my techdirt: automation

Showing posts with label automation. Show all posts

Friday, February 10, 2023

Static IP address for a VM on k8s via kube-virt

KubeVirt is an open-source project that allows you to run virtual machines (VMs) on top of Kubernetes. If you want to assign a static IP to a VM running in KubeVirt, you will need to configure the network settings for the VM.

You might be familiar with metallb loadbalancer on k8s. You create an ip pool or multiple ip pools and when a service requests an IP, It will auto assign the IP.

Similarly you create an ip pool here an ip pool, when you create VMs, They will automatically get one IP with kube virt.

Here are the steps to assign a static IP to a VM in KubeVirt:

Create a Network Attachment Definition (NAD) that specifies the static IP address you want to assign to the VM. For example:

apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
  name: my-static-ip-network
spec:
  config: '{
      "cniVersion": "0.3.0",
      "name": "my-static-ip-network",
      "type": "ipvlan",
      "ipam": {
          "type": "host-local",
          "subnet": "10.244.0.0/16",
          "routes": [
              { "dst": "0.0.0.0/0" }
          ],
          "ranges": [
              [
                  {
                      "subnet": "10.244.0.0/24",
                      "gateway": "10.244.0.1"
                  }
              ]
          ],
          "config": [
              {
                  "subnet": "10.244.0.0/24",
                  "gateway": "10.244.0.1",
                  "ipMasq": true
              }
          ]
      }
  }'

       2. Apply the NAD to your Kubernetes cluster using kubectl apply:

kubectl apply -f my-static-ip-network.yaml

      3. Update your VM definition to use the NAD. This can be done by adding a network section to the spec section of your VM definition. For example:

apiVersion: kubevirt.io/v1alpha3
kind: VirtualMachine
metadata:
  name: my-vm
spec:
  running: false
  template:
    metadata:
      labels:
        kubevirt.io/vm: my-vm
    spec:
      domains:
        - type: kvm
          resources:
            requests:
              memory: 64M
          devices:
            interfaces:
            - name: eth0
              bridge: {}
              network: my-static-ip-network
              model: virtio
              macAddress: "52:54:00:12:34:56"

   4. Apply the updated VM definition to your Kubernetes cluster using kubectl apply:

kubectl apply -f my-vm.yaml

Once the VM is started, it should be assigned the static IP address specified in the NAD. You can verify this by checking the IP address of the VM from within the VM or by using kubectl get pod to inspect the network configuration of the pod that represents the VM in Kubernetes.

Tuesday, March 2, 2021

Redis server tuning

TLDR, Here are some of the performance tuning settings for my giant redis on ubuntu 18.

1. tcp-keepalive 0 at /etc/redis/redis.conf

2. sysctl -w net.core.somaxconn=65365 at /etc/rc.local

3. echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf

4. uncomment the following lines at (if you are using redis in clustering mode) /etc/redis/redis.conf
save 300 10
save 300 10
save 60 10000

rdbcompression no
rdbchecksum no

appendonly no

5. Add the following line echo never > /sys/kernel/mm/transparent_hugepage/enabled to /etc/rc.local before exit 0

6. config set timeout 300

7. config set loglevel notice

8. config set maxmemory-policy volatile-lru

9. config set maxmemory 491000MB

6-8 are run after you enter redis-cli command line by running redis-cli and to know more about what these are go here.

Thursday, April 26, 2018

Get set powercli 10

So Powercli 10 is out and powercli 6.5.3+ can only be availed via powershell gallery. Here is what you need to do. I assume that you are one of those who are using windows 10.

Close all commandline windows; cmd, powershell, powercli etc.,
Run powershell (not ISE, just powershell) as administrator
Run the following command in your powershell
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Accept or click yes to all and close the powershell window.
Now do the step (1 and )2 again.
Run the following to get your powercli 10 installed. Just accept whatever prompt it gives that is choose Y for yes and A for all.
Install-Module -Name VMware.PowerCLI
Now run the following.
Import-Module VMware.VimAutomation.Core
The following will opt you out from the customer experience program.
Set-PowerCLIConfiguration -Scope AllUsers -ParticipateInCEIP $false
If you wish to opt in then you can change the $false to $true. Here I am using the scope as allusers to make sure all users have this setting.
Now let us set the powercli to ignore the unsigned user certificate error warnings.
Set-PowerCLIConfiguration -InvalidCertificateAction ignore -Scope AllUsers -Confirm:$false

Now you are good to user the powercli as you are used to.

