Sharing the knowledge on the web: January 2021

Tuesday, January 26, 2021

POD - deploy error - role.kubernetes.io/master: }, that the pod didn't tolerate.

kubectl taint nodes mildevkub020 node-role.kubernetes.io/master-

[root@master .kube]# kc get pods
NAME                            READY   STATUS    RESTARTS   AGE
myapp-pod                       0/2     Pending   0          15m
mydep-5dcf7bcbd6-2gxjb          0/1     Pending   0          3h49m
myweb-deploy-6c55897859-695gs   0/1     Pending   0          3h39m
myweb-deploy-6c55897859-89hs4   0/1     Pending   0          3h39m
myweb-deploy-6c55897859-xh8vb   0/1     Pending   0          3h39m
nginx                           0/1     Pending   0          78m

[root@master .kube]# kc describe pod myapp-pod
Name:         myapp-pod
Namespace:    default
Priority:     0
Node:         <none>
Labels:       app=myapp
Annotations: Status: Pending
IP:
IPs:          <none>
Containers:
nginx-container:
    Image:        nginx
    Port:         <none>
    Host Port:    <none>
    Environment: <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-br827 (ro)
backend-container:
    Image:        redis
    Port:         <none>
    Host Port:    <none>
    Environment: <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-br827 (ro)
Conditions:
Type           Status
PodScheduled   False
Volumes:
default-token-br827:
    Type:        Secret (a volume populated by a Secret)
    SecretName: default-token-br827
    Optional:    false
QoS Class:       BestEffort
Node-Selectors: <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type     Reason            Age                 From               Message
----     ------            ----                ----               -------
Warning FailedScheduling 68s (x12 over 16m) default-scheduler 0/1 nodes are available: 1 node(s) had taint                                                                                                                        {node-role.kubernetes.io/master: }, that the pod didn't tolerate.
[root@master .kube]# kc taint nodes master node-role.kubernetes.io/master-
node/master untainted
[root@master .kube]# kc taint nodes master node-role.kubernetes.io/master-
error: taint "node-role.kubernetes.io/master" not found
[root@master .kube]# kc get pods
NAME                            READY   STATUS              RESTARTS   AGE
myapp-pod                       0/2     ContainerCreating   0          18m
mydep-5dcf7bcbd6-2gxjb          1/1     Running             0          3h51m
myweb-deploy-6c55897859-695gs   0/1     ImagePullBackOff    0          3h41m
myweb-deploy-6c55897859-89hs4   0/1     ErrImagePull        0          3h41m
myweb-deploy-6c55897859-xh8vb   0/1     ImagePullBackOff    0          3h41m
nginx                           1/1     Running             0          80m
[root@master .kube]#

Kubernetes - ReplicaSet - Day 9

Kubernetes - ReplicaSet - 1 26- 2021
k8s
- POD -> Launch using yaml ( or Deployment, --> RC -> RS)

Deployment is a great way to manage PODs
- privides different strategy
- rampd
- rolling update

App ->

-----------------------------------------------------
main function of kubernetes is to manage PODs.

apiVersion: v1
kind: Pod
metadata:
name: "webprod1"
labels:
    app: frontend
    team: team1
    region: US
    env: prod

spec:
containers:
- name: "webc1"
    image: "vimal13/webserver-apache-php"

Resource
- RC (replication controller)
- SVC (service)

Deploy
- RC
- label (app=myserv)
- Selector (Keep on searching for particular label or ip ..)

selector (way to Search other resources like program rc, POD)
- Equality based selector [Older way]
- Set-Based selector [ Newer way to manage]

when you launch a resource, it is always good practice go give tag or label.

