Raspberry Pi 4 Microk8s Kubernetes Clustering Gotchas

3 node raspberry pi 4 cluster

I’ve been running a few docker workloads on various stand-alone raspberry pi 4 hosts. This has worked well, but I decided to up my game a bit and setup a Kubernetes cluster. Why? Kubernetes is the container orchestration technology that is taking over the cloud and figured it would be a good learning opportunity to figure out how all the bits play together.

For my workloads, I need a 64 bit OS and I am using raspberry pi 4 8GB boards with a power-over-ethernet (POE) hat. I am using Ubuntu Server 64 bit and I am using Microk8s for the Kubernetes runtime. The tutorials are straight forward and I am not going to rehash that, but instead call out the gotchas to look out for.

CoreDNS

For my infrastructure stuff, I use DHCP reservations with long leases and make an internal DNS entries. This is a lot easier to centrally manage that doing static address assignments. I knew I was going to need k8 DNS support, so I did the following….

microk8s enable dns

And then when I moved my docker hosted container into a pod it failed. After a little troubleshooting to make sure there wasn’t any network layer issues, and validating that I could resolve external DNS names, I knew the problem was CoreDNS wasn’t pointed at my internal DNS servers. There are a couple ways to fix this…

# pass the dns server ips when enabling coredns 
microk8s enable dns:dns1, dns2

# or you can edit the configuration after-the-fact
microk8s kubectl -n kube-system edit configmap/coredns

Private Registry

I wanted to run a private registry to start with. Why? ISP connections can fail and it is also a fast way for me to experiment. Microk8s is the container orchestration layer, and it is using Docker for the container runtime. Docker by default will attempt to use HTTPs when connecting to the registry, which breaks with the private registry. You will see an error such as “…http: server gave HTTP response to HTTPS client.”

I am running a 3 node cluster, and I setup the registry storage on node-01. So we have to make some configuration edits…

# edit the docker /etc/docker/daemon.json file and add the ip address or FQDN to the registry host. I did this on each node of the cluster
{
  "insecure-registries" : ["xx.xx.xx.xx:32000"]
}

# restart docker
sudo systemclt restart docker

# now edit the container template and use the same 
# ip address/FQDN. I did this step on each node in 
# the cluster to make sure everything was consistent.
# The point of a cluster is to let the cluster consider 
# all resources when picking a host, so each node needs 
# to be able to pull the docker images if there is a 
# redeployment, scaling event, etc.
sudo nano /var/snap/microk8s/current/args/containerd-template.toml

 [plugins."io.containerd.grpc.v1.cri".registry.mirrors."xx.xx.xx.xx:32000"]
          endpoint = ["http://xx.xx.xx.xx:32000"]

# after making the edit/saving, restart the microk8s node
microk8s stop
microk8s start

I ported the leo ntp time server monitoring to run in the microk8s cluster. It has worked flawlessly until it croaked. The entire cluster was jacked up. I was using channel=1.20/stable which was the latest release at that time. I have since rebuilt the cluster to use channel=1.21/stable and everything has been bullet proof.

FlightAware ADS-B Dual 978 MHz + 1090 MHz Band-Pass SMA Filter

flightware ADS-B Dual 978 MHz + 1090 MHz Band-Pass SMA Filter

I plan to build an ADS-B tracker. However, I live in an RF noisy urban neighborhood, and all that noise can desense an RF receiver, so I bought this FlightAware Dual UAT+ADS-B filter. I put it on the spectrum analyzer and I measured a passband from ~930Mhz to ~1.2Ghz with ~1.5dB of insertion loss. Since this is all up in the gighertz range, my plan is to keep the antenna feedlines short by mounting a raspberry pi 4 in a weather-rated enclosure close to the antenna. I’ll power all of it by running a network cable with POE to the raspberry pi with a POE hat.

Covid-19: Prisoner’s Dilemma

Prisoner’s Dilemma comes from game theory. Essentially, two prisoners are not allowed to collaborate, and then are presented a set of options: stay silent and get a guaranteed sentence, or cooperate and get immunity. The optimal solution is to stay silent.

What does this have to do with Corona Virus and Covid-19? Right now, the only effective way to mitigate the spread of the virus is through social distancing: staying away from others to slow the spread. But humans can become irrational in time of panic – really toilet paper?

Corona Virus is now a pandemic and we now have a prisoner’s dilemma problem at a global scale – in absence of a cure/vaccine, the only other way to get this virus to go away would be to blunt the transmission: 7 billion people go on lock down/isolation for ~3 weeks. Otherwise, once people start moving around again (travel, random social contact, etc.) you will just get more flare ups. This isn’t feasible.

What’s not the solution? Self-interest. If you pursue your own self interests, and everyone pursues their own self interests – i.e. everyone goes Mad Max Thunder Dome, that puts excessive demand on supply chains and the health care systems. This will feed panic, which can turn to social unrest, and a bunch of other shitty outcomes.

