mjpg-stream + softether vpn 仮環境
外泊の予定ができたため、出先でペットの様子が見えるよう急ぎ構築する
mjpg-stream
- setup
root@rasp-pi03:~# mkdir -p /var/app/ root@rasp-pi03:~# cd /var/app/ root@rasp-pi03:/var/app# git clone https://github.com/jacksonliam/mjpg-streamer.git root@rasp-pi03:/var/app# cd mjpg-streamer/mjpg-streamer-experimental root@rasp-pi03:/var/app/mjpg-streamer/mjpg-streamer-experimental# apt-get install cmake libjpeg8-dev root@rasp-pi03:/var/app/mjpg-streamer/mjpg-streamer-experimental# sudo make root@rasp-pi03:/var/app/mjpg-streamer/mjpg-streamer-experimental# sudo make install root@rasp-pi03:/var/app/mjpg-streamer/mjpg-streamer-experimental# cd /usr/local/lib/mjpg-streamer/ root@rasp-pi03:/usr/local/lib/mjpg-streamer# mjpg_streamer -o "./output_http.so -w /usr/local/share/mjpg-streamer/www -p 8080" -i "./input_uvc.so -d /dev/video0 -r 640x480 -fps 30 -q 10 -y -n"
ブラウザ確認 http://192.168.1.13:8080/
bg 起動
root@rasp-pi03:/usr/local/lib/mjpg-streamer# nohup mjpg_streamer -o "./output_http.so -w /usr/local/share/mjpg-streamer/www -p 8080" -i "./input_uvc.so -d /dev/video0 -r 1280x720 -fps 30 -q 15 -y -n" &
softether vpn
- image
- setup
root@rasp-pi03:~# mkdir -p /var/app/softether_vpn root@rasp-pi03:~# cd /var/app/softether_vpn root@rasp-pi03:/var/app/softether_vpn# wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.36-9754-beta/softether-vpnserver-v4.36-9754-beta-2021.06.07-linux-arm_eabi-32bit.tar.gz root@rasp-pi03:/var/app/softether_vpn# tar zxvf softether-vpnserver-v4.36-9754-beta-2021.06.07-linux-arm_eabi-32bit.tar.gz root@rasp-pi03:/var/app/softether_vpn# cd vpnserver/ root@rasp-pi03:/var/app/softether_vpn/vpnserver# make
- 起動 sh
root@rasp-pi03:/var/app/softether_vpn/vpnserver# vi start.sh root@rasp-pi03:/var/app/softether_vpn/vpnserver# cat start.sh #!/bin/bash /var/app/softether_vpn/vpnserver/vpnserver start /sbin/brctl addif br0 tap_softether root@rasp-pi03:/var/app/softether_vpn/vpnserver# chmod +x start.sh
- bridge
root@rasp-pi03:~# apt-get install -y bridge-utils root@rasp-pi03:~# vi /etc/network/interfaces root@rasp-pi03:~# cat /etc/network/interfaces ... # loopback auto lo iface lo inet loopback # Ethernet port auto eth0 iface eth0 inet manual # Bridge interface auto br0 iface br0 inet static address 192.168.1.13 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1 bridge_ports eth0 root@rasp-pi03:~# reboot
vpnserver start
root@rasp-pi03:/var/app/softether_vpn/vpnserver# sh start.sh
Ansible 実行環境構築
- pip
root@raspberrypi:~# pip3 install --upgrade pip Successfully installed pip-21.1.2 root@raspberrypi:~# pip -V pip 21.1.2 from /usr/local/lib/python3.7/dist-packages/pip (python 3.7)
- venv
root@raspberrypi:~# mkdir -p /var/app/ansible root@raspberrypi:/var/app/ansible# python3 -V Python 3.7.3 root@raspberrypi:/var/app/ansible# python3 -m venv .venv root@raspberrypi:/var/app/ansible# . .venv/bin/activate (.venv) root@raspberrypi:/var/app/ansible#
- ansible
(.venv) root@raspberrypi:/var/app/ansible# pip install --upgrade pip setuptools (.venv) root@raspberrypi:/var/app/ansible# pip install ansible Successfully installed MarkupSafe-2.0.1 PyYAML-5.4.1 ansible-4.1.0 ansible-core-2.11.1 cffi-1.14.5 cryptography-3.4.7 jinja2-3.0.1 packaging-20.9 pycparser-2.20 pyparsing-2.4.7 resolvelib-0.5.4 (.venv) root@raspberrypi:/var/app/ansible# ansible --version ansible [core 2.11.1] config file = None configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /var/app/ansible/.venv/lib/python3.7/site-packages/ansible ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections executable location = /var/app/ansible/.venv/bin/ansible python version = 3.7.3 (default, Jan 22 2021, 20:04:44) [GCC 8.3.0] jinja version = 3.0.1 libyaml = True
- apt
root@raspberrypi:~# apt-get update root@raspberrypi:~# apt-get upgrade
- git