> kc applyu -f pod.basic
> kc get pods --show-labels
> kc get pods -l "env=prod"

> kc get pods --show-labels -l "env=prod"
> kc get pods -show-labels -l "team=team2"
> kc get pods --show-labels -l "team!=team2"
> kc get pods --show-labels --selector "team!=team2"

when you use =, =! == is called equality based selector

we have on challange on this selector

> kc get pods --show-labels

Set based selector - human readable

show all the pods based on region us

> kc get pods --show-labels --selector "relion in (IN,US), team in (team2)"

# kc get pods --show-labels --selector "region notin (IN,US), team in (team2,team1)"

Launch replica set - Manag replicas of the POD

apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: myweb-rs
labels:

spec:
replicas: 3
selector:
    matchLabels:
      env=prod

template:
metadata:
    name: "webprod1"
    labels:
      app: frontend
      team: team1
      region: US
      env: prod

spec:
    containers:
    - name: "webc1"
      image: "vimal13/webserver-apache-php"

match label -> equality based
match expression - set based with lots of search options

kc apply -f myweb-rs
kc describe rs myweb-rs

Only supports on RS

spec:
replicas: 3
selector:
matchLabels:
    env: prod
matchExpressions:
    - { key: team, operator: In, values: [ team1, team2 ]}
    - { key: tier, operator: In, values: [ frontend ] }
template:
    metadata:
      name: "webpod4"
      labels:
        env: prod
        team: team1
        tier: frontend

    spec:
      containers:
      - name: "webc1"
        image: "vimal13/webserver-apache-php"

> kc create deployment mydep --image=httpd

[root@master jan26]# more mydeploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myweb-deploy

spec:
# type: recreate
replicas: 3
selector:
    matchLabels:
      env: prod
    matchExpressions:
      - { key: team, operator: In, values: [ team1, team2 ]}
      - { key: tier, operator: In, values: [ frontend ] }
template:
    metadata:
      name: "webpod4"
      labels:
        env: prod
        team: team1
        tier: frontend

    spec:
      containers:
      - name: "webc1"
        image: "vimal13/webserver-apache-php"

default type - rolling update

,..
in python,
>>> name =['a', 'b','a']
>>> 'd' in name
>>> 'a' in name

same concept applies here as well for match expression:-

posuming/resuming

canary strategy

737 mkdir jan26
738 cd jan26/
739 vi mypod.yaml
740 kc apply -f mypod.yaml
741 vi mypod.yaml
742 kc apply -f mypod.yaml
743 kc get pods
744 ping yahoo.com
745 kc get pods --show-labels
746 kc get pods --show-labels --selector "team!=team2"
747 vi mypod.yaml
748 kc apply -f mypod.yaml
749 kc get pods
750 kc get pods --show-labels -l "env=prod"
751 kc get pods --show-labels --selector "relion in (US)"
752 kc get pods --show-labels --selector "relion in (IN)"
753 kc get pods --show-labels --selector "relion in (IN,US), team in (team2)"
754   kc get pods --show-labels --selector "region notin (IN,US, team in (team2,team1)"
755 kc get pods --show-labels --selector "region notin (IN,US), team in (team2,team1)"
756 kc delete all --all
757 vi myreplicaset.yaml
758 kc get rs
759 kc get rc
760 kc apply -f myreplicaset.yaml
761 vi myreplicaset.yaml
762 kc apply -f myreplicaset.yaml
763 vi myreplicaset.yaml
764 kc apply -f myreplicaset.yaml
765 kc create deployment mydep --image=httpd
766 kc get deploy
767 kc get rs
768 ke get pod
769 ke get pods
770 kc get pods
771 kc get rs --show-labels
772 kc describe deplpy mydep
773 kc describe deploy mydep
774 kc get all
775 kc get pods
776 kc get rs
777 kc get pods
778 kc delete pod mydep*
779 kc delete pod mydep-5dcf7bcbd6-v6rx9
780 kc get pod

next class multitanency - namespace
- multiple team wroking, hundred of throusands of pods working.

c1 c2 c3 c4 c5 .........>
Team1 work on container 1 and 2
Team2 work on two region running 2 conainer running on one region and 1 on another.

