What is Amazon VPC?

Question
What is Amazon VPC?

Answer
VPC stands for Virtual Private Cloud.  For a typical VM in AWS, there are restrictions on IP address assignments.  VPC allows you to configure servers and network access points without restrictions.  It allows you to leverage AWS with your own network in a separate data center.  It is ideal for hybrid clouds or situations where you need full control of networking without the constraints of typical AWS deployments.

An RDS instance will be created in a VPC by default. To configure a VPC, see this posting.  See this posting for more information about using RDS as an example of a VPC.  To learn more about VPCs in general, see this link.

Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.

You can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.

The above quoted paragraphs were taken from this link.

Interested in Buying Cryptocurrency besides Bitcoin (aka Altcoins)?

With U.S. dollars you can buy over 30 different cryptocurrencies directly!  You no longer need to first buy Bitcoin then transfer it to another exchange as an intermediate step.  Just change the drop down menu for "PAY WITH" to USD, and you can proceed to invest in alternative cryptocurrencies (or buy Bitcoin itself) directly!  Changelly is user-friendly, and a great way to buy altcoins with Euros or U.S. Dollars.

If you want to receive free cryptocurrency by just learning more, try Coinbase. For Europeans, the platform/company Iconomi.com can allow you to buy crypto or learn more.

Will the Market for Application Servers Grow?

The perceived usefulness of application servers seems unquestioned in many corners of the I.T. world.  The conditions that facilitate the deployment of application servers in architectural planning persist. However some people think that code can be written to function on a server that interacts with a web and/or database server without a typical application server being deployed in the middle of the customized code and the OS itself.  Some professionals do not think that application servers are necessary.

JBoss, Tomcat, TomEE, GlassFish and other application servers are common.  They can require considerable operational staffing to support.  There can be licensing costs (e.g., with IBM's WebSphere, Oracle's WebLogic).  The effort of the developers can be considerable to ensure the customized program works with the application server.  There can be vendor lock-in after the code is reliant upon the proprietary application server.  The application server program can create additional overhead and resources that a finely-tuned program would not use.  For low latency programming, an application server may not be an option.

It is noteworthy that the common LAMP stack involves an OS, a web server and front-end code, and a database server.  There is no application server in this complementary group of technologies.

It is possible that as technology matures, that the market for application servers will solidify in certain enterprise needs.  Some application servers will provide a niche benefit, and developers and/or enterprises will leverage certain features thereof.

If you want more information about why application servers may not be the wave of the future, see this article by Forrester.  Another interesting article was written by this British subject matter expert.

How Do You Create a Router in OpenShift When You Get an Error about a User Being Forbidden?

Problem scenario
You are trying to create a virtual router in OpenShift.  When you run the command "oc adm router goodname" you get this error:

"error: router could not be created; could not retrieve list of security constraints to verify service account "router": securitycontextconstraints.security.openshift.io is forbidden: User "jdoe" cannot list securitycontextconstraints.security.openshift.io at the cluster scope: User "jdoe" cannot list all securitycontextconstraints.security.openshift.io in the cluster"

What should you do?

Solution
Run this command:  oc login -u system:admin

Now run your command to create a router:  oc adm router goodname

Now log back into the project with the regular user:  oc login

What Are the Differences between Kubernetes and OpenShift?

Question
What are the differences between Kubernetes and OpenShift?

Answer

  • OpenShift was built by Red Hat.  OpenShift did not originally use Kubernetes (OpenShift blog).  Kubernetes was built at Google.
  • Kubernetes is open source whereas OpenShift usually costs money.  There are different types of OpenShift (e.g., OpenShift Online, OpenShift Enterprise etc.).
  • You use "oc" (OpenShift Client) commands with OpenShift that are often identical to "kubectl" commands in the options that they support.  OpenShift supports native "kubectl" and Red Hat specific "oc" commands.
  • OpenShift uses projects which enhance security by default.  Projects control the access to a namespace.  
  • OpenShift has user accounts that can run a limited number of commands.  For example OpenShift users cannot by default create virtualized routers.  There is a way to use a more privileged user.  This can readily allow you to delegate administrator rights to certain users and not others in OpenShift.
  • Having different namespaces and user accounts that lend themselves to segmentation can make OpenShift a more hardened container orchestration tool.  But these advantages come at the price of proprietary nuances, complexity and financial cost not associated with the purely open source alternative.
  • According to OpenShift's website as of 1/12/18, Kubernetes does not support the following features that OpenShift supports:
    1. Multi-tenancy
    2. Collaboration
    3. Networking
    4. Image registry
    5. Monitoring   
    6. Log aggregation  
    7. CI/CD and DevOps
    8. Enterprise 24/7 Support  
    9. Security response team
    10. Stable Lifecycle (7 years)

Naturally we believe that Kubernetes and open source Docker facilitate several of the above. 

Happy Martin Luther King Jr. Day!

Martin Luther King Jr. was a Nobel Peace Prize winner who died before the age of 40.  He was not quite 5'7" but made a massive impact on U.S. history.  It is unlikely Barack Obama would have been elected President in 2008 had Martin Luther King Jr. not advanced the cause of civil rights for African Americans.  King's influence and inspiration will be felt for decades to come.  On January 15, 2018 we observe Martin Luther King Jr. Day (the day of King's birth).  

You can buy books about King with one of these links: Martin's Big Words, an autobiography, and The Essential Writings and Speeches of Martin Luther King Jr.  Along with the Nobel Prize he won, we should remember the Montgomery Bus Boycott that King lead starting in 1955 lasting until early 1957.  If you get a chance to visit Montgomery, Alabama you should find the bus stop where Rosa Parks refused to give up her seat or the fountain where slaves were once sold.  You should also visit the Civil Rights Memorial and learn about an important era in American history.

Citations
The photo was taken from this website: http://www.photosforclass.com/search/martin%20luther%20king%20jr.

How Do Install and Configure OpenShift to Test It Out?

Problem scenario
You want to use OpenShift as opposed to Kubernetes.  How do you deploy OpenShift to try it out?

Solution
1.  Install Docker on Linux.  We recommend you use a RedHat OS.  The hardware requirements are not that high if you are just testing it for development and/or learning purposes.  For directions on how to install Docker on a RedHat distribution of Linux, see this posting if it is in AWS.  For directions on installing Docker on a RHEL VM in GCP, see this posting.

2.  Run these three commands:

sudo service docker start

docker run -d --name "origin2" --privileged --pid=host --net=host -v /:/rootfs:ro -v /var/run:/var/run:rw -v /sys:/sys -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /var/lib/docker:/var/lib/docker:rw -v /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes:rslave openshift/origin start

docker exec -it origin2 bash

3.  Now that you are inside the Docker container, run this command:

oc login # for the username and password use "test" and "test" respectively

4.  Now you can run oc commands to test openshift.  Try these:

oc version
oc whoami

(The above commands were mostly taken from OpenShift.org. The old link was https://docs.openshift.org/latest/getting_started/administrators.html, but this no longer works.)

FYI  The "oc" command (which stands for OpenShift Client) is very similar to the way that kubectl works.