Saturday, April 7, 2018

Ansible or Chef ? and Why?

First of all why do you need anything like ansible/chef/puppet/salt which can mainly be classified as configuration management and automation tools.
These are today's devops needs of an IT firm. You want to deploy, configure or manage the configuration of many machines across different platforms (local or cloud) then you need one.
So you have 2 types of CMT (configuration management tools).

ANSIBLE
========

You want/need it to be agentless
So if your targets are majorly devices and not operating systems or applications then you need this. If you are managing hardware routers , switches or devices where you can have an SSH connection but you cannot install any specific package in it to manage. You can't install your own package or an agent into a cisco nexus switch or any other switch of any other company. The vendors usually have a strict lock on what can be installed on these devices for security reasons. Ansible is most and best known for network automation for this same reason.
Most of your infrastructure is mainly opensource/linux based.
All ansible requires is SSH and linux systems are mainly managed via ssh.
You like bash or python
Ansible uses python and python 2.x is present by default on your gnu/linux machines.
You are adventurous and do not mind coming up with your modules (write your own playbook)

CHEF

=====

The need of an agent being present at the target machine/component to be managed isn't a bother.
you want to manage windows, linux, mac seamlessly
you like/know ruby more than you bash/shell/python
you need a more mature product and better documentation
Larger community (which translates to having more ready made modules available for common IT configuration management)

Currently I am fiddling with chef and I am digging it.

Wednesday, April 4, 2018

Deploying instances on gcp (google cloud platform) via powershell

This is that time. That time where I put my hands inside the gcp cookie jar and try to see what I find.
Make sure you have done this https://www.cloudishes.com/2018/04/setting-up-your-machine-for-gcp-google.html first though.
You also have to log into your gcp and enable google compute API. I think is a nice touch by gcp. You decide which of your services should have API access and which shouldnt. May be you can have some people or applications have API access and some don't. In this way you can get this configured. More on that later. May be... Below is a screen grab of my API board.

and ya...wait for a while btw after this, otherwise you will get this.

Add-GceInstance : Google.Apis.Requests.RequestError
Access Not Configured. Compute Engine API has not been used in project 1234567 before or it is disabled. Enable it by visiting 
https://console.developers.google.com/apis/api/compute.googleapis.com/overview?project=1234567 then retry. If you enabled this API 
recently, wait a few minutes for the action to propagate to our systems and retry. [403]
Errors [
 Message[Access Not Configured. Compute Engine API has not been used in project 1234567 before or it is disabled. Enable it by visiting 
https://console.developers.google.com/apis/api/compute.googleapis.com/overview?project=1234567 then retry. If you enabled this API 
recently, wait a few minutes for the action to propagate to our systems and retry.] Location[ - ] Reason[accessNotConfigured] 
Domain[usageLimits]
]
At line:16 char:20
+ ... ta_Config | Add-GceInstance -Project $project -Zone $zone -Region $re ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Add-GceInstance], GoogleApiException
    + FullyQualifiedErrorId : Google.GoogleApiException,Google.PowerShell.ComputeEngine.AddGceInstanceCmdlet

Now let us list out the images that we have there first. We want to deploy a tiny one first since I can't afford to pay for games, cloud costs :|.

PS C:\WINDOWS\system32> Get-GceImage | select Family

Family                          
------                          
centos-6                        
centos-7                        
coreos-alpha                    
coreos-beta                     
coreos-stable                   
debian-8                        
debian-9                        
debian-8                        
debian-9                        
rhel-6                          
rhel-7                          
sles-11                         
sles-12                         
ubuntu-1404-lts                 
ubuntu-1604-lts                 
ubuntu-1710                     
windows-1709-core-for-containers
windows-1709-core               
windows-2008-r2                 
windows-2012-r2-core            
windows-2012-r2                 
windows-2016-core               
windows-2016                    
sql-ent-2012-win-2012-r2        
sql-std-2012-win-2012-r2        
sql-web-2012-win-2012-r2        
sql-ent-2014-win-2012-r2        
sql-ent-2014-win-2016           
sql-std-2014-win-2012-r2        
sql-web-2014-win-2012-r2        
sql-ent-2016-win-2012-r2        
sql-ent-2016-win-2016           
sql-std-2016-win-2012-r2        
sql-std-2016-win-2016           
sql-web-2016-win-2012-r2        
sql-web-2016-win-2016           
sql-ent-2017-win-2016           
sql-exp-2017-win-2012-r2        
sql-exp-2017-win-2016           
sql-std-2017-win-2016           
sql-web-2017-win-2016

Let us select the one which is highlighted.
I also needed to choose a zone and a region associated with that. Check this out.
https://cloud.google.com/compute/docs/regions-zones/

$vm_name = 'ubuntuDummy' # name of the instance
$machine_type = 'Linux' # Description of the instance
$project = 'dummies' # name of my project which i created from the gcp console

# go here https://cloud.google.com/compute/docs/regions-zones/ and choose
$zone = 'us-east1-b' 
$region = 'us-east1'

# choosing an image from the list of google images
$myImage = Get-GceImage | where Family -Match 'ubuntu-1404-lts'
# create a configuration for our instance
$my_insta_Config = New-GceInstanceConfig $vm_name -MachineType $machine_type -DiskImage $myImage -Region $region

# deploy our instance
$my_insta_Config | Add-GceInstance -Project $project -Zone $zone -Region $region

Good luck.

Resources:
https://cloud.google.com/compute/docs/regions-zones/
https://support.google.com/cloud/answer/6158841?hl=en
http://googlecloudplatform.github.io/google-cloud-powershell/#/

Monday, April 2, 2018

Setting up your machine for GCP (google cloud platform) with powershell, python and gcloud cli

So I wanted to setup my google cloud platform (gcp) on my desktop. I meant to say I wanted to be able to connect to gcp via powershell, python and gcloud cli. Apparently it seems the competition between google, amazon and microsoft is benefiting us. They have made it easier than ever. I was however disappointed that you cannot get this to work in a virtual environment if you are on windows. Sad face :(.
It is fairly straight forward.

launch your command prompt as administrator
Download and install gcloud SDK from here.
Once the installation is complete run gcloud init (it was preselected for me) to setup the credentials.
Now let us say yes and a browser opens up asking you for confirmation.

I just clicked on allow.
I had a dummy project created. It gives you an option to create a project too if you don't have one created yet.
I chose 1 and now i can interact with that project with gcloud sdk with the weapon of my choice; python, powershell or gcloud cli.

Now I have my playground ready. So let me play. I will try to update here about my endeavors as much as possible.

Sunday, April 1, 2018

Deploying ubuntu linux VM on Azure via cloud azure cli or powershell

So it is quite interesting. Unlike my previous posts if you don't want to setup your machine for azure by download either python or powershell sdk or any cli locally then there is a quicker and better way.
Here is exactly what it takes to deploy a VM on azure.

Create an azure account if you haven't already with pay as you go model https://signup.azure.com/ you pay for what you use. so no worried. Use it like a lab, where you delete stuff once you are done.
Launch the online azure cli. You can either use powershell or bash. Whichever you love. https://shell.azure.com/?prompt=True
So first I want to create a resource group.

az group create -n linuxVms -l westus

This btw is azure cli, not azure powershell syntax. Here I am creating a group callled linuxVms and the location of that is at the west us datacenter of azure.
4. Now let us deploy a llinux vm from an ubuntu image

az vm create -g linuxVms -n dummyUbuntu -i UbuntuLTS --generate-ssh-keys

So we are creating a VM and the
image is UbuntuLTS
VM name is dummyUbuntu
group name is linuxVms
You are done! :)

Saturday, March 31, 2018

Setting up powershell for microsoft azure cloud

So it is that time of the day, actually night, actually morning 2:15am where I felt like trying out of azure. I most prefer to learn by seeing and doing but i like my words, thank you very much. The way you do with words (command prompt, script, automation) remains same, similar and sometimes identical forever but GUI keeps changing.
Run your powershell 5, 6 or ISE, whichever you like; even your visual studio code if it is configured with powershell.
Install-Module -Name AzureRM -AllowClobber

I also suggest you to go ahead and get the cli tool for powershell from here
close all the powershell windows.
launch the powershell as administrator and enable execution of script by running the following.
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Now we want to get the azure credentials.

