Krishna Murthy Dasari krishnamurthydasari
krishnamurthydasari
/ AWS Transit Gateway Route Propagation
Last active
April 19, 2024 08:09
AWS Transit Gateway Route Propagation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| How route propogation happens at Transit gateway route table: | |
| ============================================================= | |
| This applies when you have VPN and also Direct connect both uses transit gateway as aws side of gateway. then these routes are followed. | |
| Ref: Refer to "Route evaluation order" section at https://docs.aws.amazon.com/vpc/latest/tgw/how-transit-gateways-work.html | |
| Ref: https://www.linkedin.com/pulse/aws-transit-gateway-tgw-explained-ahmed-ali/ | |
| Transit gateway routes are evaluated in the following order: |
krishnamurthydasari
/ TCP IP and OSI Network Architecture Models
Last active
July 29, 2021 11:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Network Architecture Models | |
| Blueprint or set of instructions to communicate systems each other | |
| Each layer has specific purpose or a job | |
| Each layer uses specific protocols and standards | |
| OSI Layers and Purpose:************** | |
| ======================== | |
| Layer 7 - Application Layer - Provides and interface between communication software and applications that need to communicate | |
| Layer 6 - Presentation Layer - Defines and negotiates data formats such as ASCII, Binary, JPEG. Encryption also a presentation service | |
| Layer 5 - Sessions Layer - Defines how to start, end and control sessions. |
krishnamurthydasari
/ AWS Security
Last active
April 19, 2024 04:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Domain 1: Incident response | |
| Domain 2: Logging and Monitoring | |
| Domain 3: Infrastructure Security | |
| Domain 4: Identity and Access Management | |
| Domain 5: Data Protection | |
| Domain 1: Incident response: | |
| ============================ | |
| *****Notes by trainer: https://docs.google.com/document/d/11_1lNSNMI7tRTmfBR74FOkaQbDfVZPZ7u0H4tFXRrGs/edit?usp=sharing |
krishnamurthydasari
/ Kubernetes Introduction
Last active
February 16, 2024 12:54
Kubernetes Introduction
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| What are containers? | |
| Containers are completely isolated environments, as in they can have their own processes or services, their own network interfaces, their own mounts, just like Virtual machines, except that they all share the same OS kernel. | |
| What is Orchestrator? | |
| Orchestrator is a platform which enables to control connectivity between containers and automatically scale up or down based on the load. This whole process of automatically deploying and managing containers is known as Container Orchestration. | |
| What is Node? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Basics: | |
| ======= | |
| http://kubernetesbyexample.com/ | |
| - A replication controller (RC) is a supervisor for long-running pods. An RC will launch a specified number of pods called replicas and makes sure that they keep running, for example when a node fails or something inside of a pod, that is, in one of its containers goes wrong. | |
| example: | |
| kubectl apply -f https://raw.githubusercontent.com/openshift-evangelists/kbe/master/specs/rcs/rc.yaml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Creation of Dx connection | |
| You need Location details | |
| Port speed | |
| Creation of VIF: | |
| You dont need to create VPCs before, or no dependancy with this. You can manage with creating DxGW and later point in time you can create VGW and associate with DxGW | |
| ASN - This is going to be customer ASN | |
| - AWS side ASN will be available when you download router configuration |
krishnamurthydasari
/ Deploying application in 2 different VPCs Vs Deploying in two AZs in single VPC
Last active
June 15, 2018 15:13
Deploying application in 2 different VPCs Vs Deploying in two AZs in single VPC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| It is always recommended we deploy application across multiple AZs within same VPC instead of deploying in multiple VPCs itself. Below are 2 important points, | |
| 1) When you deploy application in two AZs(1a and 1b) in same VPC, AWS will make sure those AZs (1a and 2b) are deployed in 2 separate data centers. | |
| 2) When you deploy application in two VPCs | |
| VPC1 --> AZ 1a | |
| VPC2 --> AZ 1b | |
| There is no guarantee that 1a from VPC1 and 1b from VPC2 are deployed in separate data centers. It is completely automated process from AWS to pick data center when you select AZ. So possible that both 1a and 1b are deployed on to same physical data center. | |
| For example, AWS has three AZs in Ireland region (i.e. 3 data centers). so 1a, 1b and 1c not always mapped to fixed data center. For one customer (or VPC) 1a can be data center1 and for other customer it may be 1b for the same data center. |
krishnamurthydasari
/ Cloud Governance and Security
Last active
June 6, 2018 20:14
Cloud Governance and Security
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Governance - Oversight role and process by which companies manage and mitigate business risks | |
| Compliance - Process and internal controls to meet the requirements imposed by governance body | |
| Governance | |
| Define | |
| Discover | |
| Monitor | |
| Respond |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://openvpn.net/index.php/access-server/docs/quick-start-guide.html#asclient | |
| download package and install | |
| wget http://swupdate.openvpn.org/as/openvpn-as-2.0.21-CentOS6.x86_64.rpm | |
| If you get any errors as below, | |
| Generating init scripts... | |
| Generating init scripts auto command... | |
| Error: Could not generate server script auto. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Amazon Elastic Container Servie: Native Doctor Support on AWS | |
| User Cases: | |
| Configuration and deployment | |
| Microservices | |
| Breaking application into smaller chunks of code | |
| Batch Processing | |
| Building block service | |
| Manage cluster state |
NewerOlder