Git Product home page Git Product logo

nic's Introduction

Work-2024

Yeahh!! So finally we are here in 2024.... Let's documents our learnings on the go..

Index

  1. Keycloak and HAProxy
  2. IP Address
  3. Server Reboot
  4. Inventory files updation
  5. Public/Private Keys
  6. Architectural Diagrams
  7. Centralised Log Server (Rsyslog)
  8. Tomcat Installation
  9. VNC configuration.
  10. Netbox
  11. VPN configuration on VM.
  12. Podman Unshare
  13. Docker Private Registry
  14. Podman container with Php 8.2 version
  15. On-prem Infrastructure migration on Cloud

Case Studies

1. Keycloak and Haproxy local installation and update the version of Haproxy (from 1.8.31 to 2.0) without deleting the data.

  • Make a container on docker and run HAproxy on it, Same for the Keycloak.

Keycloak

  • is an open source software product to allow single sign-on with identity and access management aimed at modern applications and services.
  • Keycloak is the standalone tool for identity and access management, which allows us to create a user database with custom roles and groups.

HAproxy

  • HAProxy is a free and open source software that provides a high availability load balancer and Proxy for TCP and HTTP-based applications that spreads requests across multiple servers.

2. IP address detail list of Staging servers with the information.

3. Reboot a Server (Staging: 151)

  • Here we need to reboot a server of Staging environmeet with the specified IP addrees.

Steps:

  • Stop haproxy (systemctl stop haproxy)
  • Stop docker docker ps -a docker stop cont_name
  • Stop Tomcat kill all -a
  • Reboot: init -6

After doing this all:

  • Do up all the services: dcoker container, Tomcat and haproxy.

4. Updation of Inventry Files

5. Creation of Public and Private Keys

  • Make user as a root user using sudo -i command and run the command ssh-keygen.
  • This will generate Public/Private rsa key pair.

6. Centralised Log Server

image

7. Tomcat installation

  1. Download tomcat file

  2. Un-tar file

  3. Move file to usr/local/

    • image

  4. Set up two Tomcat servers and haproxy on VM1.

  5. Restart and check the running status Tomcat1 on port 8081.

  6. Restart and check the running status Tomcat2 on port 8082.

    • image

  7. Check if the Tomcat servers are generating logs.

    1. First go inside the tomcat2 and check the log files.
      • image
      • image

8. VNC Configuration

  • Virtual Network Computing (VNC) is a free tool that allows a client to connect to a server, and interact with the desktop of the remote machine. The server-side component listens for connections on TCP port 5900 by default.

  • Blog

  • Install tigerVNC

  • image

  • VNC password

  • image

  • Now start the VNC server using the vncserver command:

vncserver

  • image

  • You can get a list of all the currently running VNC sessions by typing:

vncserver -list

image

  • Kill
vncserver -kill :1

image

VPN configuration

sudo ./vpn_install.sh

12. Podman Unshare

  • Podman unshare is useful for troubleshooting unprivileged operations and for manually clearing storage and other data related to images and containers.
  • It is also useful to use the podman mount command. If an unprivileged user wants to mount and work with a container, then they need to execute podman unshare.

13. Docker Private Registry

  • A Docker private registry is a central place where you can store and manage your Docker images, similar to Docker Hub but within your own controlled environment. Here’s why you might want to use a Docker private registry:
  1. Security and Control
  • Sensitive Data: If your Docker images contain proprietary or sensitive data, using a private registry ensures that you have full control over who can access and push/pull these images.
  • Internal Use: For organizations, it’s often crucial to keep certain applications or microservices private. A private registry allows you to store these images securely within your network.
  1. Performance and Reliability
  • Local Network: Hosting a registry on your local network reduces latency, making it faster to pull images during deployment, especially in large clusters or CI/CD pipelines.
  • Reduced Dependency on External Services: By using a private registry, you’re not reliant on external services like Docker Hub, which could have outages or be subject to rate limits.
  1. Custom Policies and Integrations
  • Access Control: You can define custom access control policies tailored to your organization’s needs, ensuring that only authorized users or systems can interact with the registry.
  • Integration with CI/CD Pipelines: Private registries are often integrated into CI/CD pipelines to automate the process of building, testing, and deploying Docker images.
  1. Cost Efficiency
  • Avoid External Costs: If you’re pushing a large number of images or have a high rate of deployments, a private registry helps avoid potential costs associated with using a third-party service like Docker Hub.
  1. Custom Image Management
  • Image Retention Policies: You can implement policies to automatically clean up old or unused images, helping to manage storage efficiently.
  • Namespace and Tagging: Control how images are named, tagged, and organized, making it easier to manage multiple versions of images across different environments (e.g., development, staging, production).
  1. Compliance and Auditing
  • Auditing: A private registry allows you to track who accessed which images and when, providing valuable auditing capabilities for compliance with industry standards.
  • Regulatory Requirements: In regulated industries, data sovereignty is important. A private registry ensures that your Docker images are stored and managed in compliance with local regulations.
  1. Offline Deployments
  • Air-Gapped Environments: In environments where internet access is restricted (e.g., military, industrial, or isolated systems), a private registry allows you to maintain and deploy Docker images without needing external connectivity.
  1. Custom Feature Set
  • Custom Plugins or Middleware: A private registry can be extended with custom plugins or middleware to meet specific requirements, such as automated vulnerability scanning, custom logging, or integration with other internal tools. Summary In essence, a Docker private registry gives you full control over how Docker images are stored, accessed, and managed. This is particularly important for security, performance, compliance, and cost control in enterprise environments or when dealing with sensitive data.

14. Podman container with Php 8.2 version

  • In this task we have to create a VM with Ubuntu 20.04 install on it. Then we will setup Php 8.2 version and later will integrate with DB PostgreSQL.

15. On-prem Infrastructure migration on Cloud

  • Currently NIC have their on-prem infrastructure, and now the organisation migrating it's infra on Jio Cloud. So We need to migrate everything-- Applications and their servers.

    Things need to do for migration:

  • First of all we have to ctreate servers on Cloud and then migrate Tomcat instances of the application on Jio Cloud's servers.
  • Log Configuration files transfer: We need to update logs configuraion files of the staging servers to the Cloud servers in their rsyslog.conf file.
  • Need to creat repository on Cloud servers to save war files of staging servers.
  • Create CICD Jenkins pipelines
  • Zabbix setup for monitoring servers
  • Database connection configuration

Server Login

  1. Login to Jump server

  2. login to particular server

    image

  3. See the available content

    image

  4. Check the tomcat and wars.

    image

  5. Check available tomcats

    image

  6. Check logs and wars

image
  1. War details
image

nic's People

Contributors

akshaykumar05 avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.