...

dar1/1_prepare_router/routeros_install.md

@@ -0,0 +1,148 @@
+# Router OS Install
+
+## sitation
+
+- we have a mobile phone with access point
+- SSID: threefold
+- secret: planetfirst
+
+The idea is we configure a routeros as client to the access point, we use NAT (network translation) to allow the ZOS computer which will be connected to the routerOS.
+
+
+![](img/env_routeros_zos.png)
+
+The 3Node will get IP address from the router and through the router get to the internet.
+
+Because our computer is connected to same router over USB nic we can check the network connection is running.
+
+Ofcourse we can replace the routerOS with any standard router which gives DHCP to our computer and Zero-OS.
+
+
+
+### how to reset the routeros
+
+It might be needed to reset the router, before we can make progress
+
+> todo
+
+## connect computer to routeros
+
+![](img/routeros1.png)
+
+In this case we have a wired connection (TP cat5) from computer over USB network card to the router os on port 2 (make sure its not port 1).
+
+After resetting the router OS, the computer should receive an ip address on 192.168.88.... address, see below for how to reset.
+
+now go to http://192.168.88.1/
+
+### configure initial passwd
+
+![](img/initialpasswd.png)
+
+you should see above, which asks for passwd, we will for demo select planetfirst
+
+(the initial passwd is empty)
+
+![](img/routeros2.png)
+
+You should now see something like this 
+
+
+### install as client to mobile
+
+![](img/cpe.png)
+
+at right top chose config as CPE which is client to a wireless access point.
+
+Now you should see something like:
+
+
+![](img/cpe2.png)
+
+![](img/planetfirst1.png)
+
+see how to configure the wireless connection (threefold/planetfirst) at left side
+
+click connect
+
+![](img/cpe3.png)
+
+Now you can see how it connects to our phone and has signal
+
+It didn't get an ip address yet, this is because the DHCP client was not configured yet.
+
+![](img/routeros_4.png)
+
+See the configuration needed, 
+
+- configure as router
+- address acquisition is automatic
+- make sure ip address is in range 192.168.88...
+- make sure DHCP is given (server range can be put on empty)
+- make sure NAT is on
+
+Click on apply configuration
+
+
+### get address DHCP
+
+Not sure why this doesn't work but had to do a further work around to get a TCP address on the router.
+
+Click on WebFig
+
+Go to IP dhcpclient
+
+![](img/ros_dhcpclient.png)
+
+
+![](img/dhcp1.png)
+
+click on the one entry and change it to wlan, click on apply
+
+![](img/dhcp_wlan.png)
+
+I've had situations where I couldn't select wlan and then I chose the generic bridge or I created a new bridge and that worked, was weird, anyhow here it was possible to select WLAN and it got ip address.
+
+### test it works
+
+I can now test on my computer
+
+![](img/ping.png)
+
+it works, ping to 8.8.8.8 which is DNS server of google.
+
+Now the router is configured, I go over the USB nic to the internet
+
+on routeros you can go to tools/ping
+
+
+![](img/ros_ping.png)
+
+there you can ping to 8.8.8.8 again and see how it responds, that shows you the router can access it, only useful to test if your computer would not be able to get there.
+
+### reboot router 
+
+lets make sure it all comes up, 
+
+![](img/ros_reboot.png)
+
+go to system reboot
+
+go back to your terminal ping to 8.8.8.8 and see how it goes away and then comes back
+
+![](img/ros_comesback.png)
+
+We now know that the router has the config even after restart,
+
+## connecto the zero-os node
+
+now we can connect the ZOS node we want to configure
+
+## remarks
+
+- to test make sure your wirless is not on, you need to connect over USB network card, not wireless otherwise you don't know if the router is doing its work.
+
+## troubleshooting
+
+if for whatever reason it didn't work, best to reset the rooter and restart from scratch.
+