What is a solution? Cooperation. What does cooperation look like? Practice social distancing. Don’t horde. Help your neighbors and the less fortunate. Maintain your physical and mental health.

Prisoner’s Dilemma. Accept the fact that this Corona Virus pandemic will affect you either directly or indirectly. You will not come out unscathed. The optimal solution for society will be cooperation not individualism.

OpenHPSDR PowerSDR mRX PortAudio Errors and Fix

OpenHPSDR PowerSDR mRX PortAudio Error -9999
OpenHPSDR PowerSDR mRX PortAudio Error -9999 Unanticipated host error

You’re about ready to get your radio geek on and you get a PortAudio Error -9999 Unanticipated host error, followed by a PortAudio Error -9988 Invalid stream pointer.  WTF since everything was working fine on Windows XP/Windows 7/Windows 10.  Well, the mighty fine folks at Microsoft decided to tighten up security with applications (“apps” if you’re cool) permissions to access the microphone.

Windows 10 Allow Access to Microphone

The fix is straight-forward:  On Windows 10, you go to settings->privacy->microphone and enable it.  If you are privacy concerned like me, you can then go through the “Choose which apps can access your microphone” and turn them all off.

For you new software engineers – this is a great example of a shitty error message.  If the message said “Access denied while trying to open your microphone or input device.  Please make sure this device is enabled and the access permissions are correct” that would make it much easier to diagnose the issue.

Machine Learning to Eat Free

This hack is brilliant:
In today’s digital age, a large Instagram audience is considered a valuable currency. I had also heard through the grapevine that I could monetize a large following — or in my desired case — use it to have my meals paid for. So I did just that.

I created an Instagram page that showcased pictures of New York City’s skylines, iconic spots, elegant skyscrapers — you name it. The page has amassed a following of over 25,000 users in the NYC area and it’s still rapidly growing.

Shimano Dura-Ace 32-11T Cassette

 

Put a 32-11T Cassette on your Shimano Dura-ace Drivetrain
32-11T Cassette on a Shimano Dura-ace Drivetrain

I’ve started to get into endurance type riding.  I was doing 50+ mile rides on the hybrid bike, but it was time to graduate to a road bike.  I bought a new Trek Domane SL8 road bike that has carbon with more carbon and a full Shimano Dura-ace group set.  It came with a compact crank (50/34) paired with a 30-11T cassette.  Since I am doing some events with 7000+ feet of climbing, I wanted to be able to “call granny” to save my ass when my legs turn to rubber.  The largest Dura-ace rear cassette is 30-11T, but you can swap in a Shimano Ultegra R8000 32-11T cassette without any problems.  I didn’t have to lengthen the chain or do any other trickery such as using a Roadlink by Wolf Tooth..  The image above shows that the derailleur is not hitting the cassette even when in “big-big.”

Why We Cannot Have Nice Things: Comment SPAM

Just finished trashing 183 spam comments.  The spam techniques were interesting – some used flattery to try to disguise the spam, others were just flat out proud of their spam.  I could install comment filtering tools, but that’s work and cost.  Time to change the comment settings.

BMW S1000R Accessory Light Flasher – First Prototype

I built this about a year ago.  I prototyped a circuit that used an ATTiny85 microcontroller to drive a p-channel (high side) mosfet.  The idea was to use the microcontroller to strobe the Clearwater Darla LED accessory lights.

The circuit worked as expected, but that click-click-click-click noise is bad. I thought the functionality of the led “instant-on” was via a 12v signal to the dc-dc circuit in the led light, but it is actually a mechanical relay. Strobing anything mechanical is no bueno.

I  completely changed my strategy after this test.  A little experimenting and I discovered that the accessory lights are controlled by a PWM signal which controls the light intensity (low to full power).

Rigol Oscilloscope i2c Bus Decoding

I built a weather station last year. Even though I sprayed a conformal coating on the PCB to help it resist humidity exposure, the temp/humidity/barometric pressure sensor flaked out from exposure to the elements.  While fixing it, I decided to “geek out” a bit and hook the oscilloscope up to decode the i2c bus messages.  My notes for reference.

High Level:

  1. Connect probes, make sure they are setup correctly (10:1, etc.). Then set vertical scale and time-base.
  2. Set the triggering conditions to match the signal encoding
  3. Set the decode conditions to match the signal encoding
  4. Optional – use the event table to capture and export the data

Connections
Channel 1 probe to SCL (Clock)
Channel 2 probe to SDA (Data)

Scope Config
Set to 2v/div, 100us
Trigger – i2c, SCL->Channel 1, SDA->Channel 2, When->Start, Sweep->Auto
Decode – i2c, BusStatus->On, SCLK->Channel 1, SDA->Channel 2, SCL Threshold->1.80v, SDAThreshold->1.80v, Format->Hex (whatever is appropriate)

Enable the event table if you want to capture data which allows you to also export the data to a usb drive.