diff --git a/1.2 DockerStackCommands.txt b/1.2 DockerStackCommands.txt new file mode 100644 index 0000000..7996582 --- /dev/null +++ b/1.2 DockerStackCommands.txt @@ -0,0 +1,51 @@ +sudo curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose +chmod +x /usr/local/bin/docker-compose + docker-compose --version + +#docker-compose.yml +version: '3.3' + +services: + db: + image: mysql:5.7 + volumes: + - db_data:/var/lib/mysql + restart: always + environment: + MYSQL_ROOT_PASSWORD: somewordpress + MYSQL_DATABASE: wordpress + MYSQL_USER: wordpress + MYSQL_PASSWORD: wordpress + + wordpress: + depends_on: + - db + image: wordpress:latest + ports: + - "8000:80" + restart: always + environment: + WORDPRESS_DB_HOST: db:3306 + WORDPRESS_DB_USER: wordpress + WORDPRESS_DB_PASSWORD: wordpress + WORDPRESS_DB_NAME: wordpress +volumes: + db_data: {} + + +docker-compose up -d +docker container ls +docker-compose scale db=3 +docker container ls +docker-compose down +docker container ls +cp docker-compose.yml stack.yml +docker stack --help +docker stack deploy -c stack.yml mystack +docker stack ls +docker stack services mystack +docker service ps mystack_db +docker service ps mystack_wordpress +docker network ls +docker stack ls +docker stack rm mystack diff --git a/Ansible.pdf b/Ansible.pdf new file mode 100644 index 0000000..151770a Binary files /dev/null and b/Ansible.pdf differ diff --git a/Ansible/Ansible.pdf b/Ansible/Ansible.pdf new file mode 100644 index 0000000..151770a Binary files /dev/null and b/Ansible/Ansible.pdf differ diff --git a/Ansible/AnsibleCourseContent b/Ansible/AnsibleCourseContent deleted file mode 100644 index 8e55513..0000000 --- a/Ansible/AnsibleCourseContent +++ /dev/null @@ -1,110 +0,0 @@ -----------Ansible--------------- -Ansible Basics -Ansible vs. Other Tools -Very brief history and reason for development of Ansible -Brief comparison with Saltstack and others -Benefits and limitations of using Ansible -Introduction to YAML -YAML Examples - -2.The Essentials Of Configuration And Deployment - What we can do with Ansible - Our goals before, and our goals now - -3. Setting Up - Configuration - Inventory - - Playbooks: - - Ansible Playbooks - Configuring Your 'Ansible' Account - Ansible Command Line - System Facts - System Facts: Common Values for Playbooks - Our First Playbook -4. Quick Examples - Deploying configuration of Apache server - Managing changes in the configuration - -5. Outlining Your Playbook - Create a Playbook from Our Outline - Optimizing Your Playbook - Taking Our Playbook for a Dry Run - Asychronous Polling - Simple Variable Substitution - Lookups - RunOnce - Local Actions - Inclusion - Filters - Loops - Accelerated Mode - Asynchronous Actions - Pooling - Dry Run - Delegation, Rolling Updates and Local Actions - Promths - Tags - Vault - Running playbooks interactively - Until - Notify - Vault - Prompt - Interactive Playbook - Basic Include Statements - Tags - Basic Error Handling - Includes - Breaking Your Playbook Into Discrete Plays - Starting At Task or Stepping Through All Tasks - Passing Variables Into Playbooks at the Command Line - Using Jinja2 Templates - LocalAction - DelegateTo - -6. Dealing With Modules - Installing Modules - Overview of commonly used modules - Ansible Documentation: Modules - Setup and Configuration - Test Environment Setup - Download and Installation - Ansible Configuration File - Ansible Python Dependencies -7. Other - Ansible Tower - Ansible Galaxy - Testing Strategies - YAML Syntax -8. The HOSTS File - Overriding the Default HOSTS File - Overriding the Default System Ansible.Cfg File - Overriding the Default Roles Path -9. Roles - The Directory Structure - Role Based Tasks - Task Order - Pre and Post Tasks - Conditional Execution - Variable Substitution - Handlers - Using Notification - Configuring Alternate Roles Paths - Conditional Include Statements - Waiting For Events - Executing a Task Until - Using Tags - Breaking a Playbook Into a Role - Passing Variables from Command Line - Using Jinja2 Templates - DelegateTo - LocalAction -10.Variables: Inclusion Types - Target Section - Variable Section - Task Section - Handler Section -11. Ansible – Tower - Prerequisites To Install Ansible – Tower - Ansible – Tower Parameters - Installation Steps - Hands-On \ No newline at end of file diff --git a/Ansible/Ansible_Commands_StepByStep b/Ansible/Ansible_Commands_StepByStep index c1b59c6..9944e80 100644 --- a/Ansible/Ansible_Commands_StepByStep +++ b/Ansible/Ansible_Commands_StepByStep @@ -1,36 +1,60 @@ -kamalbeg@gmail.com -Configuration Management Tool -IaaCode -Inventory:-List of hosts -Frank--->100 Machine - Each every machine and installing Jdk 8 - Ansible-->Angentless +----------------------------Installation of Ansible--------------------------- +--BELOW STEPS ARE TO INSTALL ANSIBLE ON UBUNTU -Simple, agentless IT automation -that anyone can use +RUN BELOW COMMANDS ON MASTER ( LOGIN WITH ROOT USER) -----------------------------Installation of Ansible--------------------------- ---Commands to install Ansible on Master node +1. ssh-keygen +2. cat /root/.ssh/id_rsa.pub + copy the content of this file + +GOTO AGENT MACHINE + +1. open /root/.ssh/authorized_keys file and copy master ssh key at the end of this file + +RUN BELOW COMMANDS ON MASTER + +1. ssh <> +2. Before installing ansible package add ansible repository to your system + sudo apt-add-repository ppa:ansible/ansible +3. Run the update command before installing to update existing packages + sudo apt-get update +4. Now install the ansible package + sudo apt-get install ansible +5. You can check if you’re on the latest version of ansible by running the version command + sudo ansible --version + +SETUP HOST MACHINE ON MASTER + +1. To set up hosts you need to edit the hosts file in the ansible directory + cd /etc/ansible + vi hosts + +---BELOW STEPS ARE TO INSTALL ANSIBLE ON CENTOS SYSTEM +RUN BELOW COMMANDS ON MASTER ( LOGIN WITH ROOT USER) + +1. ssh-keygen +2. cat /root/.ssh/id_rsa.pub + copy the content of this file +GOTO AGENT MACHINE + +1. open /root/.ssh/authorized_keys file and copy master ssh key at the end of this file + +--BELOW STEPS ARE TO INSTALL ANSIBLE yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm yum install ansible + ansible --version + + + +SETUP HOST MACHINE ON MASTER + +1. To set up hosts you need to edit the hosts file in the ansible directory + cd /etc/ansible + vi hosts + ---Configuration to setup SSH on Client and Master Machine - --Remove the comments from the ssh/sshd_config file which is to be overwritten - vi etc/ssh/sshd_config - -- After making the changes restart the sshd - systemctl restart sshd - --Generate the public key on Master machine which is to shared with clients - ssh-keygen - --following file will be created at id_rsa.pub which contains the value of public key - cd /root/.ssh - cat id_rsa.pub - --Copy the content of id_rsa.pub file - --Goto Client Machine and got to /root/.ssh folder and append the master's public key to authorized_keys files - ---Add the hosts(IP addresses or in hosts file on the master machine under /etc/ansible folder - add client hosts --------------------Ansible Adhoc Commands--------------------------------- diff --git a/Ansible/README.md b/Ansible/README.md deleted file mode 100644 index 68d1864..0000000 --- a/Ansible/README.md +++ /dev/null @@ -1 +0,0 @@ -# Ansible-Commands diff --git a/Ansible/Roles b/Ansible/Roles index 8a33c52..010af24 100644 --- a/Ansible/Roles +++ b/Ansible/Roles @@ -23,24 +23,26 @@ main.yml # tasks file for apache - include: install.yml - include: configure.yml -- include: service.yml + #install.yml --- - name: installing httpd - yum: - name: httpd - state: present + - name: installing httpd + apt: + name: apache2 + state: present + #configure.yml --- -- name: httpd conf - copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf +- name: status + copy: src=status.txt dest=/tmp/status.txt notify: restart apache service - name: send the file - copy: src=index.html dest=/var/www/html/index.html + copy: src=test.html dest=/var/www/html/test.html + # copy the configuration file to files/ folder @@ -51,6 +53,12 @@ cp /etc/httpd/conf/httpd.conf . --- # handlers file for apache - name: restart apache service - service: name=httpd state=restarted - + service: name=apache2 state=restarted + +#Call the proceudre in the main yaml file + --- + - hosts: webservers + roles: + - apache + diff --git a/Chef/BootStrapNode.pdf b/Chef/BootStrapNode.pdf new file mode 100644 index 0000000..d0f4346 Binary files /dev/null and b/Chef/BootStrapNode.pdf differ diff --git a/Chef/Chef.txt b/Chef/Chef.txt new file mode 100644 index 0000000..c8e2785 --- /dev/null +++ b/Chef/Chef.txt @@ -0,0 +1,56 @@ +--Install Chefdk +curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chefdk -c stable -v 0.18.30 +--Check Chefdk version +chef --version +which chef + +------------------------First Receipe--------------- +Prog1: Create a Chef Reciepe which creates a file /hello.txt and add the content as Hello World + +Create a file hello.rb and write the following code + + file '/hello.txt' do + content 'Hello World' +end + +--Execute above code +sudo chef-client --local-mode hello.rb + +--Result :-Check /hello.txt file and that should exist with content Hello World + + +-----------------Resource Examples + +package 'httpd' do +action :install +end + + +service 'httpd' do +action [ :enable, :start ] +end' + +--------Chef Cookbook Examples + +chef --help +chef generate --help +chef generate cookbook --help + +Let's create a dir called cookbooks + +---Create a cookbook called workstation +chef generate cookbook cookbooks/workstation + +Create some reciepe in workstataion + +chef-client -z --runlist "workstation::setup" +chef-client -z -r "recipe[workstation::setup]" + +----How to include a recipe in another recipe +include_recipe 'workstation::setup' +chef-client -z -r "recipe[workstation]" + + +--------------Template Example +chef generate template cookbooks/workstation/ motd + diff --git a/Chef/chef.txt b/Chef/chef.txt new file mode 100644 index 0000000..151ad6f --- /dev/null +++ b/Chef/chef.txt @@ -0,0 +1,76 @@ +wget https://packages.chef.io/files/stable/chef-workstation/21.2.278/ubuntu/20.04/chef-workstation_21.2.278-1_amd64.deb +dpkg -i chef-workstation_21.2.278-1_amd64.deb +-----Verify the Installation +chef -v +--------Uninstall +sudo dpkg -P chef-workstation + + + +------------------------------------------------------------------- +Create first reciepe +------------------------------------------------------------------- +- Create file hello.rb + +file '/tmp/hello.txt' do + content 'testing' +end + +---Execute the script + chef-client -z hello.rb +------------------------------------------------------------------------- + +- Install apache (package.rb) +package 'apache2' do + action :install +end +----Execute Script + chef-client -z package.rb +-------------------------------------------------------------------------- +- UnInstall apache (package.rb) +package 'apache2' do + action :purge +end +----Execute Script + chef-client -z package.rb +-------------------------------------------------------------------------- +- setup.rb + +package 'tree' do + action :install +end + +package 'ntp' + +file '/etc/motd' do + content 'This server is the property of ...' +end + +service 'ntp' do + action [:enable, :start] +end + +----Execute Script + chef-client -z setup.rb +--------------------------------------------------------------------------- + +--------Chef Cookbook Examples + +chef --help +chef generate --help +chef generate cookbook --help +mkdir cookbooks +chef generate cookbook cookbooks/workstation +cp setup.rb cookbooks/workstation/recipes/ +chef-client -z --runlist "workstation::setup" +chef-client -z -r "recipe[workstation::setup]" + +----How to include a recipe in another recipe +open default.rb file and add following code + +include_recipe 'workstation::setup' + +To Execute it run the following command +chef-client -z -r "recipe[workstation]" + + diff --git a/Chef/template-files-and-ERB.pdf b/Chef/template-files-and-ERB.pdf new file mode 100644 index 0000000..aa8abf5 Binary files /dev/null and b/Chef/template-files-and-ERB.pdf differ diff --git a/DockerCommands/01_Services/files/1.1 Service_Create_Inspect_logs_ls.txt b/DockerCommands/01_Services/files/1.1 Service_Create_Inspect_logs_ls.txt new file mode 100644 index 0000000..2416b23 --- /dev/null +++ b/DockerCommands/01_Services/files/1.1 Service_Create_Inspect_logs_ls.txt @@ -0,0 +1,5 @@ +docker run -it alpine ping 172.31.15.233 +docker service --help + docker service create --name myservice -d alpine ping 172.31.15.233 +docker service inspect <> | less +docker service logs <> \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.10 ServiceUpdateAndRollback.txt b/DockerCommands/01_Services/files/1.10 ServiceUpdateAndRollback.txt new file mode 100644 index 0000000..528fa40 --- /dev/null +++ b/DockerCommands/01_Services/files/1.10 ServiceUpdateAndRollback.txt @@ -0,0 +1,7 @@ +docker service create --name redis --replicas 5 --update-delay 10s redis:3.0.6 +docker service ls +docker service ps redis +docker service update redis --image redis:3.0.7 +docker service update redis --image redis:21 +docker service ls +docker service rollback redis diff --git a/DockerCommands/01_Services/files/1.2_Service ps.txt b/DockerCommands/01_Services/files/1.2_Service ps.txt new file mode 100644 index 0000000..a1227b9 --- /dev/null +++ b/DockerCommands/01_Services/files/1.2_Service ps.txt @@ -0,0 +1,3 @@ + docker service create --name myservice -d --replicas 4 alpine ping <> + docker service ps myservice + remove containers on one of the worker node and find the status of the service \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.3_DockerSwarmVisualizer.txt b/DockerCommands/01_Services/files/1.3_DockerSwarmVisualizer.txt new file mode 100644 index 0000000..614e197 --- /dev/null +++ b/DockerCommands/01_Services/files/1.3_DockerSwarmVisualizer.txt @@ -0,0 +1,6 @@ + docker service create \ +> --name=viz \ +> --publish=8080:8080/tcp \ +> --constraint=node.role==manager \ +> --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \ +> dockersamples/visualizer \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.4Service scale.txt b/DockerCommands/01_Services/files/1.4Service scale.txt new file mode 100644 index 0000000..c07612b --- /dev/null +++ b/DockerCommands/01_Services/files/1.4Service scale.txt @@ -0,0 +1,3 @@ +docker service scale myservice=2 + docker service scale myservice=5 + docker service rm myservice \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.5 Service Port Mapping.txt b/DockerCommands/01_Services/files/1.5 Service Port Mapping.txt new file mode 100644 index 0000000..bd9ead4 --- /dev/null +++ b/DockerCommands/01_Services/files/1.5 Service Port Mapping.txt @@ -0,0 +1 @@ + docker service --name webservice create -d -p 80:80 nginx \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.6 Service global mode.txt b/DockerCommands/01_Services/files/1.6 Service global mode.txt new file mode 100644 index 0000000..bfd21b6 --- /dev/null +++ b/DockerCommands/01_Services/files/1.6 Service global mode.txt @@ -0,0 +1 @@ +docker service create --name webservice -d --mode=global --publish=80:80 nginx \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.7 