dar1/2_prepare_computer/1_prepare_bios.md

@@ -0,0 +1,35 @@
+
+
+## boot from USB
+
+Most often a computer does not boot from USB but from local HDD or SSD (disk), to change this you need to go into the BIOS
+
+Typically to go in bios you need to reboot your computer and press F1 or del button while booting, don't mind keep on pushing those 2 buttons till you see a screen like the following
+
+![](img/bios1.png)
+
+This shows the computer access the bios.
+
+Look for a screen which lets you configure the boot options
+
+
+![](img/bios_boot.png)
+
+configure the screen to be something like
+
+
+![](img/bios_boot2.png)
+
+make sure the USB key, disk ... all get priority on internal HDD,SSD or NVME disk.
+
+this will make sure we can boot from a USDB disk.
+
+If you see something like above it means the computer will boot from USB first.
+
+
+
+![](img/bios_save.png)
+
+Don't forget to save your changes, see screenshot and now the computer will reboot.
+
+

dar1/2_prepare_computer/2_empty_disk.md

@@ -0,0 +1,54 @@
+# Empty disk
+
+## prepare rescue USB stick
+
+We use system rescue procedure to empty the disk, its anyhow very handy to have a USB stick with this rescue OS.
+
+see https://www.system-rescue.org/Download/
+
+see https://fastly-cdn.system-rescue.org/releases/11.00/systemrescue-11.00-amd64.iso
+
+![](img/balena.png)
+
+we use balena etcher tool to burn the ISO onto a USB stick, its a very straight forward process to burn the iso on a USB stick.
+
+the tool can be found on https://etcher.balena.io/
+
+## now boot computer with the USB stick
+
+make sure bios has been prepared to boot from USB see [here](1_prepare_bios.md)
+
+![](img/usb_rescue.png)
+
+after booting you should see something like this
+
+Select first item
+
+![](img/rescue2.png)
+
+check which disk to erase do
+
+```bash
+sfdisk -l
+```
+
+![](img/sfdisk.png)
+
+in this case we see /dev/sda... which is the USB stick we are booting from and /dev/nvme0n1 which is the internal nvme disk, this is the one we will have to empty
+
+## empty the disk
+
+Be careful following command will erase your disk completely !!!
+
+![](img/rescue_erase.png)
+
+```bash
+wipefs -a /dev/nvme0n1
+```
+
+Now your disk is empty, go to next step to boot Zero-OS
+
+
+
+
+

dar1/3_install_zos/1_prepare_farm.md

@@ -0,0 +1,22 @@
+# prepare farm
+
+go to [https://dashboard.bknd1.ninja.tf/](https://dashboard.bknd1.ninja.tf/) this is our beta new dashboard.
+
+![](img/tf_dashboard.png)
+
+follow instructions in manual https://manual.grid.tf/ and create account on threefold, make sure there is some TFT in your account.
+
+![](img/tf_dashboard.png)
+
+Here you see how I have access to dashboard and I have 19872 TFT in my account.
+
+## Create a farm
+
+![](img/createfarm.png)
+
+here we can create a farm, follow instructions manual.
+
+In my case I have a farm with id: 3456 (funny id)
+
+You can see that I have already booted one node before in this farm.
+

dar1/3_install_zos/2_prepare_zos_usb.md

@@ -0,0 +1,31 @@
+# Create ZOS USB 
+
+Go to node installer (see in dashboard there is a link) but for your reference https://bootstrap.grid.tf/
+
+
+
+![](img/bootstrap_zos.png)
+
+fill in your farm id, in my case 3456
+
+![](img/zos_selection.png)
+
+select main network
+
+![](mg/zos_image.png)
+
+select the top one: USB image
+
+It will now prepare this USB image and download.
+
+Use the Balena etcher tool again to burn this USB image to USB
+
+![](img/usb_burn1.png)
+
+select the downloaded image and put on USB stick.
+
+Once done boot the 3node (your computer) with this USB stick.
+
+
+
+