Get-AzurePublishSettingsFile

It takes you to the azure portal where you can select the payment model, validate and for that you get to download publish settings.
Now we will import them using the downloaded file and delete that file. Once imported that file is no more needed (for security reasons).

PS C:\Users\<username>> Import-AzurePublishSettingsFile 'C:\Users\<username>\Documents\azure\Windows Azure MSDN - 1_4_2018, 04_43_29 - credentials.publishsettings'

Id                                   Name          State ExtendedProperties                        
--                                   ----          ----- ------------------                        
f6ec6bf5-7459-46f5-a274-5a44c60fef0a Pay-As-You-Go       {[Account, 411690FA9A067441A00E1DDBECD7...

Now let us whether it worked by trying to list all the azure environments.

PS C:\Users\<username> Get-AzureEnvironment


Name                                     : AzureGermanCloud
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.cloudapi.de/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : http://portal.microsoftazure.de/
ServiceManagementUrl                     : https://management.core.cloudapi.de/
PublishSettingsFileUrl                   : https://manage.microsoftazure.de/publishsettings/index
ResourceManagerUrl                       : https://management.microsoftazure.de/
SqlDatabaseDnsSuffix                     : .database.cloudapi.de
StorageEndpointSuffix                    : core.cloudapi.de
ActiveDirectoryAuthority                 : https://login.microsoftonline.de/
GraphUrl                                 : https://graph.cloudapi.de/
TrafficManagerDnsSuffix                  : azuretrafficmanager.de
AzureKeyVaultDnsSuffix                   : vault.microsoftazure.de
AzureKeyVaultServiceEndpointResourceId   : https://vault.microsoftazure.de

Name                                     : AzureCloud
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.windows.net/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : http://go.microsoft.com/fwlink/?LinkId=254433
ServiceManagementUrl                     : https://management.core.windows.net/
PublishSettingsFileUrl                   : http://go.microsoft.com/fwlink/?LinkID=301775
ResourceManagerUrl                       : https://management.azure.com/
SqlDatabaseDnsSuffix                     : .database.windows.net
StorageEndpointSuffix                    : core.windows.net
ActiveDirectoryAuthority                 : https://login.microsoftonline.com/
GraphUrl                                 : https://graph.windows.net/
TrafficManagerDnsSuffix                  : trafficmanager.net
AzureKeyVaultDnsSuffix                   : vault.azure.net
AzureKeyVaultServiceEndpointResourceId   : https://vault.azure.net

Name                                     : AzureUSGovernment
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.usgovcloudapi.net/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : https://manage.windowsazure.us
ServiceManagementUrl                     : https://management.core.usgovcloudapi.net/
PublishSettingsFileUrl                   : https://manage.windowsazure.us/publishsettings/index
ResourceManagerUrl                       : https://management.usgovcloudapi.net/
SqlDatabaseDnsSuffix                     : .database.usgovcloudapi.net
StorageEndpointSuffix                    : core.usgovcloudapi.net
ActiveDirectoryAuthority                 : https://login.microsoftonline.us/
GraphUrl                                 : https://graph.windows.net/
TrafficManagerDnsSuffix                  : usgovtrafficmanager.net
AzureKeyVaultDnsSuffix                   : vault.usgovcloudapi.net
AzureKeyVaultServiceEndpointResourceId   : https://vault.usgovcloudapi.net

Name                                     : AzureChinaCloud
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.chinacloudapi.cn/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : http://go.microsoft.com/fwlink/?LinkId=301902
ServiceManagementUrl                     : https://management.core.chinacloudapi.cn/
PublishSettingsFileUrl                   : http://go.microsoft.com/fwlink/?LinkID=301776
ResourceManagerUrl                       : https://management.chinacloudapi.cn/
SqlDatabaseDnsSuffix                     : .database.chinacloudapi.cn
StorageEndpointSuffix                    : core.chinacloudapi.cn
ActiveDirectoryAuthority                 : https://login.chinacloudapi.cn/
GraphUrl                                 : https://graph.chinacloudapi.cn/
TrafficManagerDnsSuffix                  : trafficmanager.cn
AzureKeyVaultDnsSuffix                   : vault.azure.cn
AzureKeyVaultServiceEndpointResourceId   : https://vault.azure.cn

and yes it did.

Setting up powershell with AWS

Okay,
So I needed to setup my new powershell 6 with AWS. Didn't want to enter the credentials and all.
Install-Module -Name AWSPowerShell
Run this on your powershell 5 and/or 6 and you will have your aws tools for powershell ready to go.
Also run
notepad $profile
on powershell 5, powershell ISE, powershell 6 and copy paste the following, save them.
Import-Module AWSPowerShell
Also, if you want to be able to run scripts on your system then enable it toot by doing
Set-ExecutionPolicy RemoteSigned
Close all of your powershell windows now, launch powershell and run the following
Get-AWSPowerShellVersion -ListServiceVersionInfo
and you should get

PS C:\WINDOWS\system32> Get-AWSPowerShellVersion -ListServiceVersionInfo

AWS Tools for Windows PowerShell
Version 3.3.208.0
Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.

Amazon Web Services SDK for .NET
Core Runtime Version 3.3.21.2
Copyright 2009-2015 Amazon.com, Inc. or its affiliates. All Rights Reserved.

Release notes: https://aws.amazon.com/releasenotes/PowerShell

This software includes third party software subject to the following copyrights:
- Logging from log4net, Apache License
[http://logging.apache.org/log4net/license.html]


Service                               Noun Prefix API Version
-------                               ----------- -----------
AWS AppStream                         APS         2016-12-01 
AWS AppSync                           ASYN        2017-07-25 
AWS Batch                             BAT         2016-08-10 
AWS Budgets                           BGT         2016-10-20 
AWS Certificate Manager               ACM         2015-12-08 
AWS Cloud Directory                   CDIR        2016-05-10 
AWS Cloud HSM                         HSM         2014-05-30 
AWS Cloud HSM V2                      HSM2        2017-04-28 
AWS Cloud9                            C9          2017-09-23 
AWS CloudFormation                    CFN         2010-05-15 
AWS CloudTrail                        CT          2013-11-01 
AWS CodeBuild                         CB          2016-10-06 
AWS CodeCommit                        CC          2015-04-13 
AWS CodeDeploy                        CD          2014-10-06 
AWS CodePipeline                      CP          2015-07-09 
AWS CodeStar                          CST         2017-04-19 
AWS Config                            CFG         2014-11-12 
AWS Cost Explorer                     CE          2017-10-25 
AWS Cost and Usage Report             CUR         2017-01-06 
AWS Data Pipeline                     DP          2012-10-29 
AWS Database Migration Service        DMS         2016-01-01 
AWS Device Farm                       DF          2015-06-23 
AWS Direct Connect                    DC          2012-10-25 
AWS Directory Service                 DS          2015-04-16 
AWS Elastic Beanstalk                 EB          2010-12-01 
AWS Elemental MediaConvert            EMC         2017-08-29 
AWS Elemental MediaLive               EML         2017-10-14 
AWS Elemental MediaPackage            EMP         2017-10-12 
AWS Elemental MediaStore              EMS         2017-09-01 
AWS Elemental MediaStore Data Plane   EMSD        2017-09-01 
AWS Greengrass                        GG          2017-06-07 
AWS Health                            HLTH        2016-08-04 
AWS Identity and Access Management    IAM         2010-05-08 
AWS Import/Export                     IE          2010-06-01 
AWS Import/Export Snowball            SNOW        2016-06-30 
AWS IoT                               IOT         2015-05-28 
AWS IoT Jobs Data Plane               IOTJ        2017-09-29 
AWS Key Management Service            KMS         2014-11-01 
AWS Lambda                            LM          2015-03-31 
AWS Marketplace Commerce Analytics    MCA         2015-07-01 
AWS Marketplace Entitlement Service   MES         2017-01-11 
AWS Marketplace Metering              MM          2016-01-14 
AWS Migration Hub                     MH          2017-05-31 
AWS OpsWorks                          OPS         2013-02-18 
AWS OpsWorksCM                        OWCM        2016-11-01 
AWS Organizations                     ORG         2016-11-28 
AWS Price List Service                PLS         2017-10-15 
AWS Resource Groups                   RG          2017-11-27 
AWS Resource Groups Tagging API       RGT         2017-01-26 
AWS Security Token Service            STS         2011-06-15 
AWS Serverless Application Repository SAR         2017-09-08 
AWS Service Catalog                   SC          2015-12-10 
AWS Shield                            SHLD        2016-06-02 
AWS Storage Gateway                   SG          2013-06-30 
AWS Support API                       ASA         2013-04-15 
AWS WAF                               WAF         2015-08-24 
AWS WAF Regional                      WAFR        2016-11-28 
AWS X-Ray                             XR          2016-04-12 
Alexa For Business                    ALXB        2017-11-09 
Amazon API Gateway                    AG          2015-07-09 
Amazon Athena                         ATH         2017-05-18 
Amazon CloudFront                     CF          2017-03-25 
Amazon CloudSearch                    CS          2013-01-01 
Amazon CloudSearchDomain              CSD         2013-01-01 
Amazon CloudWatch                     CW          2010-08-01 
Amazon CloudWatch Events              CWE         2015-10-07 
Amazon CloudWatch Logs                CWL         2014-03-28 
Amazon Cognito Identity               CGI         2014-06-30 
Amazon Cognito Identity Provider      CGIP        2016-04-18 
Amazon Comprehend                     COMP        2017-11-27 
Amazon DynamoDB                       DDB         2012-08-10 
Amazon DynamoDB Accelerator (DAX)     DAX         2017-04-19 
Amazon EC2 Container Registry         ECR         2015-09-21 
Amazon EC2 Container Service          ECS         2014-11-13 
Amazon ElastiCache                    EC          2015-02-02 
Amazon Elastic Compute Cloud          EC2         2016-11-15 
Amazon Elastic File System            EFS         2015-02-01 
Amazon Elastic MapReduce              EMR         2009-03-31 
Amazon Elastic Transcoder             ETS         2012-09-25 
Amazon Elasticsearch                  ES          2015-01-01 
Amazon GameLift Service               GML         2015-10-01 
Amazon GuardDuty                      GD          2017-11-28 
Amazon Inspector                      INS         2016-02-16 
Amazon Kinesis                        KIN         2013-12-02 
Amazon Kinesis Analytics              KINA        2015-08-14 
Amazon Kinesis Firehose               KINF        2015-08-04 
Amazon Kinesis Video Streams          KV          2017-09-30 
Amazon Kinesis Video Streams Media    KVM         2017-09-30 
Amazon Lex                            LEX         2016-11-28 
Amazon Lex Model Building Service     LMB         2017-04-19 
Amazon Lightsail                      LS          2016-11-28 
Amazon MQ                             MQ          2017-11-27 
Amazon MTurk Service                  MTR         2017-01-17 
Amazon Machine Learning               ML          2014-12-12 
Amazon Pinpoint                       PIN         2016-12-01 
Amazon Polly                          POL         2016-06-10 
Amazon Redshift                       RS          2012-12-01 
Amazon Rekognition                    REK         2016-06-27 
Amazon Relational Database Service    RDS         2014-10-31 
Amazon Route 53                       R53         2013-04-01 
Amazon Route 53 Domains               R53D        2014-05-15 
Amazon SageMaker Runtime              SMR         2017-05-13 
Amazon SageMaker Service              SM          2017-07-24 
Amazon Server Migration Service       SMS         2016-10-24 
Amazon Simple Email Service           SES         2010-12-01 
Amazon Simple Notification Service    SNS         2010-03-31 
Amazon Simple Queue Service           SQS         2012-11-05 
Amazon Simple Storage Service         S3          2006-03-01 
Amazon Simple Systems Management      SSM         2014-11-06 
Amazon Step Functions                 SFN         2016-11-23 
Amazon Translate                      TRN         2017-07-01 
Amazon WorkDocs                       WD          2016-05-01 
Amazon WorkSpaces                     WKS         2015-04-08 
Application Auto Scaling              AAS         2016-02-06 
Application Discovery Service         ADS         2015-11-01 
Auto Scaling                          AS          2011-01-01 
Elastic Load Balancing                ELB         2012-06-01 
Elastic Load Balancing V2             ELB2        2015-12-01 