Service Constraint.txt b/DockerCommands/01_Services/files/1.7 Service Constraint.txt new file mode 100644 index 0000000..8646ef5 --- /dev/null +++ b/DockerCommands/01_Services/files/1.7 Service Constraint.txt @@ -0,0 +1,8 @@ + docker service create --name webservice -d --constraint="node.role==manager" --publish=80:80 nginx + docker srevice scale webservice=2 + + Check the visualizer + + docker service create --name webservice -d --constraint="node.role==worker" --publish 80:80 nginx + + \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.8 Service Labels.txt b/DockerCommands/01_Services/files/1.8 Service Labels.txt new file mode 100644 index 0000000..0643d65 --- /dev/null +++ b/DockerCommands/01_Services/files/1.8 Service Labels.txt @@ -0,0 +1,12 @@ +docker node update --label-add="webserver=true" worker01 + + docker service create --name webservice -d --constraint="node.labels.webserver==true" --publish 80:80 nginx + + vi /etc/docker/daemon.json + +{ + "labels": ["name=testserver"] +} + +create service on label server +docker service create --name webservice1 -d --constraint="engine.labels.name==testserver" --publish 84:80 nginx \ No newline at end of file diff --git a/DockerCommands/01_Services/files/1.9 Node Availability.txt b/DockerCommands/01_Services/files/1.9 Node Availability.txt new file mode 100644 index 0000000..8c32f27 --- /dev/null +++ b/DockerCommands/01_Services/files/1.9 Node Availability.txt @@ -0,0 +1,5 @@ +docker node update --availability=pause worker02 + +docker node update --availability=active worker02 + +docker node update --availability=drain worker02 \ No newline at end of file diff --git a/DockerCommands/1.1 Swarm Backup and Restore.txt b/DockerCommands/1.1 Swarm Backup and Restore.txt new file mode 100644 index 0000000..2163381 --- /dev/null +++ b/DockerCommands/1.1 Swarm Backup and Restore.txt @@ -0,0 +1,8 @@ +systemctl stop docker +tar -zcvf swarm.tar.gz swarm/ +systemctl start docker + docker node ls + systemctl stop docker +rm -fr swarm +tar -xvzf swarm.tar.gz +systemctl start docker \ No newline at end of file diff --git a/DockerCommands/1.1_Task1.txt b/DockerCommands/1.1_Task1.txt new file mode 100644 index 0000000..b8865c9 --- /dev/null +++ b/DockerCommands/1.1_Task1.txt @@ -0,0 +1,8 @@ +---Task:-1 + +Create two containers on bridge network which uses front-end application as a docker image "whizlabs/webapp" and another container which refers to "whizlabs/mysql" docker image. Modify the code of webapp such that it uses the mysql connectionstring/database/tables from other running container. + +---Solution + +docker run --name webapp -it -p 80:80 -d whizlabs/webapp +docker run --name db -it -d whizlabs/mysql \ No newline at end of file diff --git a/DockerCommands/1.2 DockerStackCommands.txt b/DockerCommands/1.2 DockerStackCommands.txt new file mode 100644 index 0000000..7996582 --- /dev/null +++ b/DockerCommands/1.2 DockerStackCommands.txt @@ -0,0 +1,51 @@ +sudo curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose +chmod +x /usr/local/bin/docker-compose + docker-compose --version + +#docker-compose.yml +version: '3.3' + +services: + db: + image: mysql:5.7 + volumes: + - db_data:/var/lib/mysql + restart: always + environment: + MYSQL_ROOT_PASSWORD: somewordpress + MYSQL_DATABASE: wordpress + MYSQL_USER: wordpress + MYSQL_PASSWORD: wordpress + + wordpress: + depends_on: + - db + image: wordpress:latest + ports: + - "8000:80" + restart: always + environment: + WORDPRESS_DB_HOST: db:3306 + WORDPRESS_DB_USER: wordpress + WORDPRESS_DB_PASSWORD: wordpress + WORDPRESS_DB_NAME: wordpress +volumes: + db_data: {} + + +docker-compose up -d +docker container ls +docker-compose scale db=3 +docker container ls +docker-compose down +docker container ls +cp docker-compose.yml stack.yml +docker stack --help +docker stack deploy -c stack.yml mystack +docker stack ls +docker stack services mystack +docker service ps mystack_db +docker service ps mystack_wordpress +docker network ls +docker stack ls +docker stack rm mystack diff --git a/DockerCommands/1.2_Docker Secret Commands.txt b/DockerCommands/1.2_Docker Secret Commands.txt new file mode 100644 index 0000000..44aafca --- /dev/null +++ b/DockerCommands/1.2_Docker Secret Commands.txt @@ -0,0 +1,7 @@ +printf "password" | docker secret create my_secret_data - +docker service create --name redis --secret my_secret_data redis:alpine +docker service rm redis +docker service create --name redis --secret my_secret_data redis:alpine +docker service ps redis + +docker service create --name dbpass --secret my_secret_data -d -e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/my_secret_data mysql diff --git a/DockerCommands/1.2_Task2.txt b/DockerCommands/1.2_Task2.txt new file mode 100644 index 0000000..345e0a1 --- /dev/null +++ b/DockerCommands/1.2_Task2.txt @@ -0,0 +1,23 @@ +---Task:-2 + +Create a docker a service webapp which refers to whizlabs/webapp ( it is a custom php application) for the front-end and another service db( it is a mysql image) on which webapp depends called db using docker compose file. + +---Solution +create docker-compose.yml file with following code + +version: '3.3' + +services: + db: + image: whizlabs/mysql + + webapp: + depends_on: + - db + image: whizlabs/webapp + ports: + - "80:80" + +Now run the docker compose with following command + +docker-compose up -d \ No newline at end of file diff --git a/DockerCommands/1.3_Task3.txt b/DockerCommands/1.3_Task3.txt new file mode 100644 index 0000000..d7decd1 --- /dev/null +++ b/DockerCommands/1.3_Task3.txt @@ -0,0 +1,7 @@ +Task:-3 + +Create docker swarm services using docker stack to implement webapp (whizlabs/webapp )and db app (whizlabs/mysql) on docker swarm cluster. + +Solution:-- + cp docker-compose.yml mystack.yml + docker stack deploy -c mystack.yml mystack \ No newline at end of file diff --git a/DockerCommands/Docker Swarm.pdf b/DockerCommands/Docker Swarm.pdf new file mode 100644 index 0000000..3713ca3 Binary files /dev/null and b/DockerCommands/Docker Swarm.pdf differ diff --git a/DockerCommands/docker b/DockerCommands/docker index d61af2e..56aebc8 100644 --- a/DockerCommands/docker +++ b/DockerCommands/docker @@ -1,20 +1,46 @@ Docker:-Container -apt-get update -apt-get install docker.io +Installation Steps on Ubuntu + 1 apt update + 2 apt install docker.io -y + 3 docker --version + 4 docker info + 5 systemctl status docker + +Installation Steps on Centos + 1 yum update -y + 2 yum install -y yum-utils + 3 yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo + 4 yum install docker-ce docker-ce-cli containerd.io + 5 systemctl status docker + 6 systemctl start docker + 7 systemctl status docker + 8 docker --version + 9 docker info + 10 docker version + docker --version +docker version +docker info +docker docker hub--->docker engine-->Docker images---> run,stop,deleted docker pull ubuntu docker images //list all the images downloaded on your system docker run -it -d ubuntu //it interactive d demon when images are running it is called containers + sudo docker run -m 4m -dit --name web1 nginx # running the container with a limit of 4mb + sudo docker run -c 614 -dit --name db postgres /postgres.sh + sudo docker run -c 410 -dit --name web nginx /nginx.sh +#Will give 60% to the db container (614 is 60% of 1024) and 40% to the web containe docker ps // list running images docker stop <> container id docker ps -a //list all the continers docker kill <> to stop or kill forcefully docker rm <> to remove the container docker exec -it d9a77afafa3b bash - + docker run -it --name test ubuntu + create a user using adduser + docker exec -it -u raman test bash docker rmi 47b19964fb50 //remove the images @@ -49,6 +75,20 @@ docker commit 99f528fc4261 ramansharma95/apache docker push ramansharma95/apache check in the docker hub + ---docker save and load command + + + docker save mywebserver > mywebserver.tar + docker load < mywebserver.tar + + -----------Create Local Docker registry + + docker container run -d -p 5000:5000 --name local_registry registry + http://:5000/v2/_catalog + docker container inspect local_registry + docker image tag ubuntu localhost:5000/ubuntu:latest + docker image push localhost:5000/ubuntu + docker image pull localhost:5000/ubuntu --------Docker file @@ -68,11 +108,53 @@ docker commit 99f528fc4261 ramansharma95/apache Create a docker file Dockerfile FROM ubuntu +ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update RUN apt-get -y install apache2 ADD . /var/www/html ENTRYPOINT apachectl -D FOREGROUND -ENV name DEVOPS raman +ENV name DEVOPS + + +# Base image is CentOS 7 +FROM centos:7 +# Add a new user "john" with user id 8877 +RUN useradd -u 8877 raman +# Change to non-root privilege +USER raman + +sudo docker build -t nonrootimage . # create custom image +docker exec -it test2 bash + +#Eample of COPY and ADD +FROM centos:7.4.1708 +RUN mkdir /mydata +COPY myfiles /mydata/myfiles +ADD myfiles2 /mydata/myfile2 +ADD https://xxx/pip-18.1.tar.gz /mydata +ADD pip-18.1.tar.gz /mydata/pipunpack + +# CMD and ENTRYPOINT +FROM ubuntu +CMD echo "Hello World" + +docker build . -t img1 #Created the image from above Dockerfile +docker run -it img1 # it will return Hello World +docker run -it img1 echo "Hello India" # it will overwrite the CMD and Print Hello India + +FROM ubuntu +ENTRYPOINT ["echo","Hello World"] +docker build . -t img1 #Created the image from above Dockerfile +docker run -it img1 # it will return Hello World +docker run -it img1 echo "Hello India" # it will not overwrite the ENTRYPOINT and Print Hello World echo Hello India + +FROM ubuntu +ENTRYPOINT ["echo"] +CMD ["Hello World"] +docker build . -t img1 #Created the image from above Dockerfile +docker run -it img1 # it will return Hello World + +docker build . -f abc -t img8 # abc is the file name which represents the dockerfile contents Create an html file in the current directory.(index.html) Build the docker file @@ -92,6 +174,7 @@ Docker Volume :- is a mountable entity which can be used to store data, in the d docker volume ls //to list the volumes docker run -it --mount source=demo-vol,destination=/app -d ubuntu + docker run -it --mount source=demo-vol,destination=/test --mount source=demo-vol1,destination=/test1 -d ubuntu remove the container attach volume to another container Bind Mounts :- mounts a directory from host machine to the container @@ -121,9 +204,23 @@ chmod +x /usr/local/bin/docker-compose args -sleep -"1000" - - To run the compose file + --------------------------Create a compose file to run db and we app ( file name should be docker-compose.yml) +version: '3.3' + +services: + db: + image: ramansharma95/mysql + web: + depends_on: + - db + image: ramansharma95/webapp + + To execute compose file docker-compose up -d + To remove the services for docker compose + docker-compose down + + Container Orchestration Applications are typically made up of indviually containerized components( microservices) that must be orgainsed on networking level in order @@ -197,7 +294,69 @@ mysql> select * from emp; +------+---------+ 1 row in set (0.00 sec) +---------------------- +Stack and Compose +sudo curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose +chmod +x /usr/local/bin/docker-compose + docker-compose --version + +#docker-compose.yml +version: '3.3' + +services: + db: + image: mysql:5.7 + volumes: + - db_data:/var/lib/mysql + restart: always + environment: + MYSQL_ROOT_PASSWORD: somewordpress + MYSQL_DATABASE: wordpress + MYSQL_USER: wordpress + MYSQL_PASSWORD: wordpress + + wordpress: + depends_on: + - db + image: wordpress:latest + ports: + - "8000:80" + restart: always + environment: + WORDPRESS_DB_HOST: db:3306 + WORDPRESS_DB_USER: wordpress + WORDPRESS_DB_PASSWORD: wordpress + WORDPRESS_DB_NAME: wordpress +volumes: + db_data: {} + + +docker-compose up -d +docker container ls +docker-compose scale db=3 +docker container ls +docker-compose down +docker container ls +cp docker-compose.yml stack.yml +docker stack --help +docker stack deploy -c stack.yml mystack +docker stack ls +docker stack services mystack +docker service ps mystack_db +docker service ps mystack_wordpress +docker network ls +docker stack ls +docker stack rm mystack +---------------------service update + +docker service create --name redis --replicas 5 --update-delay 10s redis:3.0.6 +docker service ls +docker service ps redis +docker service update redis --image redis:3.0.7 +docker service update redis --image redis:21 +docker service ls +docker service rollback redis diff --git a/DockerCommands/docker commands.docx b/DockerCommands/docker commands.docx new file mode 100644 index 0000000..b773f35 Binary files /dev/null and b/DockerCommands/docker commands.docx differ diff --git a/DockerCommands/docker registry.txt b/DockerCommands/docker registry.txt new file mode 100644 index 0000000..b9eb9f9 --- /dev/null +++ b/DockerCommands/docker registry.txt @@ -0,0 +1,33 @@ + mkdir certs + cd certs + openssl req -newkey rsa:4096 -nodes -sha256 -keyout domain.key -x509 -days 365 -out domain.crt + cd /etc/docker/certs.d + mkdir repo.docker.local:5000 + cd repo.docker.local\:5000/ + cp /home/ubuntu/certs/domain.crt ca.crt + systemctl restart docker +docker container run -d --name secure_registry -p 5000:5000 -v /home/ubuntu/certs/:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key registry + +create image with repo.docker.local:5000 and push it + +Basic Authentication + +mkdir auth +docker container run --entrypoint htpasswd registry:2.7.0 -bnB raman password >auth/htpasswd + + +docker run -d \ + -p 5000:5000 \ + --restart=always \ + --name registry_basic \ + -v /home/ubuntu/auth:/auth \ + -v /home/ubuntu/certs:/certs \ + -e "REGISTRY_AUTH=htpasswd" \ + -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ + -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ + -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \ + -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \ + registry:2.7.0 + +docker login repo.docker.local:5000 + diff --git a/DockerService.txt b/DockerService.txt new file mode 100644 index 0000000..16e3520 --- /dev/null +++ b/DockerService.txt @@ -0,0 +1,67 @@ +Service +--1 +docker run -it alpine ping 172.31.15.233 +docker service --help + docker service create --name myservice -d alpine ping 172.31.15.233 +docker service inspect <> | less +docker service logs <> + + +--2 + docker service create --name myservice -d --replicas 4 alpine ping 172.31.15.233 + docker service ps myservice + remove containers on one of the worker node and find the status of the service + +--3 + docker service create \ +> --name=viz \ +> --publish=8080:8080/tcp \ +> --constraint=node.role==manager \ +> --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \ +> dockersamples/visualizer + +--4 + docker service scale myservice=2 + docker service scale myservice=5 + docker service rm myservice +--5 + docker service --name webservice create -d -p 80:80 nginx + now you can access it on any worker node +--6 + docker service create --name webservice -d --mode=global --publish=80:80 nginx + remove a woker node and check the visualizer + add it again you will find the one replica is created on the worker node +--7 labels and constraint + + docker service create --name webservice -d --constraint="node.role==manager" --publish=80:80 nginx + docker