dar1/3_install_zos/3_boot_zos.md

@@ -0,0 +1,68 @@
+# Boot ZOS
+
+we are almost done, we have now done the following
+
+- we prepared our router
+- we prepared our 3Node (our computer)
+  - make sure we boot from USB stick
+  - empty the disk using rescue disk if needed
+- we prepared our farm
+- we prepared our USB stick to boot from
+
+Put the USB stick in computer and boot
+
+![](img/zos_boot_1.png)
+
+Above shows how we connected to internet and are downloading the first boot component of Zero-OS
+
+![](img/zos_boot2.png)
+
+You should see something like above
+
+Depending the speed of your connection this can take a long time.
+
+
+## check node is there
+
+see https://dashboard.bknd1.ninja.tf/#/farms
+
+![](img/farm_ok.png)
+
+Here you can see how a new node came (the other one is indeed down, not connected in my case)
+
+![](img/zos_up.png)
+
+if I click on the node I can see its up and running and the resources are not used yet.
+
+## find my node in node finder
+
+[https://dashboard.bknd1.ninja.tf/#/deploy/nodes?country=tanzania](https://dashboard.bknd1.ninja.tf/#/deploy/nodes?country=tanzania)
+
+![](img/nodes_tnx.png)
+
+Urgent time to deploy some more ZOS-nodes in tanzania !!!
+
+![](img/mynode.png)
+
+see [https://dashboard.bknd1.ninja.tf/#/deploy/nodes?nodeId=6323](https://dashboard.bknd1.ninja.tf/#/deploy/nodes?nodeId=6323)
+
+Yiha our node is active in tanzania (behind my mobile 4G connection).
+
+We can also see the monitoring info
+
+[see monitor link](https://metrics.grid.tf/d/rYdddlPWkfqwf/zos-host-metrics?orgId=2&refresh=30s&var-network=custom&var-farm=3456&var-node=5GkFKLXox85LkoA6HpWmq5axxhiU7AY5jcrtTnat8BDDKzo7&var-diskdevices=%5Ba-z%5D%2B%7Cnvme%5B0-9%5D%2Bn%5B0-9%5D%2B%7Cmmcblk%5B0-9%5D%2B)
+
+We don't see that much yet because we just booted
+
+![](img/zos_monitor.png)
+
+
+
+## troubleshooting
+
+I have notived over slow lines some things can be a little off and there can be weird error messages.
+
+> ALT F1 and ALT F2 keys give you access to more logs.
+
+In case of doubt don't hesitate to go on chat of threefold.io website and ask question (see at bottomn of the website).
+

dar1/4_install_vm/1_install_vm.md

@@ -0,0 +1,52 @@
+
+# install VM
+
+Lets now launch a VM on our Zero-OS environment
+
+See (little bit outdated tutorial) https://manual.grid.tf/weblets/weblets_vm.html
+
+You will need an SSH key before deploying see
+
+- [https://manual.grid.tf/getstarted/ssh_guide/ssh_openssh.html](https://manual.grid.tf/getstarted/ssh_guide/ssh_openssh.html)
+
+
+## make sure your SSH key is in your account
+
+![](img/sshkey.png)
+
+see [https://dashboard.bknd1.ninja.tf/#/deploy/sshkey](https://dashboard.bknd1.ninja.tf/#/deploy/sshkey)
+
+Get your ssh key into your account, it will be used when deploying a VM.
+
+## install VM
+
+![](img/install_vm.png)
+
+[https://dashboard.bknd1.ninja.tf/#/deploy/vms](https://dashboard.bknd1.ninja.tf/#/deploy/vms)
+
+select micro vm
+
+![](img/vm_deply_param.png)
+
+- note: we chose 2 virtual cores, 4 GB mem
+- note: we did manual selection of 3node, in this case we used the one we just installed 6323
+
+we can immediately see how much resources available
+
+the network is automatically on planetary network.
+
+> click on deploy
+
+This typically will take couple of minutes first time.
+
+
+
+
+![](img/myvm2.png)
+
+after install you will see this which means VM was succesfully deployed.
+
+
+The planetary network is 300:61cd:2f3d:a1b4:368f:5eed:3651:ff1c see the result.
+
+

