Search This Blog

Saturday, July 06, 2019

Cloud Well-Architected Framework

The Well-Architected Framework identifies a set of general design principles to facilitate good design in the cloud:

1- Stop guessing your capacity needs: Eliminate guessing about your infrastructure capacity needs. When you make a capacity decision before you deploy a system, you might end up sitting on expensive idle resources or dealing with the performance implications of limited capacity. With cloud computing, these problems can go away. You can use as much or as little capacity as you need, and scale up and down automatically.

2- Test systems at production scale: In the cloud, you can create a production-scale test environment on demand, complete your testing, and then decommission the resources. Because you only pay for the test environment when it's running, you can simulate your live environment for a fraction of the cost of testing on premises.

3- Automate to make architectural experimentation easier: Automation allows you to create and replicate your systems at low cost and avoid the expense of manual effort. You can track changes to your automation, audit the impact, and revert to previous parameters when necessary.

4- Allow for evolutionary architectures: Allow for evolutionary architectures. In a traditional environment, architectural decisions are often implemented as static, one-time events, with a few major versions of a system during its lifetime. As a business and its context continue to change, these initial decisions might hinder the system's ability to deliver changing business requirements. In the cloud, the capability to automate and test on demand lowers the risk of impact from design changes. This allows systems to evolve over time so that businesses can take advantage of innovations as a standard practice.

5- Drive architectures using data: In the cloud you can collect data on how your architectural choices affect the behavior of your workload. This lets you make fact-based decisions on how to improve your workload. Your cloud infrastructure is code, so you can use that data to inform your architecture choices and improvements over time.

6- Improve through game days: Test how your architecture and processes perform by regularly scheduling game days to simulate events in production. This will help you understand where improvements can be made and can help develop organizational experience in dealing with events.

Thursday, December 13, 2018

IBM DataPower Gateway Commissioning Step by Step


What is IBM DataPower Gateway?

IBM DataPower® Gateway helps organizations meet the security and integration needs of a digital business in a single multi-channel gateway. It provides security, control, integration and optimized access to a full range of mobile, web, application programming interface (API), service-oriented architecture (SOA), B2B and cloud workloads.

https://www.ibm.com/products/datapower-gateway

The DataPower capabilities are delivered in a network appliance form factor:

Physical appliances

  • XG45: DataPower Service Gateway
  • XI52: DataPower Integration Appliance
  • XB62: DataPower B2B Appliance

DataPower form factors Virtual appliances (under a hypervisor)

  • XG45/XI52 Virtual Edition
    • Production
  • XG45/XI52 Virtual Edition for Nonproduction Environment
    • Multi-user test and development
  • XG45/XI52 Virtual Edition for Developers
    • Single-user test and development

Network interfaces for virtual appliances

  • Physical appliances have 8 (XG45) or 12 (XI52, XB62) Ethernet interfaces
  • Virtual appliances have four network interfaces:
    • eth0, eth1, eth2, eth3
    • Speeds depend on hypervisor and hardware
    • Physical mode and flow control settings are ignored
  • Hypervisors that the IBM PureApplication System manages allow only eth1-3 to be used for DataPower service configuration
    • eth0 is used by IBM PureApplication System management
  • All other hypervisor environments allow eth0-3 to be used for service configuration

Deployment on stand-alone VMware hypervisors

    • Configure the appliance to run inside the virtual machine
    • Start Commissioning
      • Login to the appliance
      • Enable Secure Backup Mode
      • Enable Common Compatibility Mode
      • Create new admin password 
    • Run the Install Wizard
      • Step 1 - Confirure network interfaces
      • Step 2 - Configure network service
      • Step 3 - Define a unique system identifier for the appliance
      • Step 4 - Do you want to configure remote Management access
      • Step 5 - Configure a user account that can reset passwords
      • Step 6 - Configure the RAID array
    • Save the current configuration

    Configure the appliance to run inside the virtual machine

    1. Setup the virtual machine 
      1. Install VMWare player
      2. Inport the OVA file of the virtual applicance 
      3. Use the below configuration
        1. Memory
          1. Minmum: 4 GB
          2. Required: 8GB
        2. Processors
          1. Minmum: 4 GB
          2. Required: 8GB
        3.  Network Adapter 
          1. Insure that one of the adapters eth0 is Host-only

    Start Commissioning

    Login to the appliance

    login: admin

     

    password: admin

     

    Enable Secure Backup Mode

    Secure backup mode supports the creation of a backup to restore the complete configuration of another DataPower® Gateway. The creation of a secure backup is available only when secure backup mode is enabled. Generally, secure backup mode is enabled during the initial firmware setup of the DataPower Gateway

     

    Confirn Enable Secure Backup Mode

    Enable Common Compatibility Mode

    When the DataPower Gateway is in Common Criteria Compatibility mode, it forces several settings to specific values. These values are required and enforced at restart. Common Criteria Compatibility mode affects audit log policies, password policies, and includes a group of default rules and actions.