srevice scale webservice=2 + Check the visualizer + docker service create --name webservice -d --constraint="node.role==worker" --publish 80:80 nginx + + docker node update --label-add="webserver=true" worker01 + docker service create --name webservice -d --constraint="node.labels.webserver==true" --publish 80:80 nginx + if we create same label to worker02 will the load shifted to worker 02 or not ans is not because you have to se the labels upfront + + now create the labels on engine level + + goto worker node2 + vi /etc/docker/daemon.json + +{ + "labels": ["name=testserver"] +} + +create service on label server +docker service create --name webservice1 -d --constraint="engine.labels.name==testserver" --publish 84:80 nginx + +--8 node availbility +docker node update --availability=pause worker02 +now the new containers will not be creating on worker02 +docker node update --availability=active worker02 + +docker node update --availability=drain worker02 # now the nodes are moved to other worker nodes or manager nodes + + +~ + + \ No newline at end of file diff --git a/ELK Stack.pptx b/ELK Stack.pptx new file mode 100644 index 0000000..df4a04a Binary files /dev/null and b/ELK Stack.pptx differ diff --git a/Final-Project.docx b/Final-Project.docx new file mode 100644 index 0000000..8563a4b Binary files /dev/null and b/Final-Project.docx differ diff --git a/Final-Project.pdf b/Final-Project.pdf deleted file mode 100644 index 4bc182f..0000000 Binary files a/Final-Project.pdf and /dev/null differ diff --git a/Git/gitCommands.txt b/Git/gitCommands.txt index 9843c81..afa4e05 100644 --- a/Git/gitCommands.txt +++ b/Git/gitCommands.txt @@ -2,12 +2,17 @@ git --version git init git add . -git config color.ui true git remote add origin https://github.com/ramansharma95/MorningDevops.git - git push origin master - +------Revert back the changes +1. git checkout --file to revert back the changes for the working directory + eg make the changes of a file say 1.txt and it will show as the untracked file..Now you want to revert back these changes then write the command + git checkout -- 1.txt + git checkout . to revert back the changes for all the untracked filess +2. git reset HEAD 1.txt This command will unstage 1.txt from staging area + git reset Head * This command will unstage all the files from the staging area + 1.Create a directory devops and change to directory devops diff --git a/Jenkins/JenkinsInstallationSteps.txt b/Jenkins/JenkinsInstallationSteps.txt index aa0a6e1..be2da85 100644 --- a/Jenkins/JenkinsInstallationSteps.txt +++ b/Jenkins/JenkinsInstallationSteps.txt @@ -1,13 +1,15 @@ sudo apt update sudo apt install openjdk-8-jdk -wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add - - -sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list' - -sudo apt update -sudo apt install jenkins - +1 apt install openjdk-8-jdk -y + + 2 wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add - + 3 sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list' + XX 4 sudo add-apt-repository universe + XX 5 sudo gpg --keyserver http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key --recv-keys https://pkg.jenkins.io/debian/jenkins.io.key + 6 apt-get update + 7 sudo apt-get install jenkins -y + systemctl status jenkins sudo ufw allow 8080 diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..2a0bfc5 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,22 @@ +pipeline { + agent any + stages { + stage('One') { + steps { + echo 'Hi, this is Zulaikha from devops' + } + } + stage('Two') { + steps { + input('Do you want to proceed?') + } + } + stage('Three') { + + steps { + echo "Hello 3" + } + + } + } +} diff --git a/Kubernetes/01_Kubernetes-Introduction.pdf b/Kubernetes/01_Kubernetes-Introduction.pdf new file mode 100644 index 0000000..cf181eb Binary files /dev/null and b/Kubernetes/01_Kubernetes-Introduction.pdf differ diff --git a/Kubernetes/02_Kubernetes-Installation.pdf b/Kubernetes/02_Kubernetes-Installation.pdf new file mode 100644 index 0000000..ff06c16 Binary files /dev/null and b/Kubernetes/02_Kubernetes-Installation.pdf differ diff --git a/Kubernetes/05_Kubernetes-Namespaces.pdf b/Kubernetes/05_Kubernetes-Namespaces.pdf new file mode 100644 index 0000000..7d066f4 Binary files /dev/null and b/Kubernetes/05_Kubernetes-Namespaces.pdf differ diff --git a/Kubernetes/05_Kubernetes-Volumes .pdf b/Kubernetes/05_Kubernetes-Volumes .pdf new file mode 100644 index 0000000..7452353 Binary files /dev/null and b/Kubernetes/05_Kubernetes-Volumes .pdf differ diff --git a/Kubernetes/Docker and Kubernetes Case Studies.docx b/Kubernetes/Docker and Kubernetes Case Studies.docx new file mode 100644 index 0000000..1037fba Binary files /dev/null and b/Kubernetes/Docker and Kubernetes Case Studies.docx differ diff --git a/Kubernetes/Exercises.xlsx b/Kubernetes/Exercises.xlsx new file mode 100644 index 0000000..044809f Binary files /dev/null and b/Kubernetes/Exercises.xlsx differ diff --git a/Kubernetes/K8sAssignment.txt b/Kubernetes/K8sAssignment.txt new file mode 100644 index 0000000..101632a --- /dev/null +++ b/Kubernetes/K8sAssignment.txt @@ -0,0 +1,10 @@ +1. Create a 3 node setup of Kubernetes Master and Slave +2. Use the docker image which you created Docker 1 assignment +3. Deploy 2 pods with the same container but different index.html content, modify the content from the above github to the following: +Pod 1: “Welcome to Pod 1” +Pod 2: “Welcome to Pod 2” +4. Each pod should have 2 replicas +5. Create the desired services for these pods +6. Setup path based routing on these services, which can be accessed from the outside +“/pod1” -> service 1 +“/pod2” -> service \ No newline at end of file diff --git a/Kubernetes/Kubernetes Demo Files/10.Load-Balancer.txt b/Kubernetes/Kubernetes Demo Files/10.Load-Balancer.txt index 7cd4282..857f222 100644 --- a/Kubernetes/Kubernetes Demo Files/10.Load-Balancer.txt +++ b/Kubernetes/Kubernetes Demo Files/10.Load-Balancer.txt @@ -1,7 +1,7 @@ ******************************************************************* * -* Demo: Load Balancer Service | Srinath Challa +* Demo: Load Balancer Service | Raman * * ******************************************************************* @@ -55,7 +55,7 @@ spec: ******************************************************************* 2. Create & Display: Deployment & Load Balancer Service -kubectl create f nginx-deploy.yaml +kubectl create –f nginx-deploy.yaml kubectl create -f lb.yaml kubectl get pod -l app=nginx-app kubectl get deploy -l app=nginx-app @@ -95,7 +95,7 @@ http://nodeip:nodeport/test.html ******************************************************************* 4. Cleanup -kubectl delete f nginx-deploy.yaml +kubectl delete –f nginx-deploy.yaml kubectl delete -f lb.yaml kubectl get pod kubectl get deploy diff --git a/Kubernetes/Kubernetes Demo Files/11.ClusterIP.txt b/Kubernetes/Kubernetes Demo Files/11.ClusterIP.txt index 8d9e735..d2edb50 100644 --- a/Kubernetes/Kubernetes Demo Files/11.ClusterIP.txt +++ b/Kubernetes/Kubernetes Demo Files/11.ClusterIP.txt @@ -1,8 +1,7 @@ ************************************************************************************************************************************************* * -* Demo: ClusterIP Service | Srinath Challa -* +* Demo: ClusterIP Service | Raman * ************************************************************************************************************************************************* @@ -255,4 +254,4 @@ kubectl get svc kubectl get pods ******************************************************************* - \ No newline at end of file + diff --git a/Kubernetes/Kubernetes Demo Files/12.emptyDir.txt b/Kubernetes/Kubernetes Demo Files/12.emptyDir.txt index bfbc56a..a79f756 100644 --- a/Kubernetes/Kubernetes Demo Files/12.emptyDir.txt +++ b/Kubernetes/Kubernetes Demo Files/12.emptyDir.txt @@ -1,6 +1,6 @@ ******************************************************************* . -. Demo: emptyDir | Srinath Challa +. Demo: emptyDir | Raman . ******************************************************************* 1. Pod with emptyDir Volume YAML (example) diff --git a/Kubernetes/Kubernetes Demo Files/2.ConfigMap.txt b/Kubernetes/Kubernetes Demo Files/2.ConfigMap.txt index 06d6736..292ab89 100644 --- a/Kubernetes/Kubernetes Demo Files/2.ConfigMap.txt +++ b/Kubernetes/Kubernetes Demo Files/2.ConfigMap.txt @@ -15,8 +15,8 @@ Overview: 2. Creating Configmap from "literal values" & Consuming it inside Pod from "environment variables" - 2a. Create configmap redis-configmap-env from "literal values" - 2b. Consume redis-configmap-env configmap inside pod from Environment Variables inside pod + 2a. Create configmap “redis-configmap-env” from "literal values" + 2b. Consume “redis-configmap-env” configmap inside pod from “Environment Variables” inside pod 2c. Create | Display | Validate 3. Cleanup @@ -41,7 +41,7 @@ kubectl create configmap nginx-configmap-vol --from-file=file-1.txt --from-file= kubectl get configmaps kubectl get configmaps nginx-configmap-vol -o yaml kubectl describe configmaps nginx-configmap-vol - +kubectl create configmap nginx-configmap-vol --from-file=file-1.txt -o yaml --dry-run | kubectl replace -f - ========================================================== 1b. Consume above "nginx-configmap-vol" configmap inside Pod from "volumes" @@ -106,7 +106,7 @@ kubectl exec nginx-pod-configmap-vol cat /etc/non-sensitive-data/file-b.txt 2. Creating Configmap from "literal values" & Consuming it inside Pod from "environment variables" -2a. Create configmap redis-configmap-env from "literal values" +2a. Create configmap “redis-configmap-env” from "literal values" ----------------------------------------------------------------- kubectl create configmap redis-configmap-env --from-literal=file.1=file.a --from-literal=file.2=file.b @@ -116,7 +116,7 @@ kubectl describe configmap redis-configmap-env =============================================================================== -2b. Consume redis-configmap-env configmap inside pod from Environment Variables inside pod +2b. Consume “redis-configmap-env” configmap inside pod from “Environment Variables” inside pod ----------------------------------------------------------------------------------------------- # redis-pod-configmap-env.yaml @@ -164,6 +164,70 @@ exit # Validate from "outside" the pod kubectl exec redis-pod-configmap-env env | grep FILE +******************************************************************************************************************************************* +#cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: game-demo +data: + # property-like keys; each key maps to a simple value + player_initial_lives: "3" + ui_properties_file_name: "user-interface.properties" + # + # file-like keys + game.properties: | + enemy.types=aliens,monsters + player.maximum-lives=5 + user-interface.properties: | + color.good=purple + color.bad=yellow + allow.textmode=true + +kubectl create -f cm.yaml +kubectl get cm + +# To consume the Config map create below pod +#podcm.yaml +apiVersion: v1 +kind: Pod +metadata: + name: configmap-demo-pod +spec: + containers: + - name: demo + image: nginx + env: + # Define the environment variable + - name: PLAYER_INITIAL_LIVES # Notice that the case is different here + # from the key name in the ConfigMap. + valueFrom: + configMapKeyRef: + name: game-demo # The ConfigMap this value comes from. + key: player_initial_lives # The key to fetch. + - name: UI_PROPERTIES_FILE_NAME + valueFrom: + configMapKeyRef: + name: game-demo + key: ui_properties_file_name + volumeMounts: + - name: config + mountPath: "/config" + readOnly: true + volumes: + # You set volumes at the Pod level, then mount them into containers inside that Pod + - name: config + configMap: + # Provide the name of the ConfigMap you want to mount. + name: game-demo + # An array of keys from the ConfigMap to create as files + items: + - key: "game.properties" + path: "game.properties" + - key: "user-interface.properties" + path: "user-interface.properties" + +kubectl create -f podcm.yaml ************************************************************************************************************************************************* @@ -182,4 +246,4 @@ kubectl get configmaps ************************************************************************************************************************************************* - \ No newline at end of file + diff --git a/Kubernetes/Kubernetes Demo Files/3.Secrets.txt b/Kubernetes/Kubernetes Demo Files/3.Secrets.txt index d364de8..b2439dc 100644 --- a/Kubernetes/Kubernetes Demo Files/3.Secrets.txt +++ b/Kubernetes/Kubernetes Demo Files/3.Secrets.txt @@ -15,8 +15,8 @@ Overview: 2. Create Secret "manually" using YAML file & Consuming it from "environment variables" inside Pod - 2a. Create secret redis-secret-env using YAML file: - 2b. Consume redis-secret-env secret from Environment Variables inside pod + 2a. Create secret “redis-secret-env” using YAML file: + 2b. Consume “redis-secret-env” secret from “Environment Variables” inside pod 2c. Create | Display | Validate 3. Cleanup @@ -123,7 +123,7 @@ kubectl describe secret redis-secret-env =============================================================================== -2b. Consuming redis-secret-env secret from Environment Variables inside pod +2b. Consuming “redis-secret-env” secret from “Environment Variables” inside pod -------------------------------------------------------------------------------- # redis-pod-secret-env.yaml @@ -171,7 +171,11 @@ exit # Validate from "outside" the pod kubectl exec redis-pod-secret-env env | grep SECRET +*************************************************************************** +#Decode the secrets +kubectl get secret redis-secret-env -o yaml +echo 'cGEkJHcwMHJk' | base64 --decode ************************************************************************************************************************************************* 3. Cleanup @@ -189,4 +193,4 @@ kubectl get secrets ************************************************************************************************************************************************* - \ No newline at end of file + diff --git a/Kubernetes/Kubernetes Demo Files/5.ReplicaSet.txt b/Kubernetes/Kubernetes Demo Files/5.ReplicaSet.txt index a33784c..3e27e91 100644 --- a/Kubernetes/Kubernetes Demo Files/5.ReplicaSet.txt +++ b/Kubernetes/Kubernetes Demo Files/5.ReplicaSet.txt @@ -1,7 +1,7 @@ ******************************************************************* . -. Demo: ReplicaSet | youtube.com/SrinathChalla +. Demo: ReplicaSet | Raman Sharma . ******************************************************************* @@ -41,7 +41,7 @@ kubectl get po -o wide kubectl get po -l app=nginx-app kubectl get rs nginx-rs -o wide kubectl describe rs nginx-rs - +kubectl get po -l 'tier in (frontend)' ******************************************************************* # 3. Automatic Pod Reschedule @@ -76,4 +76,4 @@ kubectl get po -l app=nginx-app - \ No newline at end of file + diff --git a/Kubernetes/Kubernetes Demo Files/7-pod-quota-mem-exceed.yaml b/Kubernetes/Kubernetes Demo Files/7-pod-quota-mem-exceed.yaml new file mode 100644 index 0000000..e42e21a --- /dev/null +++ b/Kubernetes/Kubernetes Demo Files/7-pod-quota-mem-exceed.