Subscribe Us


Breaking

Recent In Voip

Popular

Comments

Recent

Resize boot volume of a Linux EC2 instance.

For this example, suppose that you have resized the boot volume of an instance, such as a T2 micro instance, from 10 GB to 20 GB. Step1- Login to aws console and go to EC2 services. 

 Step 2- In the EC2 console select volumes.

P2S (Point to site) connection on Azure Virtual WAN Part 3

 

13. Keep the file handy. This is the rootcertificate.cer file containing the hash that you’ll copy onto the User VPN configuration on your Azure Public Certificate field as shown on the image below. The same hash will be used on the vpnconfig.ovpn file that needs to be configured for your OpenVPN client.

14.Now in Azure portal, go to virtual wan and then select user vpn configuration.




15.Now create in user vpn configuration.


16.Type the name of the configuration and then in tunnel type select Open VPN and Ikev2.



17.Then go to azure certification tab and select yes.


18.Then give root certificate name as P2Srootuser and the public certificate data that we get form exported Public cert in previous steps.



19.Then click on review and create and then click on create.


20.Once the configuration is created you will able to see it in user vpn config section.


21.Now again go to Hubs and open the created HUB.


22.Now go to USER VPN (Point to Site) and then click on create user vpn gateway.


23.Select Gateway scale unit as per requirement. Select Newly created user vpn configuration in point to site configuration section and then enter the Ip address range used to assign during vpn connection.

We have taken 172.29.23.0/24 as Ip address range. And then click on create.

24.Once VPN is deployed you will able to see the following details.


25.Now again go to virtual wan and then user vpn configurations.


26.And the download the virtual wan user VPN profile.


27.Select EAPTLS and then click on generate and download the profile.


28.Now to connect point to the site. Login to you want to connect, here we will be using a window virtual machine for demonstration.


29.Now copy the downloaded awsconfig.zip and P2S ChildCert to the VM.


30.The install the P2sChildCert in the VM.






 

31.The extract the config file and run the desired client setup.



P2S (Point to site) connection on Azure Virtual WAN Part 2

 10. Export the root certificate public key (.cer) and follow along prompts. When asked if you want to export the private key, choose “Do not export private key” then on the Export File Format, select Base-64 encoded X.509 (.CER).







11. Export the root certificate child key (.cer) and follow along prompts. When asked if you want to export the private key, choose “yes export private key” then on the Export File Format, select Base-64 encoded X.509 (.CER).









P2S (Point to site) connection on Azure Virtual WAN Part 1

 1.Create a Resource Group in Azure.



2.Search virtual wan in the Azure portal.


3.Click on virtual vWAN.


4.Click on create new vWAN with the following details.

Subscription-

Resource group name-

Name- testvWAN

Type- Standard


5.Once vWAN is created go to testvWAN and click on Hubs.

 6.Click on new HUB. Then fill in the below details.

Region- south-central-us

Name- aws-mum-hub

Hub private address space- 192.168.10.0/24

7.Generate User VPN certificate to be used for P2S (Point to the site).

 On your PC, as an administrator, Press Windows+R to open the Run dialog box, and then type “PowerShell” (and enter) in the text box:


a.       Create a self-signed root certificate. On PowerShell run this:


$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject “CN=P2SRootCert” -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation “Cert:\CurrentUser\My” -KeyUsageProperty Sign -KeyUsage CertSign

 

b.    Still on same PowerShell console, generate a client certificate:


New-SelfSignedCertificate -Type Custom -DnsName P2SChildCert -KeySpec Signature -Subject “CN=P2SChildCert” -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation “Cert:\CurrentUser\My” -Signer $cert -TextExtension @(“2.5.29.37={text}1.3.6.1.5.5.7.3.2”)

8. Step 2 and 3 will create the following Thumbprint and Subject as shown here:


9. On your Windows GUI, run certmgr.msc and you should see the following 2 Certificate contents:


  

Site to Site VPN between AZURE and AWS using Azure Virtual WAN ( Active/Active BPG Configuration )

This article will help in how to configure a site-to-site VPN between Azure Virtual WAN HUB and AWS utilizing the Internet Key Exchange version 2 (IKEv2) for the tunnel setup.

We will use  Azure and AWS portal to set up Virtual WAN and then  Site on AWS side.

Virtual vWAN.

Azure Virtual WAN is a networking service that brings much networking, security, and routing functionalities together to provide a single operational interface. These functionalities include branch connectivity (via connectivity automation from Virtual WAN Partner devices such as SD-WAN or VPN CPE), Site-to-site VPN connectivity, remote user VPN (Point-to-site) connectivity.

For Detail see - https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about


Source-Microsoft

Kubernetes Examples (Secrets) & (Replica Sets )

 



1. Create Secret using "kubectl" & Consuming it from "volumes" inside Pod


   1a. Create secret "nginx-secret-vol" using "Kubectl"

   1b. Consume "nginx-secret-vol" from "volumes" inside Pod

   1c. Create | Display | Validate


2. Create Secret "manually" using YAML file & Consuming it from "environment variables" inside Pod


   2a. Create secret ìredis-secret-envî using YAML file:

   2b. Consume ìredis-secret-envî secret from ìEnvironment Variablesî inside pod

   2c. Create | Display | Validate

Kubernetes Examples (Config Maps & Cluster IP)


 Config Maps 

1. Creating Configmap from "multiple files" & Consuming it inside Pod from "volumes" 


   1a. Create Configmap "nginx-configmap-vol" from "multiple files"

   1b. Consume "nginx-configmap-vol" configmap inside Pod from "volumes" 

   1c. Create | Display | Validate


2. Creating Configmap from "literal values" & Consuming it inside Pod from "environment variables" 


   2a. Create configmap ìredis-configmap-envî from "literal values"

   2b. Consume ìredis-configmap-envî configmap inside pod from ìEnvironment Variablesî inside pod

   2c. Create | Display | Validate

Setup Kubernetes In Centos 8

Need To allow these ports in firewall.If you are deploying the cluster in Cloud you need to allow the port in network security group inbound rule.

firewall-cmd --permanent --add-port=6443/tcp

firewall-cmd --permanent --add-port=2379-2380/tcp

firewall-cmd --permanent --add-port=10250/tcp

firewall-cmd --permanent --add-port=10251/tcp

firewall-cmd --permanent --add-port=10252/tcp

firewall-cmd --permanent --add-port=10255/tcp

firewall-cmd –-reload


modprobe br_netfilter

echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Disable Swap and Selinux.

swapoff -a

setenforce 0

sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux