Hackfi – Page 18

Create AWS ec2, alb with terraform – userdata

– Download terraform from https://www.terraform.io/downloads.html

unzip terraform_0.13.4_linux_amd64.zip
mv terraform /usr/bin/

– Setup and configure aws cli

– Create a file ec2.tf

provider "aws" {
  region = "ap-south-1"
}

resource "aws_key_pair" "ap-web-01" {
  key_name   = "ap-web-01"
  public_key = "YOUR_SSH_PUB_KEY"
}

resource "aws_instance" "ap-web-01" {
  ami = "ami-086c142842468ba9d"
  instance_type = "t4g.micro"
  key_name = "ap-web-01"
  security_groups = ["ap-web-01"]
  user_data = "${file("userdata.sh")}"

  tags = {
    Name = "ap-web-01"
    env = "prod"
    owner = "admin"
  }

}

resource "aws_security_group" "ap-web-01" {
  name        = "ap-web-01"
  description = "ap-web-01 inbound traffic"

  ingress {
    description = "all"
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "ap-web-01"
  }
}

alb.tf

#target group
resource "aws_lb_target_group" "web1-tg" {
  name     = "web1-tg"
  port     = 80
  protocol = "HTTP"
  vpc_id   = "vpc-01cf98f5afb156c90"
  target_type = "instance"
}

#target group attachment
resource "aws_lb_target_group_attachment" "web1-tg-attach" {
  target_group_arn = aws_lb_target_group.web1-tg.arn
  target_id        = aws_instance.ap-web-01.id
  port             = 80
}

#alb
resource "aws_lb" "web1-alb" {
  name               = "web1-alb"
  internal           = false
  load_balancer_type = "application"
  security_groups    = [aws_security_group.ap-web-01.id]
  subnets            = ["subnet-093a2ddfcb7bc30b1", "subnet-0475d9e26dfdc9d00", "subnet-0274975b4af3513ee"]

  tags = {
    Environment = "web1-alb"
  }
}

#alb-listner
resource "aws_lb_listener" "web1-alb-listner" {
  load_balancer_arn = aws_lb.web1-alb.arn
  port              = "80"
  protocol          = "HTTP"

  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.web1-tg.arn
  }
}

userdata.sh

#! /bin/bash
sudo apt-get update
sudo apt-get install -y nginx
sudo systemctl start nginx
sudo systemctl enable nginx
echo "<h1>hola Terraform</h1>" | sudo tee /var/www/html/index.html

terraform init
terraform plan
terraform apply -auto-approve

terraform destory

More : https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance

update jenkins timezone

There many ways to update jenkins timezone

Verify:

cat /etc/timezone
cat ls -ltr /etc/localtime
date

Centos/Redhat:

#update /etc/sysconfig/jenkins

#JENKINS_JAVA_OPTIONS="-Dorg.apache.commons.jelly.tags.fmt.timeZone=Asia/Calcutta"
#JENKINS_JAVA_OPTIONS="-Duser.timezone=Asia/Calcutta"

Debian/ubuntu :

#update /etc/default/jenkins

JAVA_ARGS="-Dorg.apache.commons.jelly.tags.fmt.timeZone=Asia/Calcutta"
JAVA_ARGS="-Duser.timezone=Asia/Calcutta"

Jenkins script console:


System.setProperty('user.timezone', 'Asia/Calcutta')
System.setProperty('org.apache.commons.jelly.tags.fmt.timeZone', 'Asia/Calcutta')

Check tcp port with BASH and CURL

WHY?
– If telnet command is not present on system
– Easy to use

BASH:

ECHO:

#1
echo > /dev/tcp/192.168.0.183/22

#2
echo > /dev/tcp/192.168.0.183/22 && echo "open"

#3
echo > /dev/tcp/192.168.0.183/22 && echo "open" || echo "close"

#4
(echo > /dev/tcp/192.168.0.183/22)  > /dev/null 2>&1 && echo "open" || echo "close"

CAT:

cat < /dev/tcp/192.168.0.183/22

CURL:

curl -v telnet://192.168.0.183:22

curl -v telnet://hackfi.initedit.com:80

Install metric server in kubernetes

WHY?
– Get node CPU/RAM usages
– Can create Horizontal Pod Autoscaler (HPA)
– Light weight

git clone https://github.com/kubernetes-sigs/metrics-server.git

Edit metrics-server/manifests/base/deployment.yaml and add below lines to args

args:
          - --cert-dir=/tmp
          - --secure-port=4443
          - --kubelet-preferred-address-types=InternalIP,Hostname,InternalDNS,ExternalDNS,ExternalIP
          - --kubelet-use-node-status-port #Deprecated metrics-server:v0.3.7
          - --kubelet-insecure-tls

kubectl apply -f metrics-server/manifests/base

To get node metrics run kubectl get top node

Jenkins skip stages using git branch name regex


def git_url = 'https://github.com/initedit/simple-storage-solution.git'
def git_branch = 'master'

pipeline
{
    agent
    {
        label 'master'
    }

    stages
    {
        stage('skip1')
        {
            when {
            expression {
                        echo git_branch
                        isDev = !(git_branch =~ /^dev*([a-zA-Z0-9]*)/)
                        return isDev
                       }
            }
            steps{
                   echo "if dev branch it will skip"
               }
        
        }
    }
}

Regex:
^dev*([a-zA-Z0-9]* = Start with dev
dev*([a-zA-Z0-9]* = contains dev

More : https://e.printstacktrace.blog/groovy-regular-expressions-the-definitive-guide/

Named pipe in linux

Why to use named pipe?
1. No data is written on disk while reading and writing file
2. Screen sharing
3. Higher read write IO

Screen sharing with named pipe

terminal-1

mkfifo /tmp/pipe1

terminal-1

script -f /tmp/pipe1

terminal-2

cat /tmp/pipe1

terminal-1 start typing the command it will be shown in terminal-2

Kubernetes get new join command for data plane/Worker node

on control plane(master) node

kubeadm token create --print-join-command

More : https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-join/

Jenkins pipeline timeout and buildDiscarder – best practice

1. Add timeout – To stop pipeline run in infinitely
2. Add build Discard – To stop build to consume disk space

pipeline 
{

    agent { label 'master' }

    options {
        buildDiscarder(logRotator(numToKeepStr: '5'))
        timeout(time: 10, unit: 'SECONDS')
        timestamps()
    }

    stages {
        stage('sleep'){
            steps {
                    sh '''
                    echo sleeping
                    sleep 60
                    '''
                }
            }        
        }
    }

Elastic APM monitoring for javascript app on kubernetes

1.apm-server.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: apm-deployment
  labels:
    app: apm-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: apm-deployment
  template:
    metadata:
      labels:
        app: apm-deployment
        env: prod
    spec: 
      containers:
        - name: apm-deployment
          image: "elastic/apm-server:7.9.0"
          imagePullPolicy: IfNotPresent
          env:
          - name: REGISTRY_STORAGE_DELETE_ENABLED
            value: "true"
          volumeMounts:
          - name: apm-server-config
            mountPath: /usr/share/apm-server/apm-server.yml
            subPath: apm-server.yml    
          ports:
            - containerPort: 8200
      volumes:
        - name: apm-server-config
          configMap:
            name: apm-server-config


---
kind: Service
apiVersion: v1
metadata:
  name: apm-deployment-svc
  labels:
    app: apm-deployment-svc
spec:
  type: NodePort
  ports:
    - name: http
      port: 8200
      protocol: TCP
      nodePort: 30010
  selector:
    app: apm-deployment

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: apm-server-config
  labels:
    app: apm-server
data:
  apm-server.yml: |-
    apm-server:
      host: "0.0.0.0:8200"
      rum:
        enabled: true  
    output.elasticsearch:
      hosts: elasticsearch-service:9200

Note:
1. Replace elasticsearch host as per your config
2. Only RUM js module is enabled

2. Add below code to your js file which is called in everyfile for eg. index.html

<script src="elastic-apm-rum.umd.min.js" crossorigin></script>
<script>
  elasticApm.init({
    serviceName: 'test-app1',
    serverUrl: 'http://192.168.0.183:30010',
  })
</script>

<body>
    This is test-app1
</body>

Note:
1. Replace serverUrl
2. Download elastic-apm-rum.umd.min.js from github

3. Kibana dashboard for APM

We can also monitor other languages apps performance

Simple cicd pipeline in Gitlab with runner

1.Install gitlab runner on centos7

wget https://gitlab-runner-downloads.s3.amazonaws.com/latest/rpm/gitlab-runner_amd64.rpm

rpm -ivh gitlab-runner_amd64.rpm

systemctl status gitlab-runner

More : https://docs.gitlab.com/runner/install/

2.Get Gitlab URL and token for runner

https://gitlab.com/<username>/<project_name> > setting > CI / CD > Runners

Note: This token has been revoked. you will have different token

3.Register Runner with gitlab-runner register command as below

4.Create .gitlab-ci.yml in your gitproject root directory

stage1:
  tags:
  - ci
  script:
    - echo stage 1

stage2:
  tags:
  - ci
  script:
    - echo stage 2

tags: it’s should be same as we used in runner registration