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: mem-limit + namespace: quota-demo-ns +spec: + containers: + - name: memlimit + image: polinux/stress + resources: + limits: + memory: "200Mi" + command: ["stress"] + args: ["--vm", "1", "--vm-bytes", "150M", "--vm-hang", "1"] diff --git a/Kubernetes/Kubernetes Demo Files/7-pod-quota-mem.yaml b/Kubernetes/Kubernetes Demo Files/7-pod-quota-mem.yaml new file mode 100644 index 0000000..eb86b85 --- /dev/null +++ b/Kubernetes/Kubernetes Demo Files/7-pod-quota-mem.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Pod +metadata: + name: nginx + namespace: quota-demo-ns +spec: + containers: + - image: nginx + name: nginx diff --git a/Kubernetes/Kubernetes Demo Files/7-quota-count.yaml b/Kubernetes/Kubernetes Demo Files/7-quota-count.yaml new file mode 100644 index 0000000..0c9e0b0 --- /dev/null +++ b/Kubernetes/Kubernetes Demo Files/7-quota-count.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ResourceQuota +metadata: + name: quota-demo1 + namespace: quota-demo-ns +spec: + hard: + pods: "2" + configmaps: "1" diff --git a/Kubernetes/Kubernetes Demo Files/7-quota-limitrange.yaml b/Kubernetes/Kubernetes Demo Files/7-quota-limitrange.yaml new file mode 100644 index 0000000..7f2de09 --- /dev/null +++ b/Kubernetes/Kubernetes Demo Files/7-quota-limitrange.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: LimitRange +metadata: + name: mem-limitrange + namespace: quota-demo-ns +spec: + limits: + - default: + memory: 300Mi + defaultRequest: + memory: 50Mi + type: Container diff --git a/Kubernetes/Kubernetes Demo Files/7-quota-mem.yaml b/Kubernetes/Kubernetes Demo Files/7-quota-mem.yaml new file mode 100644 index 0000000..4b32173 --- /dev/null +++ b/Kubernetes/Kubernetes Demo Files/7-quota-mem.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ResourceQuota +metadata: + name: quota-demo-mem + namespace: quota-demo-ns +spec: + hard: + limits.memory: "500Mi" diff --git a/Kubernetes/Kubernetes Demo Files/8.Jobs.txt b/Kubernetes/Kubernetes Demo Files/8.Jobs.txt index 7b13908..e311500 100644 --- a/Kubernetes/Kubernetes Demo Files/8.Jobs.txt +++ b/Kubernetes/Kubernetes Demo Files/8.Jobs.txt @@ -49,4 +49,33 @@ kubectl get po ************************************************************************************************************************************************* +**************Cron Job*********************** +#cronjob.yaml +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: cronjob +spec: + schedule: "* * * * *" + successfulJobsHistoryLimit: 2 + failedJobsHistoryLimit: 1 + suspend: true + jobTemplate: + spec: + template: + spec: + containers: + - name: busybox + image: busybox + command: ["echo", "Hello world"] + restartPolicy: Never + +kubectl create -f cronjob.yaml + +kubectl patch cronjob cronjob -p '{"spec":{"suspend":false}}' + +concurrencyPolicy: Allow,Forbid,Replace +Allow to allow multiple jobs runs at a time +Forbid to wait a running job to finish first and then execute another instance of the job +Replace to replace an existing job. diff --git a/Kubernetes/Kubernetes Demo Files/rbac.txt b/Kubernetes/Kubernetes Demo Files/rbac.txt new file mode 100644 index 0000000..3f28099 --- /dev/null +++ b/Kubernetes/Kubernetes Demo Files/rbac.txt @@ -0,0 +1,67 @@ +kubectl create ns finance +openssl genrsa -out john.key 2048 # it will create a private key +openssl req -new -key john.key -out john.csr -subj "/CN=john/O=javadeveloper" + +openssl x509 -req -in john.csr -CA /etc/kubernetes/pki/ca.crt -CAkey /etc/kubernetes/pki/ca.key -CAcreateserial -out john.crt -days 500 + +#Create a role for namespace finance with resource permission +#role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: finance + name: deployment-manager +rules: +- apiGroups: ["","extensions","apps"] + # + # at the HTTP level, the name of the resource for accessing ConfigMap + # objects is "configmaps" + resources: ["deployments","replicasets","pods"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + +kubectl create -f role.yaml + + +#rolebinding.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +# This role binding allows "jane" to read pods in the "default" namespace. +# You need to already have a Role named "pod-reader" in that namespace. +kind: RoleBinding +metadata: + name: deployment-manager-binding + namespace: finance +subjects: +# You can specify more than one "subject" +- kind: User + name: john + apiGroup: "" +roleRef: + # "roleRef" specifies the binding to a Role / ClusterRole + kind: Role #this must be Role or ClusterRole + name: deployment-manager # this must match the name of the Role or ClusterRole you wish to bind to + apiGroup: "" + +kubectl create -f rolebinding.yaml + +kubectl config set-credentials john --client-certificate=/home/ubuntu/temp/john.crt --client-key=/home/ubuntu/temp/john.key + +kubectl config set-context developer-context --cluster=kubernetes --namespace=finace --user=john + +----Install client +curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl + + chmod +x ./kubectl + + sudo mv ./kubectl /usr/local/bin/kubectl + kubectl version --client + + + ls ./kube + kubectl --kubeconfig config cluster-info + kubectl --kubeconfig config config view + kubectl --kubeconfig config config view -o jsonpath='{.contexts[*].name}' + + kubectl --kubeconfig config get pods -n finance + kubectl --kubeconfig config run nginx-pod --image=nginx -n finance + kubectl --kubeconfig config get pods -n finance diff --git a/Kubernetes/Kubernetes Introduction and Installation.pdf b/Kubernetes/Kubernetes Introduction and Installation.pdf new file mode 100644 index 0000000..d4942fb Binary files /dev/null and b/Kubernetes/Kubernetes Introduction and Installation.pdf differ diff --git a/Kubernetes/Kubernetes Node Architecture.pdf b/Kubernetes/Kubernetes Node Architecture.pdf deleted file mode 100644 index 489dbc9..0000000 Binary files a/Kubernetes/Kubernetes Node Architecture.pdf and /dev/null differ diff --git a/Kubernetes/Kubernetes-Cheat-Sheet_07182019.pdf b/Kubernetes/Kubernetes-Cheat-Sheet_07182019.pdf new file mode 100644 index 0000000..74b731a Binary files /dev/null and b/Kubernetes/Kubernetes-Cheat-Sheet_07182019.pdf differ diff --git a/Kubernetes/KubernetesDashBoard.txt b/Kubernetes/KubernetesDashBoard.txt new file mode 100644 index 0000000..2021868 --- /dev/null +++ b/Kubernetes/KubernetesDashBoard.txt @@ -0,0 +1,18 @@ +kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.1/aio/deploy/recommended.yaml +kubectl get svc kubernetes-dashboard -n kubernetes-dashboard +kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard +kubectl get pods -n kubernetes-dashboard -o wide + +-- +# Create service account +kubectl create serviceaccount cluster-admin-dashboard-sa +# Bind ClusterAdmin role to the service account +kubectl create clusterrolebinding cluster-admin-dashboard-sa \ +--clusterrole=cluster-admin \ +--serviceaccount=default:cluster-admin-dashboard-sa +# Parse the token +TOKEN=$(kubectl describe secret $(kubectl -n kube-system get secret | awk '/^cluster-admin-dashboard-sa- \ +token-/{print $1}') | awk '$1=="token:"{print $2}') + +echo $TOKEN + diff --git a/Kubernetes/Kubernetes_Notes b/Kubernetes/Kubernetes_Notes deleted file mode 100644 index 3ec0e12..0000000 --- a/Kubernetes/Kubernetes_Notes +++ /dev/null @@ -1,117 +0,0 @@ -Kubernetes is the open source container orchestation -It is developed by Google and published in July 2015 -It is ninth most active repoistory on GitHub in terms of number of commits - -Features of Kubernetes -Pods -Replication controller -Storage management -Resource Monitoring -Health Checks -Service Discovery -Networking -Secret Managment -Rolling Updates - -Docker Swarm Vs Kubernetes - -Docker Swarm Kubernetes -Easy to install Complex procedure to install -Faster than Kubernetes Slower than docker Swarm -Not Reliable and less fetures Comparatively has more fetures - -Kubernetes Architecture - - Master - | - | - |-------------------------------------------| - Slave Node Slave Node Slave Node - -Master Node Components - -etcd:->It is highly available distributed key value store, which is used to store cluster wide secrets, - It is only accessible by Kubernetes API servers, as it has sensitive information -API Server:->It exposes the Kubernetes API. The Kubernetes API is the front End for the Kubernetes control panel and used to deploy and execute - all operations in Kubernetes. -Scheduler:-> Takes care of scheduling of all the processes, Dynamic resource Management and manages present and future events of cluster -Controller Manager :- - - -Kubernetes Installation -Kubeadm-Bare Metal -MiniKube:-Virtualized Enviorenment -Kops:-Kubernetes on AWS -GCP:-Google cloud Platform - -kubectl get pods --all-namespaces -kubectl get nodes - -Deployment in the Kubernetes is a controller which helps your application to reach to the desired state, the desired state is defined in the deployment file - -Deployment file is a yaml file - -kubectl apply -f nginx.yaml -kubectl get deployments -kubectl get pods --show-labels -kubectl get po -kubectl get po -o wide - - -Pods:-conatins one or more containers coupled together.These are the basic unit of Kubernetes. To increase the high availbility we perfer pods in replicas -Services:-used to load balance the traffic among the pods. It follows round robin distribution among the healthy pods -Ingress:-is an object that allows access to the kubernetes services from outside the kubernetes cluster.You configure access by creating a collection - of rules that define which inbound connection reach which service -Deployment:-is controller which helps your applications to reach the desired state, the desired state is defined inside the deployment file. - -Service Types -Cluster IP :- Exposes the service on cluster-internal IP ( only on pod network) -Node Port:- Exposes the service on each Node's IP at static port -Load Balancer:-Exposes the service externally using cloud provider's Load Balancer -External name:-Maps the service to the contents of the external name - -#Create clusterip service -kubectl create service clusterip nginx --tcp=80:80 - -#list of services -kubectl get svc -curl 10.101.192.142 - kubectl delete service - - - kubectl create service nodeport nginx --tcp=80:80 - -----------Ingress Controller -https://github.com/kubernetes/ingress-nginx/blob/master/docs/deploy/index.md -Follow the steps -check namespaces -kubectl get pods --all-namespaces -kubectl get svc - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: nginx-ingress - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / -spec: - rules: - - http: - paths: - - path: /nginx - backend: - serviceName: nginx - servicePort: 80 - -#kubectl create service clusterip nginx --tcp=80:80 - kubectl apply -f demo.yaml - kubectl get ing - kubectl delete ing <> - - ---------Dash Board - -kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml -kubectl proxy -kubectl edit svc kubernetes-dashboard –n kube-system -kubectl get svc kubernetes-dashboard –n kube-system -TOKEN=$(kubectl describe secret $(kubectl -n kube-system get secret | awk '/^cluster-admin-dashboardsa-token-/{print $1}') | awk '$1=="token:"{print $2}') \ No newline at end of file diff --git a/Kubernetes/Run a Pod on Specific node.docx b/Kubernetes/Run a Pod on Specific node.docx new file mode 100644 index 0000000..1f0bac3 Binary files /dev/null and b/Kubernetes/Run a Pod on Specific node.docx differ diff --git a/Nagios/NRPE Installation b/Nagios/NRPE Installation new file mode 100644 index 0000000..a57de18 --- /dev/null +++ b/Nagios/NRPE Installation @@ -0,0 +1,7 @@ +sudo apt update +sudo apt install nagios-nrpe-server nagios-plugins +sudo nano /etc/nagios/nrpe.cfg + + +Tcp connection check +/usr/local/nagios/libexec/check_tcp -H localhost -p 22 http://localhost:22 diff --git a/Puppet installation b/Puppet installation index f3243b9..5e0102e 100644 --- a/Puppet installation +++ b/Puppet installation @@ -112,4 +112,35 @@ ensure => installed, } } +----create user +node default{ + user { 'raman': + ensure => present, + uid => '1101', + shell => '/bin/bash', + } +} +--Create user with class +class user { + user { 'test': + ensure => present, +} +} +node default{ + class {user:} +} +---Create user with the parameter +class user_account ($username){ + user { $username: + ensure => present, + uid => '1011', + shell => '/bin/bash', + home => "/home/$username", + } +} +node default { + class { user_account: + username => "raman", + } +} diff --git a/Puppet/Configuration Management.pdf b/Puppet/Configuration Management.pdf new file mode 100644 index 0000000..41b50b8 Binary files /dev/null and b/Puppet/Configuration Management.pdf differ diff --git a/Puppet/Install Puppet6.txt b/Puppet/Install Puppet6.txt new file mode 100644 index 0000000..3a78719 --- /dev/null +++ b/Puppet/Install Puppet6.txt @@ -0,0 +1,114 @@ + +Step - 1 +Instal ntp ntpdate packages to sync date and time on your servers + +sudo apt update +sudo apt install -y ntp ntpdate +sudo ntpdate -u 0.ubuntu.pool.ntp.org + +Step -2 + +On the master edit the host file and add the IP address of the master itself in the hosts file naming it puppet + +Step -3 + +On the Agent machines add the master IP as puppet and the Agent’s IP address as puppet-agent + +Step -4 + +Follow these steps on both the master and the slave machines +Puppet uses port 8140 to communicate through ssl. Open the port using ufw command + + ufw enable ufw allow 8140 + +Step -5 ( execute below command on master and slave machine) +Add the puppet6 repository on all the machines + +apt update wget https://apt.puppetlabs.com/puppet6-release-bionic.deb dpkg -i puppet6-release-bionic.deb +apt update + +Step -6 (Execute command on Master Server) + + apt install -y puppetserver +Step -7 (Master Server) + +After the installation, change the memory allocation for Puppet server. The Default setting is 2GB. Set it 1 GB or 512 MB according to the memory allocated to your VM Open the default puppet server file and change the following line + +vi /etc/default/puppetserver +Change +JAVA_ARGS="-Xms2g -Xmx2g + +to + +JAVA_ARGS="-Xms512m -Xmx512m + +and save the changes + +Step -8 (Master Server) + +Edit the puppet.conf file and add the following lines to it + +vi /etc/puppetlabs/puppet/puppet.conf + +[main] +certname = puppet +server = puppet +environment = production +runinterval = 15m + +Step -9 ( Master Server) + +Now, setup the puppetserver certificate. + +/opt/puppetlabs/bin/puppetserver ca setup + +Step -10 (Master Server) + +Start and enable the puppet server Syntax: + + systemctl start puppetserver + systemctl enable puppetserver + +Step -11(Agent Node) + + Install Puppet Agent + apt install -y puppet-agent + +Step -12(Agent Node) + +Edit the puppet.conf file on agent machine and add the following lines to it Syntax: + +vi /etc/puppetlabs/puppet/puppet.conf + + [main] +certname = puppetagent +server = puppet +environment = production +runinterval = 15m + +Step -13 (Agent Node) + +Start and enable the puppet server on the agent machine Syntax: + +/opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true + + +Step -14 (Master Node) + +First list all the certificates left for signing on the master machine + +Syntax: /opt/puppetlabs/bin/puppetserver ca list + +You can choose to either individually sign the certificates all sign them all together Syntax: +/opt/puppetlabs/bin/puppetserver