US - 2 pod running, IND -> 5 pod running all the time..

What is selector, label

Kubernetes - Secret - day 8

Kubernetes secrets

Kubernetes - 1/20/2021

> kc get pod
> kc describe pod mypod1

you can see the pw, but you have to secure it ..

We put password on command line on previous class. It was clear password, it can be a shoulder hacking ...

we use yaml code
- you put password on a box and safe it.
- You give box name to developer and tell that there is a box and password is there
- When you write code, give a reference of this box.
- On this box, you can keep other secret information such as pw, credit info ...
its on key value pair format and its a secret.
- In kubernetes term, it is called secret. (Ansible it is called vault)
* secret is not a way to encript your data, it is not... thats why we don't use any key.

Use case
> kc describe pod mypod1
- you won't be able to see the pw
- you give reference to the secret box.

secret
> kc get secrets

> kc delete all --all

> kc run -f
> kc get pods
kc logs mydb

-----------------
missing class
--------------

> kc getr secrets mysecrets

Displays the yaml output
> kc get secrets mysecret -o yaml

google for
base64 encode and decode

Two ways to create secret
create a secret from yaml
or
from command line

kubectl create --help

you can create secret, service, ingress, conjob, deployment and lots of other services

but no replication controller, only option is to create through yaml file.
kc create -f

> kc create secret -h
three kind of secrets
- docker-registry
- generic
- tls

kc create secret generic mys --from-literal=p1=redhat

> kc get secrets
> kc get pods

base64decode.net

or
use openssl command to create
ssl base64

- name: MYSQL_USER
valueFrom:
    secretKeyRef:
      name: mysecret
      key: u
- name: MYSQL_PASS
valueFrom:
     secretKeyRef:
       name: mysecret
       key: up
- name: MYSQL_DATABASE
value: mpdb

git- playing around with git

Messing up with git

Git has three states:
- Committed
- Modified
- Staged

Committed: - The date is safely stored on your local repo
Modified: You made change to the file but not yet saved (comitted) to your local database.
Staged: You made sure that your modified version is ready to go into next commit state.

For eg,
You have a working directory
- you made change to your file, that means, you modified the file.
- Now, you have to staged it, that mean you have to bring it to staging area.
- Once the file in staged area, you verify that everything looks good, then you commit it to save it to local repo
-

so,
working area staging area repo
modify file -> stage it -> commit to save it to repo.

.git is your database to track your change.

=========================================

1. Install git

2. Configure git
- Configure your name and email to verify who made change to identify
$ git config --global user.name "Your name"
$ git config --blobal user.email "you@email.com"

3. Create your local repo and initialize it
a. Initialize repo
$ git init
Initialized empty Git repository in /home/sam/mygt/.git/
$ ls -la
drwxrwxr-x. 7 sam sam 119 Jan 19 16:18 .git

.git is created and stores config file

b. Git status
$ git status
On branch master

No commits yet

nothing to commit (create/copy files and use "git add" to track)

c. Create a file
$ cat >hello.html
Welcome to my page !!!

d. Check the status
$ git status
On branch master

No commits yet

Untracked files:
(use "git add <file>..." to include in what will be committed)

        hello.html

nothing added to commit but untracked files present (use "git add" to track)

* you see untracked files.. and you see the name of the file called hello.html

Now, you need to commit (Save it)

You have two steps to commit it.
1. What files you want to add to the staging area. (git add list_of_files)
2. From staging area, you will commit.

$ git add hello.html
[sam@master mygt]$ git status
On branch master

No commits yet

Changes to be committed:
(use "git rm --cached <file>..." to unstage)

        new file:   hello.html

* see the message output, changes to be committed.

Now, we can make our commit. There are couple of ways to commit
using -m flag followed by the message.