PS C:\WINDOWS\system32>

So this means we have the AWS module working. but we want to be able to get this working but we want to set it in a way where it won't ask for credentials so that we can use provisioning tools like vagrant, ansible or chef.
Now we have to create a profile and set aws access to that so that we can perform activities without credentials.

$accessKey = 'ADFASGALKJCUIERHL' # fake example
$secretKey = 'SADFDSGDFH5d6+1P2pmIGW8fdkekdfsneujK14u' # fake example
$profileName = 'myProfileName' # fake example
Set-AWSCredential -AccessKey $accessKey -SecretKey $secretKey -StoreAs $profileName

So now the profile has our credentials stored. Let us now set a default region as Asia Pacific (Singapore)

Initialize-AWSDefaultConfiguration -ProfileName $profileName -Region ap-southeast-1

So we are all done. We can provision stuff from from AWS powershell with ease.

PS C:\WINDOWS\system32> Get-AWSRegion


Region         Name                      IsShellDefault
------         ----                      --------------
ap-northeast-1 Asia Pacific (Tokyo)      False         
ap-northeast-2 Asia Pacific (Seoul)      False         
ap-south-1     Asia Pacific (Mumbai)     False         
ap-southeast-1 Asia Pacific (Singapore)  True          
ap-southeast-2 Asia Pacific (Sydney)     False         
ca-central-1   Canada (Central)          False         
eu-central-1   EU Central (Frankfurt)    False         
eu-west-1      EU West (Ireland)         False         
eu-west-2      EU West (London)          False         
sa-east-1      South America (Sao Paulo) False         
us-east-1      US East (Virginia)        False         
us-east-2      US East (Ohio)            False         
us-west-1      US West (N. California)   False         
us-west-2      US West (Oregon)          False

As you can see currently I have sen my default region as singapore.
Note: Powershell 6 somehow isn't playing well yet. May be in future it will. Everything howerver worked great with powershell 5.

Friday, March 30, 2018

Common Intelligence (sense) Vs Artificial Intelligence

Recently I have started to realize that companies like google, amazon, microsoft who are betting on AI are ignoring common sense and common intelligence over AI. I have just aggregated a very few points to back my statement.
How did AWS came up? by being it's own guinea pig, by solving their own problem and later offering that solution to others who might need it. How did google came up? Some geeks wanted to solve their problem of indexing and searching content online and then later they offered it to others too. How did Microsoft came up? Well I can go on and on. When companies get big they start ignoring problems or areas of improvement not because they are insignificant but they are too big or on the top most floor to see what is on the ground. They have reached the eagle's height but an eagle can see a snake or rat crawling through the rocks but humans don't. Okay let me list out why I think companies are neglecting common sense/intelligence over AI and AI will take ages to even recognize the things that I am going to mention as problems before it can solve them.