ca sign + + or + +/opt/puppetlabs/bin/puppetserver ca sign --all + +Step -15 (Agent Node) + +To verify open the agent and use the test command Syntax: + +/opt/puppetlabs/bin/puppet agent --test + diff --git a/Puppet/Modules.txt b/Puppet/Modules.txt new file mode 100644 index 0000000..997c292 --- /dev/null +++ b/Puppet/Modules.txt @@ -0,0 +1,34 @@ + puppet module generate rp-createuser + #init.pp + class createuser { + user { 'user1': + ensure => present, + } + +} + + +# site.pp + node default { + include 'createuser' +} + +apt install pdk +pdk new module module1 +cd module1 +cd manifests + +vi init.pp + class module1 { + +package { 'apache2': + ensure => present, +} +} + +pdk build module1 +/opt/puppetlabs/bin/puppet module install /etc/puppetlabs/code/environments/production/module1/pkg/ubuntu-module1-0.1.0.tar.gz + +site.pp +class { 'module1': } + diff --git a/Puppet/Puppet Architecture.pdf b/Puppet/Puppet Architecture.pdf new file mode 100644 index 0000000..a13d7fa Binary files /dev/null and b/Puppet/Puppet Architecture.pdf differ diff --git a/Puppet/classExample.txt b/Puppet/classExample.txt new file mode 100644 index 0000000..a3a34fb --- /dev/null +++ b/Puppet/classExample.txt @@ -0,0 +1,62 @@ +# A class with no parameters + + +class puppet_user{ + user { 'puppet_user': + ensure => present, + uid => 1001, + home => '/home/puppet_user' + } +} +node default{ + include puppet_user +} + + +# A class with parameters + + +class puppet_user($username){ + user { $username: + ensure => present, + uid => 1001, + home => '/home/$username' + } +} +#invoke the class +node default{ + class { puppet_user: + username => 'puppet_user', + } +} + +# Class example with if condition and multiple parameters +class user($username, $test) { + + user { $username: + ensure => present, + managehome => true, + } + if $test =='testing' { + file { '/tmp/2.txt': + content => $test, + } + } + else + { + file { '/tmp/3.txt': + content => $test, + } + + } +} + +node default { + class { 'user': + username => 'raman', + test => 'notesting' , + } + +} + + diff --git a/Puppet/puppetInstallation b/Puppet/puppetInstallation new file mode 100644 index 0000000..fe52e27 --- /dev/null +++ b/Puppet/puppetInstallation @@ -0,0 +1,255 @@ +Puppet +--->it is a configuration management tool available as open-source and Enterprise version.It runs on Unix like systems and Windows Systems. +--->Puppet is produced by Puppet labs founded by Luke Kanies in 2005. +--->It is written in Ruby and released as free software under GNU GENEREAL PUBLIC LICENSE until version 2.7.0 and Apache License after that. +--->Puppet is designed to manage the configuration of Unix-like and Microsoft windows. + +How Puppet works +The information is stored in files called "Puppet manifests" with extension of ".pp".Puppet discovers the system information via a utility called Facter and compiles the puppet manifests into a specific catalog containing resources and resource dependencies which are applied against the target system. Any action taken by puupet are then reported. + +Puppet Master + it is the service runs on the main server which is used to manage the entire clients to deploy, configure and maintains the infrastructures. +Puppet Agent + Puppet agent is a service runs on client which sends the request the catalog to puppet master and applies it by checking each resource the catalog describes. If it finds that any resource is not in the desired state, it makes the changes necessary to correct them.After applying the catalog, the agen submits a report Puppet Master. +Catalog + it is a document that describes the desired state for one specific server. It lists all the resources that need to be managed, as well as dependencies between them. + +Puppet agent nodes and Puppet master communicates via HTTPS with client verification.The Puppet master provides an HTTP interface with various end points are available. When requesting or submitting anything to master, the agent makes HTTPS request to one of the end points. + +Manifests + are the files with extension ".pp" where we declare all resources to be checked or to be changed. Resources may be files,packages etc + +Resources Types + A type of package or service or file or user or mount + +Syntax: + type{ 'title': + argument => value, + otherarg => value + } + +node default { +$mypackages = [ 'apache2', 'sudo', 'screen' ] + +package { $mypackages: ensure => 'installed' } +} + +node default { + +# creating the directory called test +file{ '/tmp/test': + ensure => 'directory' +} + +} + + +node default { + +# creating the directory called test +file{ '/tmp/test1': + ensure => 'directory', + owner => 'root', + group => 'root', + mode => '0777', +} + +} + +node default { + +# remove the given file +tidy { '/tmp/3.txt': } +} + +eg: +Ex1 Verify nginx is installed + + package{ 'nginx': + ensure => present, + } +Ex2 Create a file /tmp/file1.txt + + file{'file1': + path=>'/tmp/file1.txt' + } +Ex3 Start a service + + service{ 'httpd': + ensure=>running, + enable=>true + } +---- + +Classes + classes are the groups of different resources. + +class directories { + + # create a directory + file { '/etc/site-conf': + ensure => 'directory', + } + + # a fuller example, including permissions and ownership + file { '/var/log/admin-app-log': + ensure => 'directory', + owner => 'root', + group => 'wheel', + mode => '0750', + } + + # this example creates a file + file { '/etc/site-conf/': + ensure => 'present', + } +} +Resource type Reference + puppet describe file + puppet describe --list + + + +------------------PUPPET INSTALLATION ON UBUNTU------------ + +Installing Puppet Master +Step 1: Run the following commands for installing Puppet Master +$ sudo apt-get update +$ sudo apt-get install wget +$ wget https://apt.puppetlabs.com/puppet-release-bionic.deb +$ sudo dpkg -i puppet-release-bionic.deb +$ sudo apt-get update + +$ sudo apt-get install puppet-master +$ sudo systemctl status puppet-master.service + +Add the following lines in the puppet-master configuration file +Next open port 8140 on the Puppet Master’s firewall +$ sudo nano /etc/default/puppet-master +JAVA_ARGS="-Xms512m Xmx512m" +$ sudo systemctl restart puppet-master +$ sudo ufw allow 8140/tcp + +Installing Puppet Agent + +Step 2: Run the following commands for installing Puppet Agent + +$ sudo apt-get update +$ sudo apt-get install wget +$ wget https://apt.puppetlabs.com/puppet-release-bionic.deb +$ sudo dpkg -i puppet-release-bionic.deb +$ sudo apt-get install puppet +$ sudo nano /etc/hosts + add ip address of the master +$ sudo systemctl start puppet +$ sudo systemctl enable puppet + + +Step 3: Make changes to the hosts file which exists in /etc/hosts. And add the Puppet +Master IP address along with the name “puppet” + +$ sudo nano /etc/hosts + +Step 4: Create the following directory path: + +$ sudo mkdir -p /etc/puppet/code/environments/production/manifests + + +Configuring Puppet Slave + +Step 1: Add the entry for Puppet Master in /etc/hosts + +Step 2: Finally start the Puppet agent by using the following command. Also, enable the +service, so that it starts when the computer starts + +$ sudo systemctl start puppet +$ sudo systemctl enable puppet + + +On Master + +$ sudo puppet cert list + +Step 2: Finally, sign the listed certificate using the following command: +$ sudo puppet cert sign --all + +On master machine create /etc/puppet/code/environments/production/manifests/site.pp + +node default{ + +package {'nginx': +ensure => installed, +} + +file { '/tmp/status.txt': + +content => 'installed', +mode => '0644', +} +} + +Goto client machine and run the command +puppet agent --test + +-----------Find the resource types +puppet resource --types +puppet resource file /tmp/1.txt + +----To set the running interval on client machine +By default the running interval on the client is 30 mins. but we can change it by changing /etc/puppet/puppet.conf +[agent] +server=puppet +runinterval=1m + +Classes + +in site.pp +#---Create testuser +class addusers +{ + user { 'testuser': + ensure=>present + } +} +node default { +class { addusers:} +} +-------------- +Facts +node default + +{ +$message=$facts['os']['family'] ? { +'RedHat'=> 'running redhat', +default=> 'running somewhere', +} +notify { $message: } +} + +------ +mkdir -p /etc/facter/facts.d + cd /etc/facter/facts.d/ + create file customfact.txt and add content +customfact="hello world" + +Now run following command +--------- +Templates +#Create file test.epp + +<% | String $text, Boolean $bool | -%> +Text value <%= $text %> + +<% if $bool { -%> +Bool has true value +<% } -%> + +To validate the syntax +puppet epp validate test.epp +To run the template +puppet epp render test.epp --values '{ text => "Hello world", bool => true }' + +facter customfact + +Modules:- +it is the collection of manifest with data( such as facts files and templates) and they have a specific directory structure. Modules are useful to organize puppet code because they allow you to split the code in multiple manifests.It is considered to be best practice to use modules to organize manifests. diff --git a/Splunk.pptx b/Splunk.pptx new file mode 100644 index 0000000..b71c78c Binary files /dev/null and b/Splunk.pptx differ diff --git a/Sunlife_Notes b/Sunlife_Notes new file mode 100644 index 0000000..6fc48ee --- /dev/null +++ b/Sunlife_Notes @@ -0,0 +1,1880 @@ + 1 sudo yum install -y yum-utils + 2 sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo + 3 sudo yum install docker-ce docker-ce-cli containerd.io + 4 systemctl status docker + 5 systemctl start docker + 6 systemctl status docker + 7 history + 8 docker --version + 9 docker pull ubuntu + 10 docker images + 11 docker image ls + 12 docker pull ubuntu:18.04 + 13 docker images + 14 docker rmi ubuntu:18.04 + 15 docker pull centos + 16 docker container run -it --name c1 -d ubuntu + 17 docker ps + 18 docker container ls + 19 docker container run -it --name c1 -d centos + 20 docker container run -it --name c2 -d centos + 21 docker container ls + 22 docker stop c1 + 23 docker container ls + 24 docker ps -a + 25 docker container ls --all + 26 history + 27 docker start c1 + 28 docker container ls + 29 docker kill c1 + 30 docker ps -a + 31 docker restart c1 + 32 docker container ls + 33 docker stop c1 + 34 docker rm c1 + 35 docker ps -a + 36 docker rm -f c2 + 37 docker container ls --all + 38 docker container run -it --name c1 -d centos + 39 docker container ls --all + 40 docker rmi centos + 41 docker stop c1 + 42 docker rmi centos + 43 docker stop c1 + 44 docker rmi centos + 45 docker rm c1 + 46 docker rmi centos + 47 docker container -it run --name c1 -d ubuntu + 48 docker container run -it --name c1 -d ubuntu + 49 docker container ls + 50 docker exec -it c1 bash + 51 docker ps + 52 docker commit c1 webimg + 53 docker images + 54 docker container run -itd --name c2 webimg + 55 docker exec -it c2 bash + 56 docker images + 57 docker ps -a + 58 docker rm -f c1 c2 + 59 docker container run -itd --name webserver -p 80:80 webimg + 60 docker container ls + 61 docker exec -it webserver bash + 62 vi test.html + 63 docker cp test.html webserver:/var/www/html + 64 docker exec -it webserver bash + 65 docker stats webserver + 66 docker top webserver + 67 history + 68 sudo docker run -m 4m -dit --name web1 nginx + 69 sudo docker run -m 8m -dit --name web1 nginx + 70 docker stats web1 + 71 ls /var/lib/docker/ + 72 docker images + 73 docker save webimg > myimg.tar + 74 ls + 75 docker rm -f $(docker ps -a -q) + 76 docker rmi webimg + 77 ls + 78 docker images + 79 docker load :5000/v2/_catalog + +3. Inspect the container + + docker container inspect local_registry + +4. Clone the ubuntu image to localhost:5000/ubuntu:latest + + docker image tag ubuntu localhost:5000/ubuntu:latest + +5. Push the image to docker registry + + docker image push localhost:5000/ubuntu + + +6. Pull the image with following command ( you can remove the image first and then you can run below command to restore the image) + + docker image pull localhost:5000/ubuntu + + ------------------------Storage------------------ + +docker volume create demo-vol +docker volume ls //to list the volumes +docker run -it --mount source=demo-vol,destination=/app -d ubuntu +docker run -it --mount source=demo-vol,destination=/test --mount source=demo-vol1,destination=/test1 -d ubuntu + +---------------commands--------- + docker volume --help + 295 docker volume ls + 296 docker volume prune + 297 docker volume ls + 298 docker volume create demo-vol + 299 docker volume ls + 300 ls /var/lib//docker/ + 301 ls /var/lib//docker/volumes/ + 302 docker volume rm demo-vol + 303 ls /var/lib//docker/volumes/ + 304 docker volume create demo-vol + 305 docker volume ls + 306 ls /var/lib//docker/volumes/ + 307 ls /var/lib//docker/volumes/demo-vol/ + 308 ls /var/lib//docker/volumes/demo-vol/_data/ + 309 docker rm -f c1 + 310 docker container run -it --name c1 --mount source=demo-vol,destination=/app -d ubuntu + 311 docker exec -it c1 bash + 312 ls /var/lib//docker/volumes/demo-vol/_data/ + 313 docker rm -f c1 + 314 ls /var/lib//docker/volumes/demo-vol/_data/ + 315 docker container run -itd --name c2 --mount source=demo-vol,destination=/demo ubuntu + 316 docker exec -it c2 + 317 docker exec -it c2 bash + 318 docker container run -itd --name c3 --mount source=demo-vol,destination=/demo1 ubuntu + 319 docker exec -it c3 bash + 320 ls /var/lib//docker/volumes/demo-vol/_data/ + 321 touch /var/lib//docker/volumes/demo-vol/_data/5 + 322 ls /var/lib//docker/volumes/demo-vol/_data/ + 323 docker exec -it c3 bash + 324 docker volume rm demo-vol + 325 ls + 326 rm -ifr /var/lib/docker/volumes/demo-vol/_data/ + 327 ls /var/lib//docker/volumes/demo-vol/_data/ + 328 docker exec -it c2 bash + 329 ls /var/lib//docker/volumes/demo-vol/_data/ + 330 mkdir /var/lib//docker/volumes/demo-vol/_data + 331 ls /var/lib//docker/volumes/demo-vol/_data/ + 332 touch /var/lib//docker/volumes/demo-vol/_data/1 + 333 docker exec -it c2 bash + 334 docker rm -f c2 c3 + 335 docker volume prune + 336 docker volume ls + +--------------------------------- + +----------Docker Bind Mount Example + +docker run -it -v /home/ubuntu/mount:/demo -d ubuntu + +---commands---- +mkdir mydir + 343 docker container run -it -d --name c4 -v /home/centos/mydir:/app ubuntu + 344 docker exec -it c4 bash + 345 ls mydir/ + 346 docker container inspect c4 + 347 cd mydir/` + + 348 cd mydir/ + 349 touch 5 6 + 350 ls + 351 docker exec -it c4 bash + +--------------- +------------------------Docker file-------------------- + + Docker can build images automatically by reading the instructions from a Dockerfile. A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image. Using docker build users can create an automated build that executes several command-line instructions in succession. + +Some of the Keyword's definition + +FROM + +is define th base image on which we are building eg FROM ubuntu + +ADD + +is used to add the files to the container being built, ADD + +RUN + +is used to add layers to the base image, by installing components.Each RUN statement add a new layer to the docker image + +CMD + +is used to run the command on start of the container.These commands run when there is no argument specified while running the container. + +ENTRYPOINT + +is used to strictly run the commands the moment the container