Skip to main content

Cobalt Environment and work flow

 

Consule
—————-
1) Traditional methods do not resolve the app's name . in this method, load balancer can resolve, but it is in round-robin fission. if we did any modification it won't update the dynamical
but console having an extra feature where there is a Registry that manages all the app info and availability details.
2)Discovery and service configuration tools
3)Container Pilot should use consul for service management
Nomad
==========
1)for control deployment and scheduler .hcl format.
Service management tool
Nomad should be used for managing the containers on one or more servers/clusters.
Vault
=========
Tool for securely accessing and storing secrets
The new component of AN could make use of the latest technology offer by Cobalt to manage the secret
AN is only planned for development hence it should not adopt this technology as it will not be accessible in production.
cypherstore–is the authorization used by mon servers.
What is OAuth?
Oauth-token base authentication TTL
OAuth is an open-standard authorization protocol or framework that describes how unrelated servers and services can safely allow authenticated access to their assets without actually sharing the initial, related, single login credential. In authentication parlance, this is known as secure, third-party, user-agent, delegated authorization.
OAuth-token base authentication TTL
from the apps side  app ID is the key and added root token and kept in a vault, bootstrap method
How MS works
           F5
      —————–
     |Gateway nginx |    —->openapi.test/developer.test.com/amu.test.com
   |-   ——————–
   | —  container Pilot
   |
  ——-
|Console|
  ——–
    |
    |  Container Pilot
    |
   |POD-1| Apps/Web–> DB
   |POD-2| Apps/Web–> DB
      |
      |
      |
      |
     POD
============
        |Web container —-pod level Nginx
        |
         –    java container
         –    App container
High-Level Description
===================================================================
Requeset ====> | InterNet |=====>mu.test.com/forms , openapi.test.com/developer.testcom/
                                       ||
                                       ||
                                   ———-
                                  | FireWall |
                                   ———-
                                       ||
    ——————————————————————————————————————-
  ||Rules lookup /NAT translation –>157.133.209.20.10.xx –>Connection stateupdate —->untranslate and Dispatch to F5||
———————————————————————————————————————–
                                       ||
                     —————————————-
                    ||F5 is a loadbalancer/ Traffice manager ||—–>VIP lookup /connection Lookup/connection state update—> Dispatched to poll mamber
                     —————————————–
                                       ||
                                       ||
                     ——————————
                    ||      NGINX                ||—> TLS certicate exchange/ IP entered at httpd header
                     —————————–
                                       ||
                                       ||
                        ———————————
                        || Container   || container    ||  –> POD NGINX
                         ——————————-
                        || container   || container    ||
                         ——————————–              ====>> Cobalt Infrastructure
                        ||                             ||
                        ||                             ||
                        ———————————
container pilot
1)Application orchestration platform for containers
2)Container Pilot agent is required for every container in the new component service. The rest of the AN has to look up the component service and communicate using the REST API.
Datadog uses for collect all the  alerts from Terraform
J-frog
——–
1)Artifact repository for Cobalt.
2)A new component would publish all the dependent artifacts in the new artifact repository and should not have any shared code with the rest of AN. Any common utility or platform components have to be uniformly shared by the Component and the rest of the AN.
troubleshoot
================
ping app. query –>console service
check
endpoint group
Netmaster and Netplugin- to managing dynamic environment/ Manage the security to avoid the collision
netmaster provide dynamic ACI fabric internally and having all endpoint information, like policy rules instances.
Need to create a software-defined network under netpluging (IP polling)–> OVS (open view switch)
EPIC -who does centralized configuration management for cobolt environment.

Comments

Post a Comment

Popular posts from this blog

HP SMART ARRAY CLI COMMANDS

Show configuration : /opt/hp/hpssacli/bin/hpssacli ctrl all show config Controller status /opt/hp/hpssacli/bin/hpssacli ctrl all show status Show detailed controller information for all controllers /opt/hp/hpssacli/bin/hpssacli ctrl all show detail Show detailed controller information for controller in slot 0 /opt/hp/hpssacli/bin/hpssacli ctrl slot=0 show detail Rescan for New Devices /opt/hp/hpssacli/bin/hpssacli rescan Physical disk status /opt/hp/hpssacli/bin/hpssacli ctrl slot=0 pd all show status Show detailed physical disk information /opt/hp/hpssacli/bin/hpssacli ctrl slot=0 pd all show detail Logical disk status /opt/hp/hpssacli/bin/hpssacli ctrl slot=0 ld all show status View Detailed Logical Drive Status /opt/hp/hpssacli/bin/hpssacli ctrl slot=0 ld 2 show Create New RAID 0 Logical Drive /opt/hp/hpssacli/bin/hpssacli ctrl slot=0 create type=ld drives=1I:1:2 raid=0 Create New RAID 1 Logical Drive /opt/hp/hpssacli/bin/hpssacli ctrl slot=0 create type=ld dri...
Post a Comment
Read more

Monthly Mksys OS backup AIX

Step-1 Estimate Backup: ================================================================= df -tk `lsvgfs rootvg` | awk ‘{total+=$3}\ END {printf “Estimated mksysb size: %d bytes, %.2f GB\n”, total*1024, total/1024/1024}’ It will give you the estimated time of backup, Step-2 Backup Command: backupios -file /home/padmin/28August2013_TESTVIOI_mksysb ===============> VIO Backup Command mksysb -e -i -X /mksysb/10Nov2013_server-1_mksysb============================>AIX server Backup command Step-3 ================= Pre -checks: => check NFS FS size(Backup file) and root vg FS sizes . Note : if any FS Full Zip old logs => To check performance of the server => To check root VG FS => To check /etc/exclude ========================== Step-4 ================================ server-1 mksysb -e -i -X /mksysb/02March2014_server-1_mksysb server-2 mksysb -e -i -X /mksysb/02March2014_sever-2_mksysb Post checkups: ==> check the process running o...
Post a Comment
Read more

HP proliant SERVER hardware commands

to check the failed disk, adapter, any physical component on hp prolient server use the below important command. # hpacucli controller all show config———-to See the failed disk in HP proliant server  Smart Array P410i in Slot 0 (Embedded) (sn: 500143802590F6C0) logicaldrive 1 (558.9 GB, RAID 1, Interim Recovery Mode) array A (SAS, Unused Space: 0 MB) physicaldrive 1I:1:1 (port 1I:box 1:bay 1, SAS, 600 GB, OK) physicaldrive 1I:1:2 (port 1I:box 1:bay 2, SAS, 600 GB, Failed)====>indicating the faild drive SEP (Vendor ID PMCSIERA, Model SRC 8x6G) 250 (WWID: 500143802590F6CF) [root@TEST:/root]# hpacucli ctrl slot=0 show Smart Array P410i in Slot 0 (Embedded) Bus Interface: PCI Slot: 0 Serial Number: 500143802590F6C0 Cache Serial Number: PBCDH0CRH1Z6R3 RAID 6 (ADG) Status: Disabled Controller Status: OK Hardware Revision: C Firmware Version: 6.60 Rebuild Priority: Medium Expand Priority: Medium Surface Scan Delay: 3 secs Surface Scan Mode: Idle Queue Depth: Autom...
Post a Comment
Read more