dar1/4_install_vm/2_planetary_network.md

@@ -0,0 +1,138 @@
+
+# Planetary network
+
+In this example we will use the planetary network to connect to deployed workloads, planetary network is based on yggdrasil and is the pre-decessor of the new Mycelium which will be part of our TFGrid starting with TFGrid 3.13 (end Q1 2024).
+
+
+see [https://manual.grid.tf/getstarted/planetarynetwork.html](https://manual.grid.tf/getstarted/planetarynetwork.html)
+
+
+install yggdrassil [https://yggdrasil-network.github.io/installation.html](https://yggdrasil-network.github.io/installation.html) on your OS
+
+## osx example
+
+```
+
+sudo yggdrasil -useconf /etc/yggdrasil.conf -loglevel debug
+
+```
+
+## example configuration
+
+see /etc/yggdrasil.conf
+
+notice the list of peers as has been added to support the ThreeFold network, best to add these:
+
+```ts
+{
+  # Your private key. DO NOT share this with anyone!
+  PrivateKey: 978dbff757bb8d2d24af474b40130a57c3.....
+
+  # List of connection strings for outbound peer connections in URI format,
+  # e.g. tls://a.b.c.d:e or socks://a.b.c.d:e/f.g.h.i:j. These connections
+  # will obey the operating system routing table, therefore you should
+  # use this section when you may connect via different interfaces.
+  Peers: [
+    tcp://gent01.grid.tf:9943
+    tcp://gent02.grid.tf:9943
+    tcp://gent03.grid.tf:9943
+    tcp://gent04.grid.tf:9943
+    tcp://gent01.test.grid.tf:9943
+    tcp://gent02.test.grid.tf:9943
+    tcp://gent01.dev.grid.tf:9943
+    tcp://gent02.dev.grid.tf:9943
+    tcp://gw291.vienna1.greenedgecloud.com:9943
+    tcp://gw293.vienna1.greenedgecloud.com:9943
+    tcp://gw294.vienna1.greenedgecloud.com:9943
+    tcp://gw297.vienna1.greenedgecloud.com:9943
+    tcp://gw298.vienna1.greenedgecloud.com:9943
+    tcp://gw299.vienna2.greenedgecloud.com:9943
+    tcp://gw300.vienna2.greenedgecloud.com:9943
+    tcp://gw304.vienna2.greenedgecloud.com:9943
+    tcp://gw306.vienna2.greenedgecloud.com:9943
+    tcp://gw307.vienna2.greenedgecloud.com:9943
+    tcp://gw309.vienna2.greenedgecloud.com:9943
+    tcp://gw313.vienna2.greenedgecloud.com:9943
+    tcp://gw324.salzburg1.greenedgecloud.com:9943
+    tcp://gw326.salzburg1.greenedgecloud.com:9943
+    tcp://gw327.salzburg1.greenedgecloud.com:9943
+    tcp://gw328.salzburg1.greenedgecloud.com:9943
+    tcp://gw330.salzburg1.greenedgecloud.com:9943
+    tcp://gw331.salzburg1.greenedgecloud.com:9943
+    tcp://gw333.salzburg1.greenedgecloud.com:9943
+    tcp://gw422.vienna2.greenedgecloud.com:9943
+    tcp://gw423.vienna2.greenedgecloud.com:9943
+    tcp://gw424.vienna2.greenedgecloud.com:9943
+    tcp://gw425.vienna2.greenedgecloud.com:9943
+  ]
+
+  # List of connection strings for outbound peer connections in URI format,
+  # arranged by source interface, e.g. { "eth0": [ "tls://a.b.c.d:e" ] }.
+  # Note that SOCKS peerings will NOT be affected by this option and should
+  # go in the "Peers" section instead.
+  InterfacePeers: {}
+
+  # Listen addresses for incoming connections. You will need to add
+  # listeners in order to accept incoming peerings from non-local nodes.
+  # Multicast peer discovery will work regardless of any listeners set
+  # here. Each listener should be specified in URI format as above, e.g.
+  # tls://0.0.0.0:0 or tls://[::]:0 to listen on all interfaces.
+  Listen: []
+
+  # Configuration for which interfaces multicast peer discovery should be
+  # enabled on. Each entry in the list should be a json object which may
+  # contain Regex, Beacon, Listen, and Port. Regex is a regular expression
+  # which is matched against an interface name, and interfaces use the
+  # first configuration that they match gainst. Beacon configures whether
+  # or not the node should send link-local multicast beacons to advertise
+  # their presence, while listening for incoming connections on Port.
+  # Listen controls whether or not the node listens for multicast beacons
+  # and opens outgoing connections.
+  MulticastInterfaces: [
+    {
+      Regex: en.*
+      Beacon: true
+      Listen: true
+      Port: 0
+      Priority: 0
+      Password: ""
+    }
+    {
+      Regex: bridge.*
+      Beacon: true
+      Listen: true
+      Port: 0
+      Priority: 0
+      Password: ""
+    }
+  ]
+
+  # List of peer public keys to allow incoming peering connections
+  # from. If left empty/undefined then all connections will be allowed
+  # by default. This does not affect outgoing peerings, nor does it
+  # affect link-local peers discovered via multicast.
+  AllowedPublicKeys: []
+
+  # Local network interface name for TUN adapter, or "auto" to select
+  # an interface automatically, or "none" to run without TUN.
+  IfName: auto
+
+  # Maximum Transmission Unit (MTU) size for your local TUN interface.
+  # Default is the largest supported size for your platform. The lowest
+  # possible value is 1280.
+  IfMTU: 65535
+
+  # By default, nodeinfo contains some defaults including the platform,
+  # architecture and Yggdrasil version. These can help when surveying
+  # the network and diagnosing network routing problems. Enabling
+  # nodeinfo privacy prevents this, so that only items specified in
+  # "NodeInfo" are sent back if specified.
+  NodeInfoPrivacy: false
+
+  # Optional node info. This must be a { "key": "value", ... } map
+  # or set as null. This is entirely optional but, if set, is visible
+  # to the whole network on request.
+  NodeInfo: {}
+}
+
+```

