Industry Use Cases with Demonstration on Kubernetes (Industry Experts Session)

  Before getting into industry, for sailing smoothly from academic to industry, it's very important have some knowledge about industry, how things works in industry, industrial use case.


Just because of Mr. Vimal Daga sir and Mrs. Preeti Daga ma'am, I got this opportunity. On 09th March 2021 , they arranged Industry Expert Practical Demo Session on kubernetes. Two of the best expert Redhatters of the industry Mr. Neeraj Bhat, Mr. Vijit  Kuntal and Rushil Sharma they taught and showed use cases and industrial need.


▪️Introduction to speakers for the session, they all are experts from the core industry :- 


➡️ The First One is :-


”Mr. Neeraj Bhatt” (Senior Technical Engineer- OpenShift, Redhat )


▪️"Neeraj is working in Redhat from more than 4 years now"


➡️ And The Second One is :-


”Mr. Vijit  Kuntal" (Consultant, Infosys Belgium)


▪️Vijit  is an experienced Senior System Engineer extremely skilled in DevOps, Jenkins.


➡️ And the Third one is- 


”Rushil Sharma” ( Customer Engineer Hybrid Cloud, Google)


▪️He has Experience in driving Financial institutions to optimise the Kubernetes workloads to leverage the optimum resources available without over committing the hardware.He has also worked at RedHat and contributed on Openshift 4.


Here's a brief summary what all was discussed in this session...

  •  need of cvs git:
  •  easy to create branches in git
  •  git ui gives more clear picture of the repos
  •  reast api implementation in git.
  •  git is easy to reconcile.
  •  code merges between the branches.
  •  cvs works on a file level, whereas git works on a repo/module level.
  •  there are two ways to do cvs conversion:
  •  git provides git cvsimport [options][options]
  •  cvs2git is a tool that is mostly used.
  •  both of these tools are used to convert any type of centralized vs(cvs, svn) to distribute version control system(git)(hg)
  •  integration of cvs with jenkins:
  •  depends on the version of jenkins in use, jenkins jobs can be created.
  •  pollers or git features(hooks)can be used to trigger the buildafetr every commit.
  •  from commit to build, cqa, deplou, test is reduced to minus.
  •  for use case of 2 availability zones az1 and az2,it is recommended to use repurse hardware from openshift cluster and start migration of workloads on k8s cluster for the least critical first and then critical bang services.
  •  for the requirement of resource optimazation, it is recommended to use wide infrastructure service deployemnt using standardised resource allotment.
  •  for the requirement of of monitoring cpu restarting pods and memory requests, it is recommended to implement elk stack along with grafana dashboards and prometheus.
  •  for failover capacity and cluster level autoscaling, it is recommended to use microservicewhich will scale horizontly when required we can run out of resources.
  •  for image security enhancement using notary server, it is advised to use docker notary to sign images.
  •  custom ssc-->sample ssc
  •  default capability = net admin
  •  system"serviceaccount:custom:custom-sa-->>system account name:type:custom service/system service.
  •  openshift.io is very specific kind of metadata inside verify scc.
  •  capsh --print|grep net } used to check capability of network
  •  oc create role capscc --verb=use--resource=scc--resource-name=cap-add -n captest } used to create a role.
  •  to create roll binding:
  • oc create rolebinding capscc-bind--role=capscc--serviceaccount=captest:default

WHAT ALL SCCs CAN CONTROL?
  • Whether pod can run privileged containers.
  • Container’s capability request.
  • Use of host directories as volumes.
  • SELinux context of the container.
  • Container user ID.
  • Use of host namespaces and networking.
  • Allocation of an FSGroup that owns the pods volumes.
  • Container requires the use of a read only root system or not.
  • Usage of volume types.
  • Configuration of allowable seccomp profiles.


Thanks to Vimal Daga sir and Preeti Chandak Ma’am for conducting such a great session.

Comments

Post a Comment

Popular posts from this blog

Automation Using Python

Image
  Welcome to my menu program This program contains fully automated technologies that can be run directly in any flavor of linux operating system This menu program contains some great technologies like : 1. Amazon Web Services (AWS) 2. Big Data Hadoop 3. LVM partition technique 4. Web Server 5. Yum  6. Docker This menu-driven program is built in python that can be useful in automation of above mentioned technologies. 1. Amazon Web Services (AWS) Using this menu program, you can do following things : - AWS key pairs      - Describe key pair     - create key pair     - Delete key pair - EC2 instance     - Create Instance     - Describe Instance     - Start Instance     - Stop Instance     - Reboot Instance     - Terminate Instance - Create AWS security group - EBS volume     - Create EBS volume     - Attach EBS volume     - Detach EBS volume     - Create Snapshot     - Delete EBS volume - create S3 bucket And you know the good part, you can do everything just in one click ;) Checkout thi
Read more

Chat Server using UDP

Image
  Create Chat Server  Specifications : Use Socket Programming Use UDP Data Transfer protocol Create server and receiver both Use multi-threading to get and receive data parallely Now creating Chat Server with above given specifications. This is the code for Chat Server using UDP protocol and using Socket programming. Here same program can send receive messege both at the same time. I've used multi-threading concept to send and receive data parallely from multiple Server sides. These are the two servers that I used for my chat server - chatApp : And using multi-threading , i sent data parallely from two servers. one from Linux and another one from windows : Hope you liked it :)
Read more

NETWORK TOPOLOGY

Image
In this blog I'm going to create a  network Topology Setup in such a way that System A can  ping to two Systems System B and System C but both these systems should not be pinging each other without using any security rule e.g firewall etc . Every body thinks that in a network topology, if System A can ping to B and System B can ping to C, then it's obvious that system C can ping system A. But NO, Not Always... So in this blog, I'm going to show you how to create such topology. And believe me, doing this is so simple. It's just a game of netmask and routing table. Let's jump to the practical : System A : 1. Change the ip and netmask of system A to 192.168.1.20/16 2. Then add network range in the routing table .      Here I've selected the range such that it can ping to both of my other system. 3. By using route -n command, you can check the routing table  of System. 4. Using ifconfig enp0s3 command, you can check the ip of the system . System B : 1. Chane
Read more