Mervin Praison

IaC

Create static website on GCP with CDN using Pulumi

Post author By praison
Post date June 1, 2023

import pulumi
import pulumi_gcp as gcp

# Create a Google Cloud Storage bucket to store the website content
website_bucket = gcp.storage.Bucket("websiteBucket",
                                    location="US",
                                    website={
                                        "mainPageSuffix": "index.html",
                                        "notFoundPage": "error.html"
                                    })

# Upload the website content to the bucket
index_html = gcp.storage.BucketObject("indexHtml",
                                      bucket=website_bucket.name,
                                      source=pulumi.FileAsset("index.html"),
                                      content_type="text/html")

# Create a backend bucket for the Google Cloud CDN
backend_bucket = gcp.compute.BackendBucket("backendBucket",
                                           bucket_name=website_bucket.name)

# Create a URL map to route incoming requests
url_map = gcp.compute.UrlMap("urlMap",
                             default_service=backend_bucket.self_link)

# Create a Cloud CDN-enabled HTTPS load balancer
cloud_cdn = gcp.compute.TargetHttpsProxy("cloudCdn",
                                         url_map=url_map.self_link,
                                         ssl_certificates=[<_ssl_certificate>])

# Export the Google Cloud Storage bucket URL
pulumi.export("bucket_url", website_bucket.url)

This program creates the following resources:

A Google Cloud Storage bucket to store the website content, configured for static website hosting.
A Google Cloud Storage bucket object to upload the index.html file. Replace this with your own static website content.
A backend bucket for Google Cloud CDN.
A URL map to route incoming requests.
A Cloud CDN-enabled HTTPS load balancer.

Please note that you need to replace <your_ssl_certificate> with the SSL certificate resource link that you want to use for the HTTPS load balancer.

Also, note that you need to update the index.html source path to your actual file in the pulumi.FileAsset("index.html") line.

IaC

Static website on AWS with CloudFront CDN using Pulumi

Post author By praison
Post date June 1, 2023

import pulumi
import pulumi_aws as aws

# Create an S3 bucket to store the website content
website_bucket = aws.s3.Bucket("websiteBucket",
                                acl="private",
                                website={
                                    "index_document": "index.html",
                                    "error_document": "error.html"
                                })

# Upload the website content to the bucket
index_html = aws.s3.BucketObject("indexHtml",
                                 bucket=website_bucket.id,
                                 source=pulumi.FileAsset("index.html"),
                                 content_type="text/html")

# Create a CloudFront Origin Access Identity for private content
origin_access_identity = aws.cloudfront.OriginAccessIdentity("originAccessIdentity")

# Create an S3 bucket policy to grant CloudFront access to the content
bucket_policy_document = aws.iam.get_policy_document(statements=[
    {
        "actions": ["s3:GetObject"],
        "resources": [f"{website_bucket.arn}/*"],
        "principals": [{"type": "AWS", "identifiers": [origin_access_identity.iam_arn]}],
    },
])

bucket_policy = aws.s3.BucketPolicy("bucketPolicy",
                                    bucket=website_bucket.id,
                                    policy=bucket_policy_document.json)

# Create a CloudFront distribution to serve the static website
cloudfront_distribution = aws.cloudfront.Distribution("cloudfrontDistribution",
    default_cache_behavior={
        "target_origin_id": "websiteBucket",
        "viewer_protocol_policy": "redirect-to-https",
        "allowed_methods": ["GET", "HEAD", "OPTIONS"],
        "cached_methods": ["GET", "HEAD", "OPTIONS"],
        "forwarded_values": {
            "cookies": {"forward": "none"},
            "query_string": False,
        },
        "min_ttl": ,
        "default_ttl": 3600,
        "max_ttl": 86400,
    },
    viewer_certificate={
        "cloudfront_default_certificate": True,
    },
    origins=[{
        "origin_id": "websiteBucket",
        "domain_name": website_bucket.bucket_regional_domain_name.apply(lambda b: b),
        "s3_origin_config": {
            "origin_access_identity": origin_access_identity.cloudfront_access_identity_path,
        },
    }],
    restrictions={
        "geo_restriction": {
            "restriction_type": "none",
        },
    })

# Export the CloudFront domain name
pulumi.export("distribution_domain", cloudfront_distribution.domain_name)

This program creates the following resources:

An S3 bucket to store the website content, configured for static website hosting.
An S3 bucket object to upload the index.html file. Replace this with your own static website content.
A CloudFront Origin Access Identity to restrict access to the content.
An S3 Bucket Policy to grant CloudFront access to the content.
A CloudFront Distribution to serve the static website. It is configured to redirect HTTP to HTTPS.
Exports the CloudFront Distribution domain name.