dar1/4_install_vm/3_connect.md

@@ -0,0 +1,43 @@
+## Connect
+
+Our planetary network addr is 300:61cd:2f3d:a1b4:368f:5eed:3651:ff1c
+
+You can go to yggdrasil network map to see its working
+
+- [http://[21e:e795:8e82:a9e2:ff48:952d:55f2:f0bb]/](http://[21e:e795:8e82:a9e2:ff48:952d:55f2:f0bb]/)
+
+If you see a map then you know yggdrasil is working.
+
+
+### Connect to our VM
+
+```bash
+ssh root@300:61cd:2f3d:a1b4:368f:5eed:3651:ff1c
+```
+
+The ipaddr is the one we got from the install before.
+
+The first login will take 10-30 sec because the SSH components will be downloaded on the fly in the VM thanks to our flist approach.
+
+![](img/ssh_access.png)
+
+it worked we are now to our local vm
+
+lets install some software components
+
+```bash
+apt update
+apt install nettools-ping
+ping 8.8.8.8
+```
+
+Now we can see how our VM running the ZOS we installed is able to go outside.
+
+### traffic is local
+
+![](img/pinglocal.png)
+
+less than 4ms clearly this is a local conncection, this is cool this means the planetary network connected me directly from my node to this node, amazing.
+
+we now have a network on top of the Internet, a overlay Internet Network.
+