$ git commit -m "Hello file for web page"
[master (root-commit) 061de52] Hello file for web page
1 file changed, 1 insertion(+)
create mode 100644 hello.html
[sam@master mygt]$ git status
On branch master
nothing to commit, working tree clean

$ git status
On branch master
nothing to commit, working tree clean

Now, there is nothing to commit.

now, lets run a command git log to see the history of commit

$ git log
commit 061de527aa663d8ee706ce6072971d95c3e86c15 (HEAD -> master)
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 16:25:57 2021 -0500

    Hello file for web page

Now, I am going to add some more files..

$ touch file{1,2,3}
[sam@master mygt]$ git status
On branch master
Untracked files:
(use "git add <file>..." to include in what will be committed)

        file1
        file2
        file3

nothing added to commit but untracked files present (use "git add" to track)

$ rm file{1,2,3}
[sam@master mygt]$ git status
On branch master
nothing to commit, working tree clean

$ touch username password contents
[sam@master mygt]$ git status
On branch master
Untracked files:
(use "git add <file>..." to include in what will be committed)

        contents
        password
        username

nothing added to commit but untracked files present (use "git add" to track)

lets edit hello.html file

Now, I move my files to web server page,

$ sudo cp * /var/www/html/
[sam@master mygt]$ cd /var/www/html/

$ sudo git init
$ sudo git add .
$ sudo git commit -m "files saved at webserver page"

$ rm *
-------------------------------------
Now, start again,
$ cat index.html
<html>
<head> <title> Welcome to my page !!!</title></head>
<body>
        <h1> Welcome to my page </h1>
</body>
</html>

go to browser and see what you can see !!!

Now, create another file file1.js

$ cat file1.js
alert("Hi there !!!")

and update the index file again.

$ cat index.html
<html>
<head> <title> Welcome to my page !!!</title></head>
<body>
        <h1> Welcome to my page </h1>
        <script src="file1.js"></script>

</body>
</html>

now, create a stylesheet file
$ cat style.css

now, include the style and file1 file on index page
Note: stule goes between head open and close tag.
and java script can go between head and also betweeen body tag

$ cat index.html
<html>
<head>
        <title> Welcome to my page !!!</title>
        <link rel="stylesheet" href="style.css">

</head>

<body>
        <h1> Welcome to my page </h1>
        <script src="file1.js"></script>

</body>
</html>

Now, get the IP address and go to the browser and review the page content.

Now, check git status

$ git status
On branch master

No commits yet

Changes to be committed:
(use "git rm --cached <file>..." to unstage)

        new file:   .htaccess
        new file:   contents
        new file:   hello.html
        new file:   index.html
        new file:   password
        new file:   username

Changes not staged for commit:
(use "git add/rm <file>..." to update what will be committed)
(use "git checkout -- <file>..." to discard changes in working directory)

        deleted:    contents
        deleted:    hello.html
        modified:   index.html
        deleted:    password
        deleted:    username

Untracked files:
(use "git add <file>..." to include in what will be committed)

        file1.js
        style.css

Note: add . will add all the files at one time to the staging area.

$ git add .
[sam@master html]$ git status
On branch master

No commits yet

Changes to be committed:
(use "git rm --cached <file>..." to unstage)

        new file:   .htaccess
        new file:   file1.js
        new file:   index.html
        new file:   style.css

$ git commit -m "Sample web page created"
[master (root-commit) d7366a6] Sample web page created
4 files changed, 26 insertions(+)
create mode 100644 .htaccess
create mode 100644 file1.js
create mode 100644 index.html
create mode 100644 style.css
[sam@master html]$

Now, change the file1 file.
$ vi file1.js
alert("Welcome to the club !!!")