intializes. The difference between CMD and ENTRYPOINT is, ENTRYPOINT runs irrespective of the fact that whether the argument is specified or not. + +ENV + +is used to define the environment in container. + +docker build +Description +Build an image from a Dockerfile + +sudo docker build -t nonrootimage . # create custom image (nonrootimage) + + + +Examples. + +Create an image which has base image ubuntu and apache2 is to be installed on it and create an index.html file in current directory, all the files from the current directory is to be copied to /var/www/html folder. Once the container is started it should run the apache service and also create one environment variable called "name" and it should have value "DEVOPS + + + +FROM ubuntu + +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update + +RUN apt-get -y install apache2 + +ADD . /var/www/html + +ENTRYPOINT apachectl -D FOREGROUND + +ENV name DEVOPS + + + +Run below command to build the image + +docker build . -t img1 #Created the image from above Dockerfile + +Example 2 + +Create a Docker file which uses a base image of CentOS 7 and create a user john and change to non-root privilege + + + +# Base image is CentOS 7 + +FROM centos:7 + +# Add a new user "john" with user id 8877 + +RUN useradd -u 8877 john + +# Change to non-root privilege + +USER john + + + +Example 3 + +#Eample of COPY and ADD + + + +FROM centos:7.4.1708 + +RUN mkdir /mydata + +COPY myfiles /mydata/myfiles + +ADD myfile2 /mydata/myfile2 + +ADD https://mirrors.estointernet.in/apache/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz /mydata + +ADD apache-maven-3.6.3-src.tar.gz /mydata/maven + +------------------------------------------------------------------ + + + +# CMD and ENTRYPOINT + +FROM ubuntu + +CMD echo "Hello World" + + + +docker build . -t img1 #Created the image from above Dockerfile + +docker run -it img1 # it will return Hello World + +docker run -it img1 echo "Hello India" # it will overwrite the CMD and Print Hello India + + + +FROM ubuntu + +ENTRYPOINT ["echo","Hello World"] + +docker build . -t img1 #Created the image from above Dockerfile + +docker run -it img1 # it will return Hello World + +docker run -it img1 echo "Hello India" # it will not overwrite the ENTRYPOINT and Print Hello World echo Hello India + + + +FROM ubuntu + +ENTRYPOINT ["echo"] + +CMD ["Hello World"] + +docker build . -t img1 #Created the image from above Dockerfile + +docker run -it img1 # it will return Hello World + +Note:- if the file name is not Dockerfile + +docker build . -f abc -t img8 # abc is the file name which represents the dockerfile contents +------------------------------------------------------- + +-------------------Docker compose------------ + +---Installation + 389 sudo curl -L "https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + 390 sudo mv /usr/local/bin/docker-compose /usr/bin/docker-compose + 391 sudo chmod +x /usr/bin/docker-compose + 392 docker-compose + 393 docker-compose --version + + ---example-1 + version: '3.3' + +services: + db: + image: mysql:5.7 + volumes: + - db_data:/var/lib/mysql + restart: always + environment: + MYSQL_ROOT_PASSWORD: somewordpress + MYSQL_DATABASE: wordpress + MYSQL_USER: wordpress + MYSQL_PASSWORD: wordpress + + wordpress: + depends_on: + - db + image: wordpress:latest + ports: + - "8000:80" + restart: always + environment: + WORDPRESS_DB_HOST: db:3306 + WORDPRESS_DB_USER: wordpress + WORDPRESS_DB_PASSWORD: wordpress + WORDPRESS_DB_NAME: wordpress +volumes: + db_data: {} + + ---Example-2 + + version: '3.3' + +services: + db: + image: ramansharma95/mysql + webapp: + image: ramansharma95/webapp + ports: + - "84:80" + + +----command to run the docker compose file +docker-compose up -d +docker-compose down + + +------------------------Assignment------------------------------------------- +1. Create a container called webserver with ubuntu docker image. Ans :-docker contaienr run -itd --name webserver ubuntu +2. Install apache server in the container(webserver) Ans:- docker exec -it webserver bash , then apt update , apt install apache2 -y +3. Start apache service in the container Ans:- service apache2 start +4. Access apache default page on the web browser, Ans docker commit webserver webimg, docker container run -itd --name c1 -p 80:80 webimg +5. Create a new webpage myapp.html on the host machine and copy it to /var/www/html folder in webserver container. Ans docker cp myapp.html /var/www/html/ +6. Access myapp.html page on the browser Ans: publicip:80 +7. Check how much memory and cpu is consumed by web server containers. docker stats c1 +8. Stop the container and verify that you are not able to access apache website on browser. docker stop c1 +9. Start container and now you should be able to access the apache website. docker start c1 +10. Remove webserver container docker rm -f c1 + +----------------------------------------Kubernetes------------------ +---------Instalation +--------------on Centos on all master and client machine +cat <> --pod-network-cidr=192.168.0.0/16 + + + +2. mkdir -p $HOME/.kube + +3. sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config + +4. sudo chown $(id -u):$(id -g) $HOME/.kube/config + +Calico yaml file is to be applied + +5. Run the join command on each of the worker node which you want to join in the cluser. + + kubectl apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yaml + +7. Run kubectl get nodes command on master node + +------------------------------------------------------------------- +Pod Overview -Lab +LAB + +1.# nginx-pod.yaml +apiVersion: v1 + +kind: Pod + +metadata: + + name: nginx-pod + + labels: + + app: nginx + + tier: dev + +spec: + + containers: + + - name: nginx-container + + image: nginx + + + + + + + +2. Create and display Pods +# Create and display PODs + +kubectl create -f nginx-pod.yaml + +kubectl get pod + +kubectl get pod -o wide + +kubectl get pod nginx-pod -o yaml + +kubectl describe pod nginx-pod + +3. Test & Delete +# To get inside the pod + +kubectl exec -it nginx-pod -- /bin/sh + + + +# Create test HTML page +cat < /usr/share/nginx/html/test.html + + + + + + + +Testing.. + + + + + +

Hello, DevopsWorld...!

+ +

Congratulations, you passed :-)

+ + + + + +EOF + +exit + + + +# Expose PODS using NodePort service +kubectl expose pod nginx-pod --type=NodePort --port=80 + + + +# Display Service and find NodePort +kubectl describe svc nginx-pod + +kubectl get svc + +# Open Web-browser and access webapge using +http://nodeip:nodeport/test.html + +# Delete pod & svc +kubectl delete svc nginx-pod + +kubectl delete pod nginx-pod + + +-----------------------------LAB2------------------------------ + +nodeName is the field in PodSpec.It specifies that a pod is to run on a particular node + +Example: If you want to run a pod on worker node kwn1, then the pod creation script will be a mentioned below + +Step1:- Create a file called nodeName.yaml + +#nodeName.yaml + +apiVersion: v1 + +kind: Pod + +metadata: + + name: podonkwn1 + +spec: + + containers: + + - name: nginx-container + + image: nginx + + nodeName: kwn1 + + + +Step2: Create the pod by running below command + + + +kubectl create -f nodeName.yaml + + + +Step3: Verify the pods are getting created on kwn1 or not by running below command + + + +kubectl get pods -o wide + + + +nodeSelector +nodeSelector is the simplest recommended form of node selection constraint. nodeSelector is a field of PodSpec. It specifies a map of key-value pairs. For the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels (it can have additional labels as well). The most common usage is one key-value pair. + + + +Example: Create a Pod on the worker node which is of production environment, means the worker nodes which has label env=prod + + + +Step1: Check the labels on all the nodes + + + +kubectl get nodes --show-labels + + + +Step2: Check the label on a specific node ( say kwn2) + + + +kubectl get nodes --show-labels kwn2 + + + +Step3: Create a label env=prod for a worker node ( say kwn2) + + + +kubectl label nodes kwn2 env=prod + + + +Step4: Create a pod with nodeSelector specification. Create file with name nodeselector.yaml + + + +#nodeselector.yaml + +apiVersion: v1 + +kind: Pod + +metadata: + + name: podnodeselector + +spec: + + containers: + + - name: container1 + + image: nginx + + nodeSelector: + + env: prod + + + +Step5: Create the pod by running below command + + + +kubectl create -f nodeselector.yaml + + + +Step6: Verify the pod “podselector” is created on kwn2 by running below command + + + +kubectl get pods -o wide + +----------------------Secrets--------------------------- +Secrets same as ConfigMap sensitive data( password Authtoken ssh keys) + +1. Secrets to store the confidential data + +2. Secrets use by default base64 algorithm to encode the data + +3. Secrets are mapped to pod where these are decoded on Pod level + +4. It stores the data in Key-Value pair + +5. from file and from literal + +6. Data should not be more than 1 MB + +7. you can store the data from text files + +8. Secret data is stored in etcd database + + + +LAB + + +# 1. Creating Secret using Kubectl & Consuming it from "volumes" inside Pod + + + + + +1a. Creating secret using "Kubectl": + +------------------------------------ + +echo -n 'admin' > username.txt + +echo -n 'pa$$w00rd' > password.txt + + + +kubectl create secret generic nginx-secret-vol --from-file=username.txt --from-file=password.txt + + + +# rm -f username.txt password.txt + + + +kubectl get secrets + +kubectl describe secrets nginx-secret-vol + + + +1b. Consuming "nginx-secret-vol" from "volumes" inside Pod + +-------------------------------------------------------- + + + +#nginx-pod-secret-vol.yaml + +apiVersion: v1 +kind: Pod +metadata: + name: nginx-pod-secret-vol +spec: + containers: + - name: nginx-container + image: nginx + volumeMounts: + - name: test-vol + mountPath: "/etc/confidential" + readOnly: true + volumes: + - name: test-vol + secret: + secretName: nginx-secret-vol + + +========================================================== + + + +1c. Create | Display | Validate: + +-------------------------------- + + + +# Create + +kubectl create -f nginx-pod-secret-vol.yaml + + + +# Display + +kubectl get po + +kubectl get secrets + +kubectl describe pod nginx-pod-secret-vol + + + +# Validate from "inside" the pod + +kubectl exec nginx-pod-secret-vol -it /bin/sh + +cd /etc/confidential + +ls + +cat username.txt + +cat password.txt + +exit + + + +(OR) + + + +# Validate from "outside" the pod + +kubectl exec nginx-pod-secret-vol ls /etc/confidential + +kubectl exec nginx-pod-secret-vol cat /etc/confidential/username.txt + +2. Creating Secret "manually" using YAML file & Consuming it from "environment variables" inside Pod + + + + + +2a. Creating Secret using YAML file: + +------------------------------------- + + + +# Encoding secret + +echo -n 'admin' | base64 + +echo -n 'pa$$w00rd' | base64 + + + +# YAML file + +# redis-secret-env.yaml + +apiVersion: v1 +kind: Secret +metadata: + name: redis-secret-env +type: Opaque +data: + username: YWRtaW4= + password: cGEkJHcwMHJk + + +kubectl create -f redis-secret-env.yaml + +kubectl get secret + +kubectl describe secret redis-secret-env + + + +=============================================================================== + + + +2b. Consuming “redis-secret-env” secret from “Environment Variables” inside pod +# redis-pod-secret-env.yaml +apiVersion: v1 +kind: Pod +metadata: + name: redis-pod-secret-env +spec: + containers: + - name: redis-container + image: redis + env: + - name: SECRET_USERNAME + valueFrom: + secretKeyRef: + name: redis-secret-env + key: username + - name: SECRET_PASSWORD + valueFrom: + secretKeyRef: + name: redis-secret-env + key: password + restartPolicy: Never + + +=============================================================================== + + + +2c. Create | Display | Validate: + + + +# Create + +kubectl create -f redis-pod-secret-env.yaml + + + +# Display + +kubectl get pods + +kubectl get secrets + +kubectl describe pod redis-pod-secret-env + + + + + +# Validate from "inside" the pod + +kubectl exec redis-pod-secret-env -it /bin/sh + +env | grep SECRET + +exit + + + +(OR) + + + +# Validate from "outside" the pod + +kubectl exec redis-pod-secret-env env | grep SECRET + + + +*************************************************************************** + +#Decode the secrets + + + +kubectl get secret redis-secret-env -o yaml + +echo 'cGEkJHcwMHJk' | base64 --decode + +************************************************************************************************************************************************* + + + +3. Cleanup + + + +# Delete secrets + +kubectl delete secrets nginx-secret-vol redis-secret-env + + + +# Delete pods + +kubectl delete pods nginx-pod-secret-vol redis-pod-secret-env + + + +# Validate + +kubectl get pods + +kubectl get secrets + +------------------------------------RBAC------------ + +By Raman + Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within your organization. + +LAB + +kubectl create ns finance + +openssl genrsa -out john.key 2048 # it will create a private key + +openssl req -new -key john.key -out john.csr -subj "/CN=john/O=javadeveloper" + + + +openssl x509 -req -in john.csr -CA /etc/kubernetes/pki/ca.crt -CAkey /etc/kubernetes/pki/ca.key -CAcreateserial -out john.crt -days 500 + + + +#Create a role for namespace finance with resource permission +#role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: finance + name: deployment-manager +rules: +- apiGroups: ["","extensions","apps"] + # + # at the HTTP level, the name of the resource for accessing ConfigMap + # objects is "configmaps" + resources: ["deployments","replicasets","pods"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + + +kubectl create -f role.yaml + + + + + +#rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +# This role binding allows "jane" to read pods in the "default" namespace. +# You need to already have a Role named "pod-reader" in that namespace. +kind: RoleBinding +metadata: + name: deployment-manager-binding + namespace: finance +subjects: +# You can specify more than one "subject" +- kind: User + name: john + apiGroup: "" +roleRef: + # "roleRef" specifies the binding to a Role / ClusterRole + kind: Role #this must be Role or ClusterRole + name: deployment-manager # this must match the name of the Role or ClusterRole you wish to bind to + apiGroup: "" + + +kubectl create -f rolebinding.yaml + + + +kubectl config set-credentials john --client-certificate=/home/ubuntu/temp/john.crt --client-key=/home/ubuntu/temp/john.key + + + +kubectl config set-context developer-context --cluster=kubernetes --namespace=finance --user=john + + + +----Install client + +curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl + + + + chmod +x ./kubectl + + + + sudo mv ./kubectl /usr/local/bin/kubectl + + kubectl version --client + + + + + + ls ./kube + + kubectl --kubeconfig config cluster-info + + kubectl --kubeconfig config config view + + kubectl --kubeconfig config config view -o jsonpath='{.contexts[*].name}' + + + + kubectl --kubeconfig config get pods -n finance + + kubectl --kubeconfig config run nginx-pod --image=nginx -n finance + + + kubectl --kubeconfig config get pods -n finance + +-----------------------Resource