dar1/4_install_vm/yggdrasil.conf

@@ -0,0 +1,110 @@
+{
+  # Your private key. DO NOT share this with anyone!
+  PrivateKey: 978dbff757bb8d2d24af474b40130a57c3749001db....
+
+  # List of connection strings for outbound peer connections in URI format,
+  # e.g. tls://a.b.c.d:e or socks://a.b.c.d:e/f.g.h.i:j. These connections
+  # will obey the operating system routing table, therefore you should
+  # use this section when you may connect via different interfaces.
+  Peers: [
+    tcp://gent01.grid.tf:9943
+    tcp://gent02.grid.tf:9943
+    tcp://gent03.grid.tf:9943
+    tcp://gent04.grid.tf:9943
+    tcp://gent01.test.grid.tf:9943
+    tcp://gent02.test.grid.tf:9943
+    tcp://gent01.dev.grid.tf:9943
+    tcp://gent02.dev.grid.tf:9943
+    tcp://gw291.vienna1.greenedgecloud.com:9943
+    tcp://gw293.vienna1.greenedgecloud.com:9943
+    tcp://gw294.vienna1.greenedgecloud.com:9943
+    tcp://gw297.vienna1.greenedgecloud.com:9943
+    tcp://gw298.vienna1.greenedgecloud.com:9943
+    tcp://gw299.vienna2.greenedgecloud.com:9943
+    tcp://gw300.vienna2.greenedgecloud.com:9943
+    tcp://gw304.vienna2.greenedgecloud.com:9943
+    tcp://gw306.vienna2.greenedgecloud.com:9943
+    tcp://gw307.vienna2.greenedgecloud.com:9943
+    tcp://gw309.vienna2.greenedgecloud.com:9943
+    tcp://gw313.vienna2.greenedgecloud.com:9943
+    tcp://gw324.salzburg1.greenedgecloud.com:9943
+    tcp://gw326.salzburg1.greenedgecloud.com:9943
+    tcp://gw327.salzburg1.greenedgecloud.com:9943
+    tcp://gw328.salzburg1.greenedgecloud.com:9943
+    tcp://gw330.salzburg1.greenedgecloud.com:9943
+    tcp://gw331.salzburg1.greenedgecloud.com:9943
+    tcp://gw333.salzburg1.greenedgecloud.com:9943
+    tcp://gw422.vienna2.greenedgecloud.com:9943
+    tcp://gw423.vienna2.greenedgecloud.com:9943
+    tcp://gw424.vienna2.greenedgecloud.com:9943
+    tcp://gw425.vienna2.greenedgecloud.com:9943
+  ]
+
+  # List of connection strings for outbound peer connections in URI format,
+  # arranged by source interface, e.g. { "eth0": [ "tls://a.b.c.d:e" ] }.
+  # Note that SOCKS peerings will NOT be affected by this option and should
+  # go in the "Peers" section instead.
+  InterfacePeers: {}
+
+  # Listen addresses for incoming connections. You will need to add
+  # listeners in order to accept incoming peerings from non-local nodes.
+  # Multicast peer discovery will work regardless of any listeners set
+  # here. Each listener should be specified in URI format as above, e.g.
+  # tls://0.0.0.0:0 or tls://[::]:0 to listen on all interfaces.
+  Listen: []
+
+  # Configuration for which interfaces multicast peer discovery should be
+  # enabled on. Each entry in the list should be a json object which may
+  # contain Regex, Beacon, Listen, and Port. Regex is a regular expression
+  # which is matched against an interface name, and interfaces use the
+  # first configuration that they match gainst. Beacon configures whether
+  # or not the node should send link-local multicast beacons to advertise
+  # their presence, while listening for incoming connections on Port.
+  # Listen controls whether or not the node listens for multicast beacons
+  # and opens outgoing connections.
+  MulticastInterfaces: [
+    {
+      Regex: en.*
+      Beacon: true
+      Listen: true
+      Port: 0
+      Priority: 0
+      Password: ""
+    }
+    {
+      Regex: bridge.*
+      Beacon: true
+      Listen: true
+      Port: 0
+      Priority: 0
+      Password: ""
+    }
+  ]
+
+  # List of peer public keys to allow incoming peering connections
+  # from. If left empty/undefined then all connections will be allowed
+  # by default. This does not affect outgoing peerings, nor does it
+  # affect link-local peers discovered via multicast.
+  AllowedPublicKeys: []
+
+  # Local network interface name for TUN adapter, or "auto" to select
+  # an interface automatically, or "none" to run without TUN.
+  IfName: auto
+
+  # Maximum Transmission Unit (MTU) size for your local TUN interface.
+  # Default is the largest supported size for your platform. The lowest
+  # possible value is 1280.
+  IfMTU: 65535
+
+  # By default, nodeinfo contains some defaults including the platform,
+  # architecture and Yggdrasil version. These can help when surveying
+  # the network and diagnosing network routing problems. Enabling
+  # nodeinfo privacy prevents this, so that only items specified in
+  # "NodeInfo" are sent back if specified.
+  NodeInfoPrivacy: false
+
+  # Optional node info. This must be a { "key": "value", ... } map
+  # or set as null. This is entirely optional but, if set, is visible
+  # to the whole network on request.
+  NodeInfo: {}
+}

dar1/readme.md

@@ -0,0 +1,9 @@
+# Dar Monday 5 Sept
+
+## Goal
+
+- install a Zero-OS on local node
+    - if needed use a mobile connection to do it from
+- deploy a VM on top of the local node
+- show how to our planetary network (previous version of mycelium) to get local access
+-