Please note that in order to access the website via CloudFront distribution you will need to update the index.html source path to your actual file.

Kubernetes

Optimising Kubernetes control plane

Post author By praison
Post date May 26, 2023

Optimising the Kubernetes control plane for high load traffic involves several strategies. Here are some key points to consider:

Multiple API Servers: You can run multiple instances of the API server and balance traffic between them. This can help distribute the load and increase the overall capacity of your control plane.
Etcd Optimization: Etcd is a critical component of the Kubernetes control plane as it stores all cluster data. Make sure it’s configured properly for your workload. This might involve tuning parameters like heartbeat interval and election timeout, or running etcd on dedicated hardware.
Enable Horizontal Pod Autoscaler (HPA): HPA automatically scales the number of pods in a replication controller, deployment, replica set, or stateful set based on observed CPU utilization or other select metrics.
Enable Cluster Autoscaler: The Cluster Autoscaler adjusts the size of the Kubernetes cluster when there are pods that failed to run in the cluster due to insufficient resources or when there are nodes in the cluster that have been underutilized for an extended period of time and their pods can be placed on other existing nodes.
Use Resource Quotas and Limit Ranges: These can help ensure that no single tenant can bring down the API server by creating too many objects.
Tune Garbage Collection and Audit Logging: These can have a significant impact on API server performance. Make sure they’re configured appropriately for your workload.
Network Policies: Implement network policies to control the traffic flow between pods, which can help manage the load on your services.

Here’s a diagram to illustrate this setup:

graph TB
    subgraph ControlPlane["Kubernetes Control Plane"]
        API["API Servers"]
        Etcd["Etcd"]
        ControllerManager["Controller Manager"]
        Scheduler["Scheduler"]
    end
    subgraph Cluster["Kubernetes Cluster"]
        Nodes["Nodes"]
        Pods["Pods"]
        HPA["Horizontal Pod Autoscaler"]
        CA["Cluster Autoscaler"]
    end
    API -->|Read/Write| Etcd
    ControllerManager -->|Control| Nodes
    Scheduler -->|Schedule| Pods
    Nodes -->|Report Status| API
    Pods -->|Report Status| API
    HPA -->|Scale| Pods
    CA -->|Scale| Nodes

This diagram represents a Kubernetes control plane with multiple API servers and an optimized etcd configuration. The control plane interacts with the nodes and pods in the Kubernetes cluster. The Horizontal Pod Autoscaler and Cluster Autoscaler are used to automatically adjust the number of pods and nodes based on the load.

Here is a diagram illustrating the setup of a Kubernetes control plane optimized for high load traffic:

graph TB
    subgraph ControlPlane["Kubernetes Control Plane"]
        API["API Servers"]
        Etcd["Etcd"]
        ControllerManager["Controller Manager"]
        Scheduler["Scheduler"]
    end
    subgraph Cluster["Kubernetes Cluster"]
        Nodes["Nodes"]
        Pods["Pods"]
        HPA["Horizontal Pod Autoscaler"]
        CA["Cluster Autoscaler"]
    end
    API -->|Read/Write| Etcd
    ControllerManager -->|Control| Nodes
    Scheduler -->|Schedule| Pods
    Nodes -->|Report Status| API
    Pods -->|Report Status| API
    HPA -->|Scale| Pods
    CA -->|Scale| Nodes

The Kubernetes Control Plane consists of multiple API Servers, Etcd, Controller Manager, and Scheduler. The API Servers interact with Etcd for read/write operations. The Controller Manager controls the Nodes, and the Scheduler schedules the Pods.

In the Kubernetes Cluster, Nodes and Pods report their status to the API Servers. The Horizontal Pod Autoscaler (HPA) and Cluster Autoscaler (CA) are used to automatically adjust the number of Pods and Nodes based on the load.

Remember, this is a high-level overview. The actual implementation may vary based on your specific requirements and Kubernetes best practices.