$ git status
On branch master
Changes not staged for commit:
(use "git add <file>..." to update what will be committed)
(use "git checkout -- <file>..." to discard changes in working directory)

        modified:   file1.js

no changes added to commit (use "git add" and/or "git commit -a")
[sam@master html]$

Now, commit the change
$ git add file1.js
[sam@master html]$ git commit -m "changed the content to file1.js file"
[master f6f0f16] changed the content to file1.js file
1 file changed, 1 insertion(+), 1 deletion(-)
[sam@master html]$

Track your change
$ git log
commit f6f0f16139e47a2c302a2d78cb4aece50458a8d5 (HEAD -> master)
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:10:33 2021 -0500

    changed the content to file1.js file

commit d7366a621d145e2c8b318d770579a1c8e635e783
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:07:29 2021 -0500

    Sample web page created
[sam@master html]$

Now, lets go back to the file1.js file
Look at the hash content,

[sam@master html]$ git checkout f6f0f161
Note: checking out 'f6f0f161'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:

git checkout -b <new-branch-name>

HEAD is now at f6f0f16 changed the content to file1.js file
[sam@master html]$

Note: key need to be unique if you are not copying all the content of the hash value.

[sam@master html]$ git checkout d7366a621
Previous HEAD position was f6f0f16 changed the content to file1.js file
HEAD is now at d7366a6 Sample web page created
[sam@master html]$ cat file1.js
alert("Hi there !!!")
[sam@master html]$

Now, lets talk about new concept called branch
if you want to keep a clean copy of your code, you can create a new branch
and play around with new features. If you are hally with it, you can merge
or simply destroy.

Note: when you initialize a repository and start making commits, content will be saved on
master branch by default.

-> list the branches
$ git branch
* (HEAD detached at d7366a6)
master
[sam@master html]$

* you see, tells that you are on different branch.

Run the command git checkout

[sam@master html]$ git branch
* (HEAD detached at d7366a6)
master
[sam@master html]$ git checkout master
Previous HEAD position was d7366a6 Sample web page created
Switched to branch 'master'
[sam@master html]$ git branch
* master
[sam@master html]$

$ git status
On branch master
nothing to commit, working tree clean
[sam@master html]$ ls
file1.js index.html style.css
[sam@master html]$ cat file1.js
alert("Welcome to the club !!!")
[sam@master html]$

If you review the code, you have latest code available on file1.js file.

Lets create a new branch

$ git branch beautiful
[sam@master html]$ git checkout beautifule
error: pathspec 'beautifule' did not match any file(s) known to git.
[sam@master html]$

What we just did is that we copied over all codes to new branch called beautiful.

Now, lets make some modification,

$ cat index.html
<html>
<head>
        <title> Welcome to my page !!!</title>
        <link rel="stylesheet" href="style.css">

</head>

<body>
        <h1> Welcome to my page </h1>
        <script src="file1.js"></script>

        <h3> Life is beautiful </h3>
</body>
</html>

$ cat file1.js
alert("Life is beautiful!!")
[sam@master html]$

$ git branch
beautiful
* master
[sam@master html]$ git checkout beautiful
M       file1.js
M       index.html
Switched to branch 'beautiful'
[sam@master html]$

check what change you made,
$ git log
commit f6f0f16139e47a2c302a2d78cb4aece50458a8d5 (HEAD -> beautiful, master)
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:10:33 2021 -0500

    changed the content to file1.js file

commit d7366a621d145e2c8b318d770579a1c8e635e783
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:07:29 2021 -0500

    Sample web page created
[sam@master html]$
$ git status
On branch beautiful
Changes not staged for commit:
(use "git add <file>..." to update what will be committed)
(use "git checkout -- <file>..." to discard changes in working directory)

        modified:   file1.js
        modified:   index.html

no changes added to commit (use "git add" and/or "git commit -a")
[sam@master html]$ git add .
[sam@master html]$ git status
On branch beautiful
Changes to be committed:
(use "git reset HEAD <file>..." to unstage)

        modified:   file1.js
        modified:   index.html

[sam@master html]$ git commit -m "Modified index and file1 file"
[beautiful 26d6e2d] Modified index and file1 file
2 files changed, 2 insertions(+), 1 deletion(-)
[sam@master html]$
$ git log
commit 26d6e2d72c55a642beba505db9493f69b3da65a9 (HEAD -> beautiful)
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:32:33 2021 -0500

