Byte Musings

Often the default Security rules in AWS allow highest level of access and this is undesirable in production system. Principle of Least access is the recommended security approach for any secure system.  This article explains how we can apply some specific Security rules to various resources in AWS. Access to EC2 instances Do not provide SSH access to EC2 instances in public subnet, which are exposed to outside world. Rather, create a separate EC2 instance which will act like a Bastion server. Let us call the security group associated with this Bastion server as ‘BastionSG’.  The ‘BastionSG’ should have a security group which will allow a specific IP or a range of IP in corporate network via SSH for allowing inbound access. Expose SSH from all EC2 instances only from the Bastion server by providing the ‘BastionSG’ as the source Security Group. Access to VPC By default, a VPC will have a NACL(Network Access control) which allows traffic to all. We can c...

Recently, I was involved in integrating Pivotal Cloud Foundry with Elastic Cloud Storage (ECS), an object storage solution from EMC. In this post, I'm going to document the hiccups we faced during this integration and how did we resolve this, so that it is easier for other folks who would like to carry out this integration. References: We followed the blog post, https://blog.codedellemc.com/2016/01/05/emc-ecs-with-cloud-foundry/ and the service broker code from git hub, https://github.com/spiegela/ecs-cf-service-broker .  1. application.yml file Configuration: First task would be to update the application.yml file in the broker code to have the correct configuration. Note the spring profiles created in yml file. The active spring profile is defined in the build.gradle file to be 'development'. So based on that, we need to update the correct section in the yml file. Under the broker section: a) Provide a valid ECS namespace name (The namespa...

Preview: This is the third post in the series of Microservices based application development. The entire series could be found here: Microservices based Cloud Native Application - Part I Microservices based Cloud Native Application - Part II Microservices based Cloud Native Application - Part III Overview: Continuing from previous posts, in this post, I'm going to write about a few challenges which I faced while implementing the Microservices and how did I address them. This might hopefully help other folks who might run into similar issues. Challenges faced while implementing Microservices: Issue 1: While using Zuul API, I was getting the following exception, when the angular JS application, invoked the Zuul service. com.netflix.zuul.exception.ZuulException: Forwarding error at org.springframework.cloud.netflix.zuul.filters.route.RibbonRoutingFilter.forward(RibbonRoutingFilter.java:132) at org.springframework.cloud.netflix.zuul.filte...

Preview: This is the second post in the series of Microservices based application development. The entire series could be found here: Microservices based Cloud Native Application - Part I Microservices based Cloud Native Application - Part II Microservices based Cloud Native Application - Part III Overview: Continuing from my previos post, I'm going to explain in detail, three concepts which are essential ingredients of a Microservices Architecture. Service Discovery API Gateway Circuit Breaker Service Discovery: In a Microservices environment, we will have multiple services and when the same is deployed in a Cloud Environment, we will  have multiple instances of each service. In such a scenario, we need services to be self discover-able. This will help in two ways.  First, when one service invokes another service, it needs to know the actual location where it is hosted and which instance it should point to. Second, in a ...

Preview: In this post, I'm going to write about an application based on Microservices Architecture, which I presented in the Cloud Foundry Meetup.  The entire series link could be found here: Microservices based Cloud Native Application - Part I Microservices based Cloud Native Application - Part II Microservices based Cloud Native Application - Part III Application Use Case: The application is a miniature LinkedIn kind of application, which was built to demonstrate the key aspects of a Cloud Native application. Application Features: The app allows users to build their profile with experience details, their skills, certifications.  The app allows the users to connect with other users and they can endorse skills and also recommend other users. Application Architecture: The application uses Microservices Architecture, which consists of loosely coupled, independently evolvable/deployable services. It uses polyglot persistence....

Developing Cloud Native Apps This post provides a brief about what to expect from the Cloud Foundry meetup session, ' Developing Cloud Native Apps on Cloud foundry'  which is scheduled on June 7th, Bangalore.  Presenters: Rajagopalan Sundararajan, Senior Solutions Architect, EMC Raghuveer Bhandarkar, Solutions Architect, EMC Preview: With the rapid adoption of Cloud computing by organizations, it has become increasingly imperative to make our application architecture, cloud enabled. This talk which is a part of the Cloud Foundry Meetup, covers Cloud native Software applications, its characteristics, challenges, supported by a demonstration through an app. Abstract: Cloud native Software and applications is a buzz word today and enterprises are trying to understand this concept and apply in building software systems which are “Cloud Native”. This talk captures the experiences of developing such cloud native systems for EMC's customers....

#GIDS16 The Great Indian Developer Summit 2016, is currently under way in Bangalore, India. In this article, I'm briefly touching upon various topics discussed and my first hand experience of the event. There were talks on what are the current industry trends what are the emerging technologies. It is no more sufficient to have the knowledge of one Stack/knowledge, but need to have knowledge of operations (read Devops), Cloud and working with huge data sets (read Big Data). On a lighter note, the classical "Blue Pill or Green Pill" dilemna from 'The Matrix' made its appearance in a couple of presentations. A few talks are detailed out below: 1. Microservice, Microservice, Microservice: There were various talks on Microservice, ranging from how to go about building Microservice, to, why do we need Microservice. One of the interesting talk, went about explaining that Microservice is not a silver bullet, which should be applied to every project, but ...