Tags Interview

Kubernetes

Single Kubernetes cluster for lower environments

Post author By praison
Post date May 26, 2023

Setting up a single Kubernetes cluster for lower environments like Dev, Test, and Staging involves several steps and best practices. Here’s a high-level overview:

Create a Kubernetes Cluster: You can use managed Kubernetes services like AWS EKS, Google GKE, or Azure AKS to create a Kubernetes cluster. Alternatively, you can set up your own cluster using tools like kops or kubeadm.
Create Namespaces: Create separate namespaces for each environment. This provides isolation between the environments and helps manage resources for each environment.
Deploy Applications: Deploy your applications in each namespace. You can use Kubernetes Deployments and Services for this. Deployments describe the desired state for your application, and Services provide network access to your application.
Configure Networking: Set up networking for your applications. You can use Kubernetes Ingress to manage external access to services in the cluster.
Manage Configuration and Secrets: Use ConfigMaps to manage application configuration and Secrets to manage sensitive data.
Set Resource Limits: Set resource limits for each namespace to prevent one environment from using all the resources in the cluster.
Implement CI/CD: Implement a CI/CD pipeline to automate the deployment of your applications to each environment.

Here’s a diagram to illustrate this setup:

graph TB
    subgraph Cluster["Kubernetes Cluster"]
        subgraph DevNamespace["Dev Namespace"]
            DevDeployment["Deployment"]
            DevService["Service"]
            DevIngress["Ingress"]
            DevConfigMap["ConfigMap"]
            DevSecret["Secret"]
        end
        subgraph TestNamespace["Test Namespace"]
            TestDeployment["Deployment"]
            TestService["Service"]
            TestIngress["Ingress"]
            TestConfigMap["ConfigMap"]
            TestSecret["Secret"]
        end
        subgraph StagingNamespace["Staging Namespace"]
            StagingDeployment["Deployment"]
            StagingService["Service"]
            StagingIngress["Ingress"]
            StagingConfigMap["ConfigMap"]
            StagingSecret["Secret"]
        end
    end
    DevDeployment --> DevService
    DevService --> DevIngress
    DevDeployment --> DevConfigMap
    DevDeployment --> DevSecret
    TestDeployment --> TestService
    TestService --> TestIngress
    TestDeployment --> TestConfigMap
    TestDeployment --> TestSecret
    StagingDeployment --> StagingService
    StagingService --> StagingIngress
    StagingDeployment --> StagingConfigMap
    StagingDeployment --> StagingSecret

graph TB
    subgraph Cluster["Kubernetes Cluster"]
        subgraph DevNamespace["Dev Namespace"]
            DevDeployment["Deployment"]
            DevService["Service"]
            DevIngress["Ingress"]
            DevConfigMap["ConfigMap"]
            DevSecret["Secret"]
        end
        subgraph TestNamespace["Test Namespace"]
            TestDeployment["Deployment"]
            TestService["Service"]
            TestIngress["Ingress"]
            TestConfigMap["ConfigMap"]
            TestSecret["Secret"]
        end
        subgraph StagingNamespace["Staging Namespace"]
            StagingDeployment["Deployment"]
            StagingService["Service"]
            StagingIngress["Ingress"]
            StagingConfigMap["ConfigMap"]
            StagingSecret["Secret"]
        end
    end
    DevDeployment --> DevService
    DevService --> DevIngress
    DevDeployment --> DevConfigMap
    DevDeployment --> DevSecret
    TestDeployment --> TestService
    TestService --> TestIngress
    TestDeployment --> TestConfigMap
    TestDeployment --> TestSecret
    StagingDeployment --> StagingService
    StagingService --> StagingIngress
    StagingDeployment --> StagingConfigMap
    StagingDeployment --> StagingSecret

This diagram represents a single Kubernetes cluster with different namespaces for each environment. Each namespace has its own deployments, services, ingress controllers, ConfigMaps, and Secrets. The arrows indicate the connection between the Deployment and the other components within the same namespace.

Each environment (Dev, Test, and Staging) has its own namespace within the Kubernetes cluster. Each namespace has its own Deployments, Services, Ingress, ConfigMaps, and Secrets. The arrows indicate the connection between the Deployment and the other components within the same namespace.

Tags Interview

DevOps

Various ways to ingest data into Elasticsearch

Post author By praison
Post date May 3, 2023

Elasticsearch, a distributed and highly-scalable search and analytics engine, offers multiple ways to ingest data. Here are some common methods with short descriptions and code examples:

Index API

Use Elasticsearch’s Index API to add or update a single document at a time.

Description: The Index API allows you to add or update documents directly to an index. It automatically creates the index if it doesn’t exist.