    Modified index and file1 file

commit f6f0f16139e47a2c302a2d78cb4aece50458a8d5 (master)
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:10:33 2021 -0500

    changed the content to file1.js file

commit d7366a621d145e2c8b318d770579a1c8e635e783
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:07:29 2021 -0500

    Sample web page created
[sam@master html]$

-> Now, check what changes are made

[sam@master html]$ cat file1.js
alert("Life is beautiful!!")
[sam@master html]$ cat index.html
<html>
<head>
        <title> Welcome to my page !!!</title>
        <link rel="stylesheet" href="style.css">

</head>

<body>
        <h1> Welcome to my page </h1>
        <script src="file1.js"></script>

        <h3> Life is beautiful </h3>
</body>
</html>

[sam@master html]$

Now go to master branch
$ git checkout master
Switched to branch 'master'
[sam@master html]$ git branch
beautiful
* master
[sam@master html]$
[sam@master html]$ cat index.html
<html>
<head>
        <title> Welcome to my page !!!</title>
        <link rel="stylesheet" href="style.css">

</head>

<body>
        <h1> Welcome to my page </h1>
        <script src="file1.js"></script>

</body>
</html>

[sam@master html]$ cat file1.js
alert("Welcome to the club !!!")
[sam@master html]$

see the change made to the files...

$ git log
commit f6f0f16139e47a2c302a2d78cb4aece50458a8d5 (HEAD -> master)
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:10:33 2021 -0500

    changed the content to file1.js file

commit d7366a621d145e2c8b318d770579a1c8e635e783
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:07:29 2021 -0500

    Sample web page created
[sam@master html]$

You don't see the changes you made to beautiful branch.

Now, whatever you made changes is not on master branch.
Your beautiful branch is still beautiful.

Now, lets see, whatever you made changes to beautiful repo is perfect
how do you merge these two repos together?

So, you can use with merge command flag along with the branch you want to merge.

$ git branch
beautiful
* master
[sam@master html]$ git merge beautiful
Updating f6f0f16..26d6e2d
Fast-forward
file1.js   | 2 +-
index.html | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
[sam@master html]$

see, how many files changed and how many deleted..

check the log, you see all the commit you made to beautiful are here.
$ git log
commit 26d6e2d72c55a642beba505db9493f69b3da65a9 (HEAD -> master, beautiful)
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:32:33 2021 -0500

    Modified index and file1 file

commit f6f0f16139e47a2c302a2d78cb4aece50458a8d5
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:10:33 2021 -0500

    changed the content to file1.js file

commit d7366a621d145e2c8b318d770579a1c8e635e783
Author: Jay <sam@gmail.com>
Date:   Tue Jan 19 17:07:29 2021 -0500

    Sample web page created
$ git status
On branch master
nothing to commit, working tree clean
[sam@master html]$ git branch
beautiful
* master
[sam@master html]$

Now, you have same contents on your master branch

$ cat file1.js
alert("Life is beautiful!!")
[sam@master html]$ cat index.html
<html>
<head>
        <title> Welcome to my page !!!</title>
        <link rel="stylesheet" href="style.css">

</head>

<body>
        <h1> Welcome to my page </h1>
        <script src="file1.js"></script>

        <h3> Life is beautiful </h3>
</body>
</html>

[sam@master html]$

-----------------------------------------------

In Summary
1. Create a directory and make it as a git repo
# mkdir myrepo; git init

git init will create a new repo.

Ok, lets about .git file
- this is a config file stores the config info.
We created local repo or initialize a repo.
Now, we add content, modify the content here.
Three are three stages on this modification and saving process.

1. Working Directory (Working dir)
2. Stading area (Index area)
3. Committed area. (Saved or HEAD)

OK, working area holds real file and the index is the staging area and
committed area is the one where you saved your file

2. Clone a repo from github
$ git clone https://github.com/myrepo123

Basically you copy the content from remote repo to your local repo on your PC.

