.

scheduler-dataflow-demo

chef-minidlna

Chef MiniDLNA recipe.

experiment-nginx-proxy-pass-forward-proxy

rack-playbook

Deploy compatible rack apps with ansible.

docker-pmd

Dockerfile for PMD an extensible cross-language static code analyzer.

kotlin-robot

victoria-exposure-site-bot

chef-qt-webkit-devel

experiment-dns-resolve

experiment-fail-fast-mirroring