Quota------------------ +By Raman +A resource quota, defined by a ResourceQuota object, provides constraints that limit aggregate resource consumption per namespace. It can limit the quantity of objects that can be created in a namespace by type, as well as the total amount of compute resources that may be consumed by resources in that project. + +LAB + +apiVersion: v1 + +kind: ResourceQuota + +metadata: + + name: quota-demo1 + + namespace: quota-demo-ns + +spec: + + hard: + + pods: "2" + + + configmaps: "1" + + + +#2 + +apiVersion: v1 + +kind: ResourceQuota + +metadata: + + name: quota-demo-mem + + namespace: quota-demo-ns + +spec: + + hard: + + + limits.memory: "500Mi" + + + +apiVersion: v1 + +kind: Pod + +metadata: + + name: mem-limit + + namespace: quota-demo-ns + +spec: + + containers: + + - name: memlimit + + image: nginx + + resources: + + limits: + + + memory: "200Mi" +------------------------------------------------------- + + +----------------Replication Contorller----------------------------- +By Raman +A ReplicationController ensures that a specified number of pod replicas are running at any one time. In other words, a ReplicationController makes sure that a pod or a homogeneous set of pods is always up and available. + +How a ReplicationController Works + +If there are too many pods, the ReplicationController terminates the extra pods. If there are too few, the ReplicationController starts more pods. Unlike manually created pods, the pods maintained by a ReplicationController are automatically replaced if they fail, are deleted, or are terminated. For example, your pods are re-created on a node after disruptive maintenance such as a kernel upgrade. For this reason, you should use a ReplicationController even if your application requires only a single pod. + + + +LAB + + + +1. Replication Controller YAML file + + + +# nginx-rc.yaml + +apiVersion: v1 +kind: ReplicationController +metadata: + name: nginx-rc +spec: + replicas: 3 + template: + metadata: + name: nginx-pod + labels: + app: nginx-app + spec: + containers: + - name: nginx-container + image: nginx + ports: + - containerPort: 80 + selector: + app: nginx-app + + + + +******************************************************************* + +# 2. Create and display + + + +kubectl create -f nginx-rc.yaml + +kubectl get po -o wide + +kubectl get po -l app=nginx-app + +kubectl get rc nginx-rc + +kubectl describe rc nginx-rc + + + +******************************************************************* + +# 3. Reschedule + + + +kubectl get po -o wide --watch + +kubectl get po -o wide + +kubectl get nodes + + + +******************************************************************* + +# 4. Scaling up cluster + + + +kubectl scale rc nginx-rc --replicas=5 + +kubectl get rc nginx-rc + +kubectl get po -o wide + + + +******************************************************************* + +# 5. Scalling down + + + +kubectl scale rc nginx-rc --replicas=3 + +kubectl get rc nginx-rc + +kubectl get po -o wide + + + +******************************************************************* + +# 6. Cleanup + + + +kubectl delete -f nginx-rc.yaml + +kubectl get rc + +kubectl get po -l app=nginx-app +------------------------------------------------------------------- + +-------------------------Replicaset---------------------------- +A ReplicaSet's purpose is to maintain a stable set of replica Pods running at any given time. As such, it is often used to guarantee the availability of a specified number of identical Pods. + +Replication Controller(Equality based) + +ReplicaSet (Set Based + +It uses the operators ( =, ==, !=) + +Operators ( in, notin,exists) + +Example env=prod, env!=stag + +Env in(prod) + +Command Line + +kubectl get pods -l env=prod + +Kubectl get pods ‘env in(prod,qa)’ + +Manifest + +selector: + + app: nginx-app + + + + selector: + + matchLabels: + + app: nginx-app + + matchExpressions: + + - {key: tier, operator: In, values: [frontend]} + + +LAB + + + +# nginx-rs.yaml +apiVersion: apps/v1 +kind: ReplicaSet +metadata: + name: nginx-rs +spec: + replicas: 3 + template: + metadata: + name: nginx-pod + labels: + app: nginx-app + tier: frontend + spec: + containers: + - name: nginx-container + image: nginx + ports: + - containerPort: 80 + selector: + matchLabels: + app: nginx-app + matchExpressions: + - {key: tier, operator: In, values: [frontend]} + + + + +******************************************************************* + +# 2. Create and display replicaset + + + +kubectl create -f nginx-rs.yaml + +kubectl get po -o wide + +kubectl get po -l app=nginx-app + +kubectl get rs nginx-rs -o wide + +kubectl describe rs nginx-rs + +kubectl get po -l 'tier in (frontend)' + +******************************************************************* + +# 3. Automatic Pod Reschedule + + + +kubectl get po -o wide --watch + +kubectl get po -o wide + +kubectl get nodes + + + +******************************************************************* + +# 4. Scale up pods + + + +kubectl scale rs nginx-rs --replicas=5 + +kubectl get rs nginx-rs -o wide + +kubectl get po -o wide + + + +******************************************************************* + +# 5. Scale down pods + + + +kubectl scale rs nginx-rs --replicas=3 + +kubectl get rs nginx-rs -o wide + +kubectl get po -o wide + + + +******************************************************************* + +# 6. Cleanup + + + +kubectl delete -f nginx-rs.yaml + +kubectl get rs + +kubectl get po -l app=nginx-app +---------------------------------------------------------------- + +----------------------services-------------------- +An abstract way to expose an application running on a set of Pods as a network service. + +With Kubernetes you don't need to modify your application to use an unfamiliar service discovery mechanism. Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them + +CLUSTER IP + +ClusterIP is the default kubernetes service. This service is created inside a cluster and can only be accessed by other pods in that cluster. So basically we use this type of service when we want to expose a service to other pods within the same cluster. + +Nodeport: +NodePort opens a specific port on your node/VM and when that port gets traffic, that traffic is forwarded directly to the service. + +There are a few limitations and hence its not advised to use NodePort + +- only one service per port + +- You can only use ports 30000-32767 + + + +LoadBalancer: +This is the standard way to expose service to the internet. All the traffic on the port is forwarded to the service. It's designed to assign an external IP to act as a load balancer for the service. There's no filtering, no routing. LoadBalancer uses cloud service + +Few limitations with LoadBalancer: + +- every service exposed will it's own ip address + +- It gets very expensive + + + +1. Deployment & NodePort service manifest file + + + +Deployment YAML file: + +~~~~~~~~~~~~~~~~~~~~~ + +# Deployment +# nginx-deploy.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-deployment + labels: + app: nginx-app +spec: + replicas: 1 + selector: + matchLabels: + app: nginx-app + template: + metadata: + labels: + app: nginx-app + spec: + containers: + - name: nginx-container + image: nginx:1.7.9 + ports: + - containerPort: 80 + + +-------------------------------------- + + + +NodePort Service YAML file: + +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Service +# nginx-svc-np.yaml +apiVersion: v1 +kind: Service +metadata: + name: my-service + labels: + app: nginx-app +spec: + selector: + app: nginx-app + type: NodePort + ports: + - nodePort: 31111 + port: 80 + targetPort: 80 + + +******************************************************************* + +2. Create and Display Deployment and NodePort + + + +kubectl create –f nginx-deploy.yaml + +kubectl create -f nginx-svc.yaml + +kubectl get service -l app=nginx-app + +kubectl get po -o wide + +kubectl describe svc my-service + + + +******************************************************************* + +3. Testing + + + +# To get inside the pod + +kubectl exec [POD-IP] -it /bin/sh + + + +# Create test HTML page + +cat < /usr/share/nginx/html/test.html + + + + + + + +Testing.. + + + + + +

Hello, NodePort Service...!

+ +

Congratulations, you passed :-)

+ + + + + +EOF + +exit + + + +Test using Pod IP: + +~~~~~~~~~~~~~~~~~~~~~~~ + +kubectl get po -o wide + +curl http://[POD-IP]/test.html + +NodePort – Accessing using Service IP + + + +Test using Service IP: + +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +kubectl get svc -l app=nginx-app + +curl http://[cluster-ip]/test.html + + + +Test using Node IP (external IP) + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +http://nodep-ip:nodePort/test.html + +note: node-ip is the external ip address of a node. + + + + + +******************************************************************* + +4. Cleanup + + + +kubectl delete -f nginx-deploy.yaml + +kubectl delete -f nginx-svc.yaml + +kubectl get deploy + +kubectl get svc + +kubectl get pods + + + +******************************************************************* + + + + + +LoadBalancer + + + +# 1. YAML: Deployment & Load Balancer Service + + + +# Deployment +# controllers/nginx-deploy.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-deployment + labels: + app: nginx-app +spec: + replicas: 1 + selector: + matchLabels: + app: nginx-app + template: + metadata: + labels: + app: nginx-app + spec: + containers: + - name: nginx-container + image: nginx:1.7.9 + ports: + - containerPort: 80 + + +------------------------------------ + + +# Service - LoadBalancer +#lb.yaml +apiVersion: v1 +kind: Service +metadata: + name: my-service + labels: + app: nginx-app +spec: + selector: + app: nginx-app + type: LoadBalancer + ports: + - nodePort: 31000 + port: 80 + targetPort: 80 +------------------------------------------------ + +--------------Volumes------------------------- +Kubernetes Volumes (emptyDir,hostPath,Persistence Volume) +By Raman +When a Container crashes, kubelet will restart it, but the files will be lost - the Container starts with a clean state. Second, when running Containers together in a Pod it is often necessary to share files between those Containers. The Kubernetes Volume abstraction solves both of these problems. + +emptyDir +An emptyDir volume is first created when a Pod is assigned to a Node, and exists as long as that Pod is running on that node. As the name says, it is initially empty. Containers in the Pod can all read and write the same files in the emptyDir volume, though that volume can be mounted at the same or different paths in each Container. When a Pod is removed from a node for any reason, the data in the emptyDir is deleted forever + +Lab + +# nginx-emptydir.yaml +apiVersion: v1 +kind: Pod +metadata: + name: nginx-emptydir +spec: + containers: + - name: nginx-container + image: nginx + volumeMounts: + - name: test-vol + mountPath: /test-mnt + volumes: + - name: test-vol + emptyDir: {} + + +******************************************************************* + +2. Create & Display Pod with emptyDir volume + + + +kubectl create -f nginx-emptydir.yaml + +kubectl get po -o wide + +kubectl exec nginx-emptydir df /test-mnt + +kubectl describe pod nginx-emptydir + + + +******************************************************************* + +3. Cleanup + + + +kubectl delete po nginx-emptydir + + + +hostPath +A hostPath volume mounts a file or directory from the host node's filesystem into your Pod. This is not something that most Pods will need, but it offers a powerful escape hatch for some applications. + +LAB + +# 1. HostPath YAML file + + +apiVersion: v1 +kind: Pod +metadata: + name: nginx-hostpath +spec: + containers: + - name: nginx-container + image: nginx + volumeMounts: + - mountPath: /test-mnt + name: test-vol + volumes: + - name: test-vol + hostPath: + path: /test-vol + + + + +******************************************************************* + +# 2. Create and Display HostPath + + + +kubectl create -f nginx-hostpath.yaml + +kubectl get po + +kubectl exec nginx-hostpath df /test-mnt + + + +******************************************************************* + +3. Test: Creating "test" file underlying host dir & accessing from from pod + + + +From HOST: + +~~~~~~~~~~ + +cd /test-vol + +echo "From Host" > from-host.txt + +cat from-host.txt + + + +From POD: + +~~~~~~~~ + +kubectl exec nginx-hostpath cat /test-mnt/from-host.txt + +4. Test: Creating "test" file inside the POD & accessing from underlying host dir + + + +From POD: + +~~~~~~~~~ + +kubectl exec nginx-hostpath -it -- /bin/sh + +cd /test-mnt + +echo "From Pod" > from-pod.txt + +cat from-pod.txt + + + +From Host: + +~~~~~~~~~~ + +cd /test-vol + +ls + +cat from-pod.txt + + + + + +******************************************************************* + +5. Clean up + + + +kubectl delete po nginx-hostpath + +kubectl get po + +ls /test-vol + + + +PersistentVolume (PV) +A PersistentVolume (PV) is a piece of storage in the cluster that has been provisioned by an administrator or dynamically provisioned using Storage Classes. It is a resource in the cluster just like a node is a cluster resource. PVs are volume plugins like Volumes, but have a lifecycle independent of any individual Pod that uses the PV. This API object captures the details of the implementation of the storage, be that NFS, iSCSI, or a cloud-provider-specific storage system. + +PersistentVolumeClaim (PVC) +A PersistentVolumeClaim (PVC) is a request for storage by a user. It is similar to a Pod. Pods consume node resources and PVCs consume PV resources. Pods can request specific levels of resources (CPU and Memory). Claims can request specific size and access modes (e.g., they can be mounted ReadWriteOnce, ReadOnlyMany or ReadWriteMany + +#pv.yaml +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv-hostpath + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/kube" + +#create pv with below command +kubectl create -f pv.yaml +--------------------------------------------- diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..558db0d --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,32 @@ +version: '2.2' + +services: + + elasticsearch: + image: docker.elastic.co/elasticsearch/elasticsearch:6.5.4 + container_name: elasticsearch + environment: + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + ulimits: + memlock: + soft: -1 + hard: -1 + volumes: + - esdata1:/usr/share/elasticsearch/data + ports: + - 9200:9200 + + kibana: + image: docker.elastic.co/kibana/kibana:6.5.4 + container_name: kibana + environment: + ELASTICSEARCH_URL: "http://elasticsearch:9200" + ports: + - 5601:5601 + depends_on: + - elasticsearch + +volumes: + esdata1: + driver: local \ No newline at end of file diff --git a/examplesplunk.txt b/examplesplunk.txt new file mode 100644 index 0000000..443eadd --- /dev/null +++ b/examplesplunk.txt @@ -0,0 +1 @@ +index="history"| stats count by student,maths,physics,chemistry,computer | fields - count | addtotals | addcoltotals \ No newline at end of file diff --git a/javaprogs/Testing/pom.xml b/javaprogs/Testing/pom.xml new file mode 100644 index 0000000..f86df56 --- /dev/null +++ b/javaprogs/Testing/pom.xml @@ -0,0 +1,15 @@ + + 4.0.0 + com.cognixia + Testing + 0.0.1-SNAPSHOT + + + junit + junit + 4.12 + test + + + + \ No newline at end of file diff --git a/javaprogs/Testing/src/test/java/com/cognixia/AllTests.java b/javaprogs/Testing/src/test/java/com/cognixia/AllTests.java new file mode 100644 index 0000000..09e2f39 --- /dev/null +++ b/javaprogs/Testing/src/test/java/com/cognixia/AllTests.java @@ -0,0 +1,11 @@ +package com.cognixia; + +import org.junit.runner.RunWith; +import org.junit.runners.Suite; +import org.junit.runners.Suite.SuiteClasses; + +@RunWith(Suite.class) +@SuiteClasses({ unitest.class, unitest2.class }) +public class AllTests { + +} diff --git a/javaprogs/Testing/src/test/java/com/cognixia/unitest.java b/javaprogs/Testing/src/test/java/com/cognixia/unitest.java new file mode 100644 index 0000000..3fe633e --- /dev/null +++ b/javaprogs/Testing/src/test/java/com/cognixia/unitest.java @@ -0,0 +1,27 @@ +package com.cognixia; + +import static org.junit.Assert.