kubernetes(Minikube) on Ubuntu 18.4

                      

What is Minikube: Minikube is the Minikube is a tool that makes it easy to run Kubernetes locally. Minikube runs a single-node Kubernetes cluster inside a Virtual Machine (VM) on your laptop for users looking to try out Kubernetes or develop with it day-to-day.

Lets understand basic pieces of Minikube/Kubernets before start:

• Container – In Minikube, containers are used as the building blocks of creating applications.
• Pod – Pod is a collection of one or more containers that share storage and network resources. Pods contain the definition of how the containers should be run in Minikube. Minikube uses these definitions to maintain the necessary resources. For example, you can define you need two pods. During execution, if one pod goes down, Minikube will automatically fire up a new pod.
• Service – Because pods are replaceable, Minikube needs an abstraction layer to keep the interaction between the different pods seamless. For example, if a pod dies and a new pod is created, the application users shouldn’t get impacted in the details of network addresses and related issues. Services are wrappers around the pods to create levels of abstraction.
• Master – Master coordinates the cluster. It’s like the brains of the operation.
• Node – Workers who run the pods.
• kubectl – It’s the command line interface for running commands on Kubernetes cluster.

Step 1: Run update on system
sudo apt update

Step 2: Install supporting packages
sudo apt-get install -y apt-transport-https

Step 3: Install virualbox for virtulization
sudo apt-get install -y virtualbox virtualbox-ext-pack

Step 4: Install latest version of  Minicuke
sudo wget https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo chmod +x minikube-linux-amd64
sudo mv minikube-linux-amd64 /usr/local/bin/minikube

Step 5: Start minikube
sudo minikube start --vm-driver=none

Step 6: Verify Minikube installation
sudo minikube version

sudo minikube status

Step 7: Now Install Cubectl
sudo curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
sudo echo "deb [arch=amd64 allow-insecure=yes allow-downgrade-to-insecure=yes] http://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt update
sudo apt -y install kubectl

Step 8: Verify Kubectl installation
sudo kubectl version -o json

Step 9: Access Expose Minikube dashboard to access it
sudo minikube dashboard --url      # This will generate url to access with web browser

Some other useful commands:

kubectl get pods --all-namespaces
minikube stop
minikube addons list
minikube ssh
kubectl get nodes
kubectl cluster-info
minikube delete

Serverless 3 tier architecture on AWS

Motive: How a 3 tier application stack can be migrated to AWS Lambda, what is pros and cons associated and expected serverless architecture.

What is mean by Serverless Concept: A serverless architecture is a way to build and run applications and services without having to manage infrastructure. Your application still runs on servers, but all the server management is done by AWS. You no longer have to provision, scale, and maintain servers to run your applications, databases, and storage systems.

 What is AWS Lambda and its working: AWS Lambda is a managed service of AWS, Lambda is a function as a service and was launched in 2014. This service automatic provision a server when a need/call for a function received and release the server once the call is over. The time taken in provision of service (when function call received) may vary from few seconds to 10 minutes to respond to first function query. If there is no function call for next 15 minutes then it starts release of the server and follow the same way for further process. This means theoretically, there may be reasonable delay to the request in such case for every first call after a timeout period.

Pros and Cons of using serverless services managed by AWS:
Pros:
    No operating systems to choose, patch, or manage.
    No servers to monitor, scale-out, or secure.
    No risk to infrastructure cost by over-provisioning.
    No risk to application performance by under-provisioning.
    Reduced Cost of Execution  

Cons:
  No Control Over Environment
  More Complex Call Patterns  
  Less control on Database compared to hosted on EC2  
  Need to investigate if this architecture suffice compliance requirement like PCIDDS or other if applicable as application stack's   environment is in hand of AWS support.

Expected Application Stack Architecture:

AWS S3: For Presentation Tier

AWS Application Gateway: For Integration Tier

AWS Lambda: DAO Tier

AWS Database: DB Tier

              How to create Docker Container of VyOs Router/Firewall

 

Pr-requisites:

1. Docker must be installed and running
2. Must have docker image for VyOs

Docker Installation on CentOs/Amazon Linux: http://aseem-netexpert.blogspot.com/2018/02/docker-on-amazon-ec2-linuxcentos.html

Docker Installation on Windows: http://aseem-netexpert.blogspot.com/2018/12/docker-installation-on-windows-platform.html

So far so good, you have done installation successfully and now time to run docker on your machine, so download docker image of VyOs by following below steps.

Docker repository for Vyos Image: https://hub.docker.com/r/aseemkhan/vyos

1. Get the latest VyOs image from docker created by me: by running below command you will get a docker image of VyOs

 #docker pull aseemkhan/vyos

2. Spine up docker container: Now you got the image, so run below command to spin-up VyOs container from this image

For Linux: docker create --name vyosfw --privileged -v /lib/modules:/lib/modules aseemkhan/vyos /sbin/init

For Windows: docker create --name vyosfw --privileged aseemkhan/vyos /sbin/init

3. Power up the created container

docker start vyosfw

4. See if the container is running

    docker ps 

The output should be like this:
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
6f2fb4c638cb        aseemkhan/vyos      "/sbin/init"        4 minutes ago       Up 2 minutes                            vyosfw

5. Now login to container

docker exec -it vyosfw /bin/vbash

you would get vbash prompt here and running the show version command should reveal like this:

vbash-4.1# show version
Version:      VyOS 1.1.8
Description:  VyOS 1.1.8 (helium)
Copyright:    2017 VyOS maintainers and contributors
Built by:     maintainers@vyos.net
Built on:     Sat Nov 11 13:44:36 UTC 2017
Build ID:     1711111344-b483efc
System type:  x86 64-bit
Boot via:     disk
HW model:     Vostro 1550
HW S/N:       878JMP1
HW UUID:      44454C4C-3700-1038-804A-B8C04F4D5031
Uptime:       11:13:15 up 19:35,  0 users,  load average: 0.34, 0.34, 0.36

6. Go to router prompt by running below command and would get prompt like vyos@6f2fb4c638cb:~$

su - vyos

vyos@6f2fb4c638cb:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             172.17.0.2/16                     u/u  WAN
lo               127.0.0.1/8  

This docker container spin up with one interface so to add more interface, create the interface first and then attached those to container.

Create interface:

docker network create inside

docker network create dmz

Note: these same interface can be attached to more one container, this way each container will obtain same range IP on the named interface.

Stop docker container and attach to container

docker network connect inside vyosfw

docker network connect dmz vyosfw

To disconnect from network:

docker network disconnect inside-1 vyosfw-1