Example (Python using Elasticsearch-py library):

from elasticsearch import Elasticsearch

es = Elasticsearch("http://localhost:9200")
document = {"name": "John Doe", "age": 30, "city": "New York"}

response = es.index(index="people", doc_type="_doc", body=document)
print(response)

Bulk API

Use Elasticsearch’s Bulk API to add, update, or delete multiple documents in a single request.

Description: The Bulk API is a more efficient way to index or update multiple documents in a single request, reducing overhead and improving performance.

Example (Python using Elasticsearch-py library):

from elasticsearch import Elasticsearch

es = Elasticsearch("http://localhost:9200")
actions = [
    {"_op_type": "index", "_index": "people", "_type": "_doc", "_source": {"name": "John Doe", "age": 30, "city": "New York"}},
    {"_op_type": "index", "_index": "people", "_type": "_doc", "_source": {"name": "Jane Doe", "age": 28, "city": "Los Angeles"}}
]

response = es.bulk(actions)
print(response)

Logstash

Use Logstash, a data processing pipeline, to ingest data from various sources, transform it, and send it to Elasticsearch.

Description: Logstash is part of the Elastic Stack and provides a powerful way to collect, parse, and transform data from various sources before sending it to Elasticsearch.

Example (Logstash configuration file):

input {
  file {
    path => "/path/to/your/log/file.log"
    start_position => "beginning"
    sincedb_path => "/dev/null"
  }
}

filter {
  # Add your filters to parse and transform the data
  grok {
    match => { "message" => "%{COMBINEDAPACHELOG}" }
  }
}

output {
  elasticsearch {
    hosts => ["http://localhost:9200"]
    index => "weblogs"
  }
}

Beats

Use Beats, lightweight data shippers, to collect and send data from various sources to Elasticsearch.

Description: Beats are part of the Elastic Stack and designed to collect and ship data from different types of sources, such as logs, metrics, or network data, directly to Elasticsearch.

Example (Filebeat configuration file):

filebeat.inputs:
- type: log
  enabled: true
  paths:
    - /path/to/your/log/file.log

output.elasticsearch:
  hosts: ["http://localhost:9200"]
  index: "filebeat-logs"

Elasticsearch Ingest Node

Use Ingest Node, a feature in Elasticsearch, to pre-process documents before indexing.

Description: Ingest Node is a built-in Elasticsearch feature that allows you to define pipelines to pre-process documents with a series of processors before indexing them.

Example (Python using Elasticsearch-py library):

Here’s the formatted code:

from elasticsearch import Elasticsearch

# Connect to Elasticsearch
es = Elasticsearch("http://localhost:9200")

# Define the ingest pipeline
pipeline = {
    "description": "Extract name parts",
    "processors": [
        {
            "grok": {
                "field": "name",
                "patterns": ["%{WORD:first_name} %{WORD:last_name}"]
            }
        }
    ]
}

# Create the ingest pipeline
es.ingest.put_pipeline(id="name_split", body=pipeline)

# Index a document using the ingest pipeline
document = {"name": "John Doe", "age": 30, "city": "New York"}
response = es.index(index="people", doc_type="_doc", pipeline="name_split", body=document)
print(response)

Elasticsearch clients and libraries

Use various Elasticsearch clients and libraries for different programming languages to ingest data.

Description: Elasticsearch provides official clients for different programming languages, such as Java, .NET, Python, and more. Additionally, community-contributed libraries are available for other languages.

Example (Python using Elasticsearch-py library):

from elasticsearch import Elasticsearch

es = Elasticsearch("http://localhost:9200")
document = {"name": "John Doe", "age": 30, "city": "New York"}

response = es.index(index="people", doc_type="_doc", body=document)
print(response)

These are some of the common ways to ingest data into Elasticsearch. Each method has its own use case and can be chosen based on the requirements of your application or data source.

DevOps

Nano Syntax Colouring

Post author By praison
Post date April 6, 2023

brew install nano

Normal Mac

alias nano='/usr/local/bin/nano'

Apple Silicon Mac

alias nano='/opt/homebrew/bin/nano'

.nanorc

set tabsize 4
set tabstospaces
set autoindent
set trimblanks
set linenumbers
set constantshow
set titlecolor white,red
set keycolor cyan
set functioncolor cyan
set numbercolor yellow
set mouse
include /usr/local/share/nano/*.nanorc

DevOps

Zsh Terminal

Post author By praison
Post date April 6, 2023

# homebrew
brew install zsh

# apt-get
sudo apt-get install zsh

Oh my Zsh

sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"