*; + +import org.junit.After; +import org.junit.Before; +import org.junit.Test; + +public class unitest { + + + @Test + public void test() { + int actual=1; + int exepected=1; + + assertEquals(actual,exepected); + } + + @Test + public void test1() { + int actual=1; + int exepected=2; + + assertEquals(actual,exepected); + } +} diff --git a/javaprogs/Testing/src/test/java/com/cognixia/unitest2.java b/javaprogs/Testing/src/test/java/com/cognixia/unitest2.java new file mode 100644 index 0000000..81fe862 --- /dev/null +++ b/javaprogs/Testing/src/test/java/com/cognixia/unitest2.java @@ -0,0 +1,28 @@ +package com.cognixia; + +import static org.junit.Assert.*; + +import org.junit.After; +import org.junit.Before; +import org.junit.Test; + +public class unitest2 { + + + + @Test + public void test() { + int actual=1; + int exepected=1; + + assertEquals(actual,exepected); + } + + @Test + public void test1() { + int actual=1; + int exepected=2; + + assertEquals(actual,exepected); + } +} diff --git a/javaprogs/Testing/target/classes/META-INF/MANIFEST.MF b/javaprogs/Testing/target/classes/META-INF/MANIFEST.MF new file mode 100644 index 0000000..d3d0978 --- /dev/null +++ b/javaprogs/Testing/target/classes/META-INF/MANIFEST.MF @@ -0,0 +1,5 @@ +Manifest-Version: 1.0 +Built-By: raman +Build-Jdk: 11.0.10 +Created-By: Maven Integration for Eclipse + diff --git a/javaprogs/Testing/target/classes/META-INF/maven/com.cognixia/Testing/pom.properties b/javaprogs/Testing/target/classes/META-INF/maven/com.cognixia/Testing/pom.properties new file mode 100644 index 0000000..930cd1b --- /dev/null +++ b/javaprogs/Testing/target/classes/META-INF/maven/com.cognixia/Testing/pom.properties @@ -0,0 +1,7 @@ +#Generated by Maven Integration for Eclipse +#Sat Mar 06 12:14:34 IST 2021 +m2e.projectLocation=E\:\\javaprogs\\Testing +m2e.projectName=Testing +groupId=com.cognixia +artifactId=Testing +version=0.0.1-SNAPSHOT diff --git a/javaprogs/Testing/target/classes/META-INF/maven/com.cognixia/Testing/pom.xml b/javaprogs/Testing/target/classes/META-INF/maven/com.cognixia/Testing/pom.xml new file mode 100644 index 0000000..f86df56 --- /dev/null +++ b/javaprogs/Testing/target/classes/META-INF/maven/com.cognixia/Testing/pom.xml @@ -0,0 +1,15 @@ + + 4.0.0 + com.cognixia + Testing + 0.0.1-SNAPSHOT + + + junit + junit + 4.12 + test + + + + \ No newline at end of file diff --git a/javaprogs/Testing/target/test-classes/com/cognixia/AllTests.class b/javaprogs/Testing/target/test-classes/com/cognixia/AllTests.class new file mode 100644 index 0000000..45fe03a Binary files /dev/null and b/javaprogs/Testing/target/test-classes/com/cognixia/AllTests.class differ diff --git a/javaprogs/Testing/target/test-classes/com/cognixia/unitest.class b/javaprogs/Testing/target/test-classes/com/cognixia/unitest.class new file mode 100644 index 0000000..706bba0 Binary files /dev/null and b/javaprogs/Testing/target/test-classes/com/cognixia/unitest.class differ diff --git a/javaprogs/Testing/target/test-classes/com/cognixia/unitest2.class b/javaprogs/Testing/target/test-classes/com/cognixia/unitest2.class new file mode 100644 index 0000000..d2f3503 Binary files /dev/null and b/javaprogs/Testing/target/test-classes/com/cognixia/unitest2.class differ diff --git a/javaprogs/mockito-example/pom.xml b/javaprogs/mockito-example/pom.xml new file mode 100644 index 0000000..7bf381a --- /dev/null +++ b/javaprogs/mockito-example/pom.xml @@ -0,0 +1,20 @@ + + 4.0.0 + com.raman + mockito-example + 0.0.1-SNAPSHOT + + + junit + junit + 4.12 + test + + + org.mockito + mockito-all + 1.10.19 + test + + + \ No newline at end of file diff --git a/javaprogs/mockito-example/src/main/java/com/raman/business/TodoBusinessImpl.java b/javaprogs/mockito-example/src/main/java/com/raman/business/TodoBusinessImpl.java new file mode 100644 index 0000000..0e91b9e --- /dev/null +++ b/javaprogs/mockito-example/src/main/java/com/raman/business/TodoBusinessImpl.java @@ -0,0 +1,25 @@ +package com.raman.business; + +import java.util.ArrayList; +import java.util.List; + +import com.raman.data.api.TodoService; + +public class TodoBusinessImpl { + private TodoService todoService; + + TodoBusinessImpl(TodoService todoService) { + this.todoService = todoService; + } + + public List retrieveTodosRelatedToSpring(String user) { + List filteredTodos = new ArrayList(); + List allTodos = todoService.retrieveTodos(user); + for (String todo : allTodos) { + if (todo.contains("Spring")) { + filteredTodos.add(todo); + } + } + return filteredTodos; + } +} \ No newline at end of file diff --git a/javaprogs/mockito-example/src/main/java/com/raman/data/api/TodoService.java b/javaprogs/mockito-example/src/main/java/com/raman/data/api/TodoService.java new file mode 100644 index 0000000..e017a9f --- /dev/null +++ b/javaprogs/mockito-example/src/main/java/com/raman/data/api/TodoService.java @@ -0,0 +1,7 @@ +package com.raman.data.api; + +import java.util.List; + +public interface TodoService { + public List retrieveTodos(String user); +} diff --git a/javaprogs/mockito-example/src/test/java/com/raman/FirstTest.java b/javaprogs/mockito-example/src/test/java/com/raman/FirstTest.java new file mode 100644 index 0000000..32f3963 --- /dev/null +++ b/javaprogs/mockito-example/src/test/java/com/raman/FirstTest.java @@ -0,0 +1,14 @@ +package com.raman; + +import static org.junit.Assert.*; + +import org.junit.Test; + +public class FirstTest { + + @Test + public void test() { + assertTrue(true); + } + +} diff --git a/javaprogs/mockito-example/src/test/java/com/raman/business/TodoBusinessImplStubTest.java b/javaprogs/mockito-example/src/test/java/com/raman/business/TodoBusinessImplStubTest.java new file mode 100644 index 0000000..c700ffa --- /dev/null +++ b/javaprogs/mockito-example/src/test/java/com/raman/business/TodoBusinessImplStubTest.java @@ -0,0 +1,37 @@ +package com.raman.business; + +import static org.junit.Assert.assertEquals; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +import java.util.Arrays; +import java.util.List; + +import org.junit.Test; + +import com.raman.data.api.TodoService; +import com.raman.data.stub.TodoServiceStub; + +public class TodoBusinessImplStubTest { + + @Test + public void test() { + TodoService todoService = new TodoServiceStub(); + TodoBusinessImpl todoBusinessImpl = new TodoBusinessImpl(todoService); + List todos = todoBusinessImpl + .retrieveTodosRelatedToSpring("dummy"); + assertEquals(2, todos.size()); + } + @Test + public void usingMockito() { + TodoService todoService = mock(TodoService.class); + List allTodos = Arrays.asList("Learn Spring MVC", + "Learn Spring", "Learn to Dance"); + when(todoService.retrieveTodos("dummy")).thenReturn(allTodos); + TodoBusinessImpl todoBusinessImpl = new TodoBusinessImpl(todoService); + List todos = todoBusinessImpl + .retrieveTodosRelatedToSpring("dummy"); + assertEquals(2, todos.size()); + } + +} diff --git a/javaprogs/mockito-example/src/test/java/com/raman/data/stub/TodoServiceStub.java b/javaprogs/mockito-example/src/test/java/com/raman/data/stub/TodoServiceStub.java new file mode 100644 index 0000000..8c5666f --- /dev/null +++ b/javaprogs/mockito-example/src/test/java/com/raman/data/stub/TodoServiceStub.java @@ -0,0 +1,13 @@ +package com.raman.data.stub; + +import java.util.Arrays; +import java.util.List; + +import com.raman.data.api.TodoService; + +public class TodoServiceStub implements TodoService { + public List retrieveTodos(String user) { + return Arrays.asList("Learn Spring MVC", "Learn Spring", + "Learn to Dance"); + } +} diff --git a/javaprogs/mockito-example/target/classes/META-INF/MANIFEST.MF b/javaprogs/mockito-example/target/classes/META-INF/MANIFEST.MF new file mode 100644 index 0000000..d3d0978 --- /dev/null +++ b/javaprogs/mockito-example/target/classes/META-INF/MANIFEST.MF @@ -0,0 +1,5 @@ +Manifest-Version: 1.0 +Built-By: raman +Build-Jdk: 11.0.10 +Created-By: Maven Integration for Eclipse + diff --git a/javaprogs/mockito-example/target/classes/META-INF/maven/com.raman/mockito-example/pom.properties b/javaprogs/mockito-example/target/classes/META-INF/maven/com.raman/mockito-example/pom.properties new file mode 100644 index 0000000..63829b8 --- /dev/null +++ b/javaprogs/mockito-example/target/classes/META-INF/maven/com.raman/mockito-example/pom.properties @@ -0,0 +1,7 @@ +#Generated by Maven Integration for Eclipse +#Fri Mar 05 21:01:59 IST 2021 +m2e.projectLocation=E\:\\javaprogs\\mockito-example +m2e.projectName=mockito-example +groupId=com.raman +artifactId=mockito-example +version=0.0.1-SNAPSHOT diff --git a/javaprogs/mockito-example/target/classes/META-INF/maven/com.raman/mockito-example/pom.xml b/javaprogs/mockito-example/target/classes/META-INF/maven/com.raman/mockito-example/pom.xml new file mode 100644 index 0000000..7bf381a --- /dev/null +++ b/javaprogs/mockito-example/target/classes/META-INF/maven/com.raman/mockito-example/pom.xml @@ -0,0 +1,20 @@ + + 4.0.0 + com.raman + mockito-example + 0.0.1-SNAPSHOT + + + junit + junit + 4.12 + test + + + org.mockito + mockito-all + 1.10.19 + test + + + \ No newline at end of file diff --git a/javaprogs/mockito-example/target/classes/com/raman/business/TodoBusinessImpl.class b/javaprogs/mockito-example/target/classes/com/raman/business/TodoBusinessImpl.class new file mode 100644 index 0000000..6e2ae1d Binary files /dev/null and b/javaprogs/mockito-example/target/classes/com/raman/business/TodoBusinessImpl.class differ diff --git a/javaprogs/mockito-example/target/classes/com/raman/data/api/TodoService.class b/javaprogs/mockito-example/target/classes/com/raman/data/api/TodoService.class new file mode 100644 index 0000000..78455a5 Binary files /dev/null and b/javaprogs/mockito-example/target/classes/com/raman/data/api/TodoService.class differ diff --git a/javaprogs/mockito-example/target/test-classes/com/raman/FirstTest.class b/javaprogs/mockito-example/target/test-classes/com/raman/FirstTest.class new file mode 100644 index 0000000..1695753 Binary files /dev/null and b/javaprogs/mockito-example/target/test-classes/com/raman/FirstTest.class differ diff --git a/javaprogs/mockito-example/target/test-classes/com/raman/business/TodoBusinessImplStubTest.class b/javaprogs/mockito-example/target/test-classes/com/raman/business/TodoBusinessImplStubTest.class new file mode 100644 index 0000000..5c0a827 Binary files /dev/null and b/javaprogs/mockito-example/target/test-classes/com/raman/business/TodoBusinessImplStubTest.class differ diff --git a/javaprogs/mockito-example/target/test-classes/com/raman/data/stub/TodoServiceStub.class b/javaprogs/mockito-example/target/test-classes/com/raman/data/stub/TodoServiceStub.class new file mode 100644 index 0000000..0e84eef Binary files /dev/null and b/javaprogs/mockito-example/target/test-classes/com/raman/data/stub/TodoServiceStub.class differ diff --git a/project.txt b/project.txt new file mode 100644 index 0000000..91e9f37 --- /dev/null +++ b/project.txt @@ -0,0 +1,29 @@ +A Banking System has a website which is developed in JAVA Spring Boot and hosted on TomCat Server with below configuration + +1. Application Name :- Banking Mortage App +2. Front End :- Java Spring Boot +3. Back End :- MySql +4. Process used :- Devops +5. Devops Tools used:- Git/Github,Maven,Selenium,Docker,Kubernetes,Ansible,Jenkins,Nagios + +Project Description + +Application Overview + Mortgage APP is used either by purchasers of real property to raise funds to buy real estate, or alternatively by existing property owners to raise funds for any purpose while putting a lien on the property being mortgaged. The loan is "secured" on the borrower's property through a process known as mortgage origination. + +DevOps Automation Process + + The DevOps process is used to maintain flow is all about agility and automation of the applicaiton life cycle. Each phase in the process focuses on closing the loop between development and operations and driving production through continuous development, integration, testing, monitoring and feedback, delivery, and deployment. + +Continuous development (Git and GitHub) + Git and Github is configured with Eclipse to each member of developement team so that they can maintiain the version control of source code and once the code is in the GitHub, then it is considered to be the latest copy of the code. GitHub repository is also used for creating different branches for different developers. + +Continuous Integration (Mave,docker,selenium,Jenkins,Ansible) + In this practice the Github applicaiton is webhooked with Jenkins and a CI pipeline is created which is in the form of Jenkins jobs, Application source code is automatically build with Maven and a docker container with the help of Dockerfile to configure test environment(install jdk8 and configure selenium script and ),as there are different testing environment like ubuntu,RedHat,Kali OS so these environments are configured with Ansible scripts so and the applicaiton's publish code is copied to Test webserver (docker container). + +Continuous Deployment(Jenkins,Kubernetes) + Once the testing is completed successfully ( checked with some parameters) then container images get created and kept in docker registry. These images are configured and running on webservers and dbservers with a Replication and Deployment policy with the help of Kubernetes. + +Continuous Monitoring(Nagios) + All the host servers are configured and applications are monitored with Nagios Continous Montioring and Operation team is notified whenever there is any issue either in infrastrcuter or on applicaiton point of view. + diff --git a/splunk installation.txt b/splunk installation.txt new file mode 100644 index 0000000..2b0a2f6 --- /dev/null +++ b/splunk installation.txt @@ -0,0 +1,10 @@ +-----Splunk Installation on Centos +1. wget -O splunk-8.1.2-545206cc9f70-Linux-x86_64.tgz 'https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=8.1.2&product=splunk&filename=splunk-8.1.2-545206cc9f70-Linux-x86_64.tgz&wget=true' +2. groupadd splunk +3. useradd -d /opt/splunk -m -g splunk splunk +4. tar -xvzf splunk-8.1.2-545206cc9f70-Linux-x86_64.tgz -C /opt +5. chown -R splunk: /opt/splunk +6. su - splunk +7. cd /opt/splunk/bin +8. ./splunk start --accept-license +9. localhost:8000 to access the splunk \ No newline at end of file diff --git a/test b/test new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/test @@ -0,0 +1 @@ + diff --git a/tutorialdata.zip b/tutorialdata.zip new file mode 100644 index 0000000..45767ae Binary files /dev/null and b/tutorialdata.zip differ