Google latest, greatest pixel 2 xl takes few MINUTES to connect to my bose bluetooth device because it is 4th in the list of 5 devices which are listed under the recently connected (but not present) devices. So android tries to connect first to the most often connected that is my 2nd device in the list (sony wh1000xm2). So I have to manually select the device and even that sums up to a minute or more. The great part is they don't have a headphone jack. When you are trying to replace product A with product B (in this case wired audio devices with wireless) then B should be as good as A and more and only then you should replace it. An audio jack takes seconds for me to get the audio out but an advanced bluetooth (latest bluetooth version too) takes minutes for me to enjoy the music.
Anyone with common sense and some coding skills could change this. If an iphone costing 1/3rd of the latest google android can do it then why not google?
None of my (bluetooth) devices which are paired to microsoft windows 10 (laptop and desktop) will not work with any other device unless I manually remove them from windows 10 first or go out of range from these windows 10 devices.
Once again high marks to apple mac OS for not being jerk in this regard.
It seems google and microsoft wants us to buy multiple bluetooth/wireless earphones/headphones and use them exclusively with just one device only.
When I do control+F to find a string in excel or word or any other office document it is a common sense that the search window should not block/hide the search result.
When I do ctrl+F to search something on multi monitor setup the search window appears on the 3rd monitor while my document is on the 1st window. How lame microsoft! come on.
All of these companies have support centers where people talk to customers and solve their issues. None of them currently have bothered to use their AI/speech recognition to listen to these calls for QA. why? If they do then they can offer this solution to almost all the companies in the world who have support centers. Just let the clients store their audio files on their cloud, charge for their storage and offer free analysis.
All the icons and menus are currently distributed on top and bottom for all apps and mobile OS. They want you to use both of your hands. I understand that it is a simple psychology trick. If you are using just one hand to use your iphone/android then your other hand might have something else and your attention is divided and you have only 50% chance that you might leave your phone and switch to what is there in your other hand. So force users to use 2 hands in all of the app and OS design. Why not start filling all icon and menu items from bottom up since our thumbs are at the bottom and not top.

Monday, March 5, 2018

loops - foreach

Thursday, March 1, 2018

The only way to not screw up Aadhar and its data anymore in india

Before we start let me make a bets.
You show me an
easier for consumers(citizens)
more secure
easier for clients (service providers)
least maintenance
more efficient (time invested in this vs benefits)
I am willing to share give away my salary.
I do not want to get into the whole controversy and conspiracy about the whole purpose of aadhar being data mining, monitoring of indians by the indian and international govts (big brother and others). What I want to get into though is how silly and easy it is to get any citizens details by any crook for the lowest price.
This aadhar number is attached to
1. bank accounts
2. all investments
3. All facilities that you obtain from govt (gas connection)
4. your phone connection
5. your internet connection
6. your insurances (health, automobile etc.,)
and more...
Such data was available on sale in the black market for as cheap as 500 INR (approx 7.5 USD). It was also easily hacked by one of the french researcher. It is becoming next to impossible or at least difficult to obtain anything which is any citizen's right, without providing aadhar details. So,
how can one provide aadhar details without providing aadhar details?
how can one authenticate or validate their authenticity of citizenship or aadhar without compromising it?
Simple. It already exists. I will first give an example.
you go to feedly.com and you can create an account or login without creating an account. how?. login with google or login with facebook or login with twitter.
you go to stackoverflow.com and you can login by just clicking on login with google or any other authentication provider.
you have today many big companies have such feature. microsoft allows you to apply to their jobs with linkedin button. you click on the login with linkedin button. It opens the pop up button which has the username and password section of linkedin and an allow access button with a cancel button.
so how do we solve this problem?

case 1: get gas connection or authenticate gas connection with aadhar

a) log into bharatgas app. click on add aadhar details button.
b) the above action triggers the aadhar app to open and allows us to choose yes or no.
c) If I choose Yes then it makes me log into the aadhar app and once I do the aadhar attachment or KYC (know your customer) process is done; If i choose no then it gets cancelled.
d) When I log into my aadhar app I can also see all the services to whom I have allowed my aadhar to use. I can just revoke the access to any of these at any point of time. ex: If you go to facebook or google it provides the list of all apps who have access token from them or these apps allow login from google or facebook. I can click on the x icon next to them and it revokes access.

Case 2: get phone connection

a) download the service provider app
b) click on link aadhar or add aadhar button.
c) aadhar app pops up and asks us to allow this app to use its token.
d) If i choose yes on aadhar then the KYC is done and if i say no then it gets rejected.

We can also set an expiration date for such tokens to these services. If the use for example doesnt renew the KYC for his bank account then it gets expired. The service is put on hold. It makes sure that the services are not exploited by the users or user data is not exploited by the service providers.