PowerLevel10k

# gh cli
gh repo clone romkatv/powerlevel10k $ZSH_CUSTOM/themes/powerlevel10k

# git
git clone https://github.com/romkatv/powerlevel10k.git $ZSH_CUSTOM/themes/powerlevel10k

~/.zshrc

ZSH_THEME="powerlevel10k/powerlevel10k"

p10k configure

Plugins

zsh-syntax-highlighting

# gh cli
gh repo clone zsh-users/zsh-syntax-highlighting ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting

# git
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting

zsh-autosuggestions

# gh cli
gh repo clone zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions

# git
git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions

ls tools

colorls: A Ruby script that colorise the ls output with colour and icons
exa: is a modern replacement for ls

sudo gem install colorls

sudo apt install ruby-full

brew install exa

secrets manager

secman: Human-friendly and amazing secrets manager.

# via npm
npm install -g secman

# via script
curl -fsSL https://cli.secman.dev | bash

file transfer app

tran: Securely transfer and send anything between computers with TUI.

curl -sL https://cutt.ly/tran-cli | bash

Activate the plugins

In ~/.zshrc file replace the line starting with plugins=() to below line.

plugins=( git zsh-syntax-highlighting zsh-autosuggestions )

colorls

if [ -x "$(command -v colorls)" ]; then
    alias ls="colorls"
    alias la="colorls -al"
fi

or exa

if [ -x "$(command -v exa)" ]; then
    alias ls="exa"
    alias la="exa --long --all --group"
fi

Some more plugins – ohmyzsh plugins

after all these steps type

source ~/.zshrc

Summary

# homebrew
brew install zsh

sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"

git clone https://github.com/romkatv/powerlevel10k.git $ZSH_CUSTOM/themes/powerlevel10k

ZSH_THEME="powerlevel10k/powerlevel10k"

git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting

git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions

sudo gem install colorls

brew install exa

# via script
curl -sL https://u.secman.dev | bash

curl -sL https://cutt.ly/tran-cli | bash

plugins=( git zsh-syntax-highlighting zsh-autosuggestions )

if [ -x "$(command -v colorls)" ]; then
    alias ls="colorls"
    alias la="colorls -al"
fi

if [ -x "$(command -v exa)" ]; then
    alias ls="exa"
    alias la="exa --long --all --group"
fi

Add to ~/.zshrc

plugins=( git zsh-syntax-highlighting zsh-autosuggestions )

if [ -x "$(command -v colorls)" ]; then
    alias ls="colorls"
    alias la="colorls -al"
fi

if [ -x "$(command -v exa)" ]; then
    alias ls="exa"
    alias la="exa --long --all --group"
fi

source ~/.zshrc

General

Tamil Handwriting

Post author By praison
Post date April 6, 2023

WordPress

Markdown Commands

Post author By praison
Post date March 31, 2023

Element	Markdown Syntax
Heading	# H1 ## H2 ### H3
Bold	bold text
Italic	italicized text
Blockquote	> blockquote
Ordered List	1. First item 2. Second item 3. Third item
Unordered List	– First item – Second item – Third item
Code	`code`
Horizontal Rule	—
Link	[title](https://www.example.com)
Image	![alt text](image.jpg)
Table	\| Syntax \| Description \| \| ———– \| ———– \| \| Header \| Title \| \| Paragraph \| Text \|
Fenced Code Block	“` { “firstName”: “John”, “lastName”: “Smith”, “age”: 25 } “`
Footnote	Here’s a sentence with a footnote. [^1] [^1]: This is the footnote.
Heading ID	### My Great Heading {#custom-id}
Definition List	term : definition
Strikethrough	~~The world is flat.~~
Task List	– [x] Write the press release – [ ] Update the website – [ ] Contact the media
Emoji (see also Copying and Pasting Emoji)	That is so funny! :joy:
Highlight	I need to highlight these ==very important words==.
Subscript	H~2~O
Superscript	X^2^

WordPress

Gutenberg Block Editor Shortcuts

Post author By praison
Post date March 31, 2023

Duplicate the selected block(s)	Ctrl + Shift + D
Unselect selected block(s)	double escape
Remove the selected block(s)	Shift + Alt + Z
Insert a new block before the selected block(s)	Ctrl + Alt + T
Insert a new block after the selected block(s)	Ctrl + Alt + Y
Remove multiple selected blocks	del backspace
Move the selected block(s) up	Ctrl + Shift + Alt + T
Move the selected block(s) down	Ctrl + Shift + Alt + Y
Change the block type after adding a new paragraph	/