root@raspberrypi:/var/app/ansible# apt install git root@raspberrypi:/var/app/ansible# git --version git version 2.20.1 root@raspberrypi:/var/app/ansible# git config --global user.email "XXXX@gmail.com" root@raspberrypi:/var/app/ansible# git config --global user.name "XXXX" root@raspberrypi:/var/app/ansible# git remote add origin https://github.com/XXXX/ansible root@raspberrypi:/var/app/ansible# git pull origin master
- ansible hosts
root@raspberrypi:/var/app/ansible# vi /etc/hosts root@raspberrypi:/var/app/ansible# cat /etc/hosts ... 192.168.1.11 rasp-pi01.home 192.168.1.12 rasp-pi02.home 192.168.1.13 rasp-pi03.home root@raspberrypi:/var/app/ansible# mkdir -p environments/home root@raspberrypi:/var/app/ansible# vi environments/home/hosts root@raspberrypi:/var/app/ansible# cat environments/home/hosts root@raspberrypi:/var/app/ansible# cat environments/home/hosts ... [all:vars] ansible_ssh_user=root ansible_ssh_private_key_file=/root/.ssh/id_rsa ansible_python_interpreter=/usr/bin/python3 [rasp-pi01] rasp-pi01.home [rasp-pi02] rasp-pi02.home [rasp-pi03] rasp-pi03.home
- ansible ping
(.venv) root@raspberrypi:/var/app/ansible# ansible -i environments/home/hosts all -m ping rasp-pi01.home | SUCCESS => { "changed": false, "ping": "pong" } rasp-pi02.home | SUCCESS => { "changed": false, "ping": "pong" } rasp-pi03.home | SUCCESS => { "changed": false, "ping": "pong" }
- pip freeze
(.venv) root@raspberrypi:/var/app/ansible# pip freeze > requirements.txt (.venv) root@raspberrypi:/var/app/ansible# cat requirements.txt ansible==4.1.0 ansible-core==2.11.1 cffi==1.14.5 cryptography==3.4.7 Jinja2==3.0.1 MarkupSafe==2.0.1 packaging==20.9 pkg-resources==0.0.0 pycparser==2.20 pyparsing==2.4.7 PyYAML==5.4.1 resolvelib==0.5.4
初期セットアップ
基本的に ansible で管理するため、ip addr, ssh 周りのみのセットアップ
os
- arm64 の方が docker image 扱いたすそうなため、64bit OS を入れた
pi@raspberrypi:~ $ sudo su - root root@raspberrypi:~# rpi-update pi@raspberrypi:~ $ uname -a Linux raspberrypi 5.10.43-v8+ #1425 SMP PREEMPT Wed Jun 16 18:03:16 BST 2021 aarch64 GNU/Linux
ssh
- ssh 有効化 (OS イメージ書き込み時)
mac:~# touch /boot/ssh
- ssh 鍵
root@raspberrypi:~# ssh-keygen -t rsa -b 4096 root@raspberrypi:~# ssh-copy-id -i ~/.ssh/id_rsa.pub pi@192.168.1.12 (remote host) root@raspberrypi:~# cp /home/pi/.ssh/authorized_keys ~/.ssh/
wifi
root@raspberrypi:~# vi /boot/wpa_supplicant.conf root@raspberrypi:~# reboot root@raspberrypi:~# vi /etc/wpa_supplicant/wpa_supplicant.conf root@raspberrypi:~# cat /etc/wpa_supplicant/wpa_supplicant.conf country=JP ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev update_config=1 network={ ssid="XXXXXXXXXX" psk="XXXXXXXXXX" } root@raspberrypi:~# wpa_cli -i wlan0 reconfigure OK root@raspberrypi:~# ifconfig wlan0 | grep 'inet ' inet 192.168.1.XX netmask 255.255.255.0 broadcast 192.168.1.255
ip addr
- ip addr 固定
root@raspberrypi:~# cp /etc/dhcpcd.conf /etc/dhcpcd.conf.bak root@raspberrypi:~# vi /etc/dhcpcd.conf root@raspberrypi:~# cat /etc/dhcpcd.conf ... # Example static IP configuration: interface eth0 static ip_address=192.168.1.11/24 static routers=192.168.1.1 static domain_name_servers=192.168.1.1 8.8.8.8 interface wlan0 static ip_address=192.168.1.21/24 static routers=192.168.1.1 static domain_name_servers=192.168.1.1 8.8.8.8 root@raspberrypi:~# reboot root@raspberrypi:~# ifconfig | grep -E -a1 'eth0|wlan0' eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255 -- wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.21 netmask 255.255.255.0 broadcast 192.168.1.255
物理構成
- raspberry pi
- rack
- GeeekPi
- https://www.amazon.co.jp/gp/product/B07TJ15YL1/ref=ppx_yo_dt_b_asin_title_o05_s00
- poe hat をつけると高さが足りないため、画像の通り 2 ユニット分を 1 層する
- https://www.amazon.co.jp/gp/product/B07TJ15YL1/ref=ppx_yo_dt_b_asin_title_o05_s00
- GeeekPi
- poe switch
おうちインフラの草案 v0.0.0...1
使いたいインフラ周りのツール
- ansible
- ansible-container
- awx (ansible tower)
- docker
- kubernetes
使いたいアプリケーション
ポンチ絵 v0.0.0...1
机上の空論
k8s on rasp-pi managed ansible で prometheus monitoring したい