Skip to content

Tag: nc

Installing Kubernetes on MacOS

Installing Kubernetes on MacOS

Published November 28, 2017

I am assuming you have virtualbox installed on your Mac.

To test most of the stuff on k8s you don’t need multiple nodes, running one node cluster is pretty much what you need.

First we need to install kubectl, a tool to interact with kubernetes cluster:

➜  ~ curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s \
  https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/darwin/amd64/kubectl \
  && chmod +x ./kubectl \
  && sudo mv ./kubectl /usr/local/bin/kubectl

Then we need Minikube – which is a tool that provisions and manages single-node Kubernetes clusters:

➜  ~ curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.23.0/minikube-darwin-amd64 \
  && chmod +x minikube \
  && sudo mv minikube /usr/local/bin/

Now we can start the VM:

➜  ~ minikube  start
Starting local Kubernetes v1.8.0 cluster...
Starting VM...
Downloading Minikube ISO
 140.01 MB / 140.01 MB [============================================] 100.00% 0s
Getting VM IP address...
Moving files into cluster...
Downloading localkube binary
 148.56 MB / 148.56 MB [============================================] 100.00% 0s
Setting up certs...
Connecting to cluster...
Setting up kubeconfig...
Starting cluster components...
Kubectl is now configured to use the cluster.

Let’s check everything is working:

Continue readingInstalling Kubernetes on MacOS
Comments closed
Creating Kubernetes Jobs.

Creating Kubernetes Jobs.

Published November 27, 2017

Sometimes you need to run a container to execute a specific task and then stop it.

Normally in Kubernetes, if you try just to run it, it will actually create a deployment,
meaning you container will keep running all the time. That is because by default kubectl runs with ‘–restart=”Always”‘ policy.
So if you don’t want to create a yaml file where you specify pod ‘kind’ as a Job, but simply use kubectl run, you can set restart policy to ‘OnFailure’.
Let’s run simple container as a job. It is a simple web crawler which I have written for one of my job interviews, it has many bugs and incomplete,
but sometimes it actually works 🙂 So let’s run it:

➜  ~ kubectl run crawler --restart=OnFailure --image=kayan/web-crawler \
 -- http://www.gamesyscorporate.com http://www.gamesyscorporate.com 3
job "crawler" created

Now we can check the state of the pod:

➜  ~ kubectl get pod
NAME            READY     STATUS              RESTARTS   AGE
crawler-k57bh   0/1       ContainerCreating   0          2s

it will take a while, as it needs to download the image first, to check run:

kubectl describe pod crawler

You should see something like below:

Continue readingCreating Kubernetes Jobs.
Comments closed
Running smallest test http server container

Running smallest test http server container

Published November 26, 2017

Sometimes we want to quickly run some container and check http connection to it, I use to use nginx for this.
If your internet connection is not super fast, or if you want something really really quick, or nginx just doesn’t work for you
for some reason, here is what you can use – a combination of busybox and netcat:

➜  ~ docker run -d --rm -p 8080:8080 --name webserver busybox \
	 sh -c "while true; do { echo -e 'HTTP/1.1 200 OK\r\n'; \
	 echo 'smallest http server'; } | nc -l -p  8080; done"
	 
031cb2f4c0ecab22b3af574ab09a28dbfcb9e654e9a2d04fb421bb7ebacdff1f

➜  ~ curl localhost:8080
smallest http server

Lets check it’s size:

➜  ~ docker images nginx | grep alpine
nginx               1.13.6-alpine       5c6da346e3d6        3 weeks ago         15.5MB
➜  ~
➜  ~
➜  ~ docker images busybox
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
busybox             latest              6ad733544a63        3 weeks ago         1.13MB
➜  ~

It is just 1Mb as oppose to 15Mb for nginx alpine.

You can run same on Kubernetes as described below:

Continue readingRunning smallest test http server container
Comments closed
Setting up Firewall and network troubleshooting in Linux with UFW, lsof, tcpdump, wireshark, rsyslog and vagrant

Setting up Firewall and network troubleshooting in Linux with UFW, lsof, tcpdump, wireshark, rsyslog and vagrant

Published November 25, 2017

In this article I am going to demonstrate how to restrict incoming connections to specific port in Ubuntu Linux. Then we will see how to check the logs on the server side for rejected client connection attempts and how to troubleshoot this issue from clients perspective by analysing TCP packets.

By the end you should be more familiar with UFW(Uncomplicated Firewall), lsof, tcpdump and TCP Three-way handshake analysis, Wireshark, nc, rsyslog, telnet, vagrant.

The Article assumes you have VirtualBox and vagrant installed, if you haven’t google it, it is very easy to setup.

First thing first, you will need to setup 2 VMs, alternatively you can use the host as the client, given you can
use tcpdump on it:

cat Vagrantfile
Vagrant.configure(2) do |config|

  config.vm.synced_folder ".", "/vagrant"

  config.vm.define "sensu" do |m|
          m.vm.box = "ubuntu/trusty64"
          m.vm.hostname = "sensu"
          m.vm.network "private_network", ip: "192.168.2.212"
          m.vm.provider "virtualbox" do |v|
            v.memory = 1024
          end
  end

  config.vm.define "sensuclient" do |m|
          m.vm.box = "ubuntu/trusty64"
          m.vm.hostname = "sensuclient"
          m.vm.network "private_network", ip: "192.168.2.213"
          m.vm.provider "virtualbox" do |v|
            v.memory = 512
          end
  end

end  %

I have two servers now, sensu will be the server side and sensuclient will be the one connecting to sensu server.

I now have got two VMs, lets start them and then connect to server first:

Continue readingSetting up Firewall and network troubleshooting in Linux with UFW, lsof, tcpdump, wireshark, rsyslog and vagrant
Comments closed