    Create new admin password

    Please Enter New Password to be used in next login

    Run the Install Wizard

    Step 1 - Confirure network interfaces

    Do you want to confirure network interfaces

    Do you want to confirure network interfaces answers to do

    1. Start configuring the first network interface
      1. Enable the DHCP
    2. Don't configure the rest network interfaces

    Step 2 - Configure network service

    Step 3 - Define a unique system identifier for the appliance

    Sometimes there is a need to have an identifier that is unique per DataPower device. Typically the device serial number is taken for these purposes.
    Note: Give any appropriate unique system identifier.

    Step 4 - Do you want to configure remote Management access

    These configuration require the IP address of the local interface that manage the appliance.

    Do you have this information? [y]: y
    Do you want to enable SSH? [y]: y
    Enter the local IP address [0 for all] : 0
    Note: In case you provide specific IP earlier, Provide same IP as provided earlier.
    Enter the port number [22]:
    Note: Just enter to accept default or write your needed port

    Do you want to enable WebGUI access [y]: y

    The WebGUI is one of the graphical user interfaces that the DataPower Gateway provides. The Blueprint Console is the one of the graphical user interface (GUI) for the DataPower Gateway. The Blueprint Console allows you to create and manage patterns and tenants.


    Enter the local IP address [0 for all] : 0
    Note: Just enter to accept default or write your needed port
    Enter the port number [9090]:
    Note: Just enter to accept default or write your needed port

    Step 5 - Configure a user account that can reset passwords




    Step 6 - Configure the RAID array



    Save the current configuration




    Access the configured device

    Show int

    The show ip interface command provides tons of useful information about the configuration and status of the IP protocol and its services, on all interfaces. The show ip interface brief command provides a quick status of the interfaces on the router, including their IP address, Layer 2 status, and Layer 3 status

    Accessing WebGUI

     

    Confirm Certificate


    Login Interface


    Accept Software License Agreement

    Use device from the web UI


    Monday, September 17, 2018

    VirtualBox and Docker Won’t Run | Because of Windows 10 Hyper-V?

    I managed to resolve the issue but not by uninstalling Hyper-V. I saw a couple of suggestions but I find this one suitable:

    STEP 1:
    Open the command prompt as an Administrator.

    STEP 2:
    Run the command with no argument:
    bcdedit

    After you run the above command, you will see that the property hypervisorlaunchtype is set Auto by default. See screenshot below:

    Untitled1
    STEP 3:
    Disable Hyper-V by running the command:
    bcdedit /set hypervisorlaunchtype off

    STEP 4:
    Restart your PC system to use VirtualBox.

    To turn Hyper-V back on, run the command:
    bcdedit /set hypervisorlaunchtype auto
    You will need to reboot the system to use Hyper-V.

    Monday, August 27, 2018

    IBM WebSphere Application Server Editions

    There are really 3 editions of WebSphere Application Server.
    • Core: Contains only a certified JEE web profile on Liberty technology stack 
    • Base: Contains both Liberty and Full Profile technology stacks. The Liberty Stack includes all of Core plus JMS client and Server features, MongoDB client, MDB, JAX-WS, JCA and some others. Plus licensing for certain functions of WebSphere Extreme Scale (object grid caching) 
    • Network Deployment: Contains both Liberty and Full Profile technology stacks. The Liberty Stack includes all of Base plus the ability to Cluster JVMs and to organized them through a collective and a single Administration Center. Ability to have assisted life cycle with the intelligent management components of full profile. Plus licensing for all of WebSphere Extreme Scale (object grid caching)

    Reference:


    Friday, August 24, 2018

    Docker | Windows 10/ Mac OS | unauthorized: incorrect username or password when trying to pull images


    It happens because the docker client (on macOS or Windos 10) allows you to sign in with your email address and password. If you sign out and sign in with your Docker Username and password everything will workSo here's a better description of the issue

    Description
    When trying to pull images from the Docker registry docker: Error response from daemon: Get https://registry-1.docker.io/v2/library/hello-world/manifests/latest: unauthorized: incorrect username or password. This happens if you sign in to Docker using your email address instead of your username.
    Steps to Reproduce
    1. Clean install, or reset preferences for Docker
    2. Sign in to Docker GUI using your email address and password
    3. In the terminal, pull an image from the Docker registry
    Actual Results
    docker: Error response from daemon: Get https://registry-1.docker.io/v2/library/hello-world/manifests/latest: unauthorized: incorrect username or password.
    Solution 
    Try logging back in with the CLI via docker login