3. Now, edit one of a file and save the file
Lets say you edited a file called hello.txt, modified and saved.

$ cat >> hello.txt
Added new contents
CTRL+D -> to save it

4. Now run the git status and add to the staging area
$ git status

it will complain you that its not added to staging area.
$ git add <filename> or < * > or < . >

5. Now you have to same to the committed area.
$ git commit -m "Your Message"

Finally file is saved on your repo.
But you have to push your repo to remote location so that other folks can see the change you made.

6. Push to your remote repo.
$ git push origin master

master is the name of the branch. Most of the case, its master, if you have changed, use it.

or push it to your repo by first adding to the list
$ git remote add origin <server>

1. Get remove copy of the code on your local computer
$ git clone <repo_URL>
-> Remote Repo/Remote location -> clone/copy -> to local repo (PC)

2. Check what branch you are working on
$ git branch
by default master and it is a local remo

3. Create a new branch
$ git branch newbranch
basically it is an exact copy of master branch.
So, you have two branches.
Note: Until this point, size of the directory does not change
since its just reference point to the origina.

There is a directory called .git, which keep tracks of the changes. In
depth, it stores the difference of diff command, storing information about
new branch.

3. Change between branches
$ git checkout <branch_name>
$ git checkout master
$ git checkout newbranch

Here, you will modify files and add new features. you save it.
Now, you save your file but now, you have to add this file to staging area.
You want to keep track of changes you made. You add file to staging area to
keep track of changes. To add to stading area
$ git add <file_name>
$ git add hello.txt

4. Git status command
- Shows current status of the branch.
- It also shows information regarding what changes are staged that are going to be
part of next commit.

5. Commit (Save) the change
$ git commit -m "Finally saved !!!"

Lets say, you modified files on your newbranch. Yo uverify all the changes and you
want to merge with your original barnch - master branch.

6. merge branches
$ git merge <branch_name>

We have to commit the change to our master branch so that we can push our change
to remove branch.

To merge new branch to master branch,
1. First checkout to master barnch
   $ git checkout master
2. And initiate a merge process.
   $ git merge newbranch

7. Now, upload your code to remote repo
$ git pish origin <branch-name>
$ git push origin master

so far what we did is
- clone a repo
- create a branch
- change the files and add festures
- stage the change
- Commit the change
- Merge the change to master branch
- Push the change to the remote repo.

===============================
1. Install
2. Config
$ git config --global user.name "Yourname"
$ git config --global user.email YourEmail@email.com

3. Initialize
$ git init

4. Download code from remote repo
$ git clone <Remote_URL>

github.com/csinghdev

5. Edit a file
$ vi abc.html
<html><body>
<h1> Welcome to git tutorial </h1>
<p> Learning is not always fun </P>
</body></html>

6. Add it to staging area
$ git add -A
$ git status
changes are shown here.
it will show no commits are made yet.

7. Commit (Save) the change on the file to the staging area
$ git commit -m "Saved, big time !!!"
$ git status
Will display, nothing to save.

8. Track the change
$ git log
it will show all commits with unique commit ID.

Using these ID, you can go back.

9. Now, lets make changes to the file.
<html><body>
<h1> Welcome to git tutorial </h1>
<p> Learning is not always fun </P>
<h3> Life is beautiful !!! </h3>
</body></html

10. Now, run the status command and add it to stage area
$ git status
$ git add -A ( or * or . )
$ git status
It will show changes to be committed which mean, you ahve to save/commit

11. Commit the change
$ git commit -m "Modified - committed - 2nd time"
$ git status -> check the status
$ git log -> see the no. of time changes are mode

12. Now, lets change your file again,

<html><body>
<h3> Life is beautiful !!! </h3>

</body></html

13. Check the status and commit the change
$ git status
$ git add -A
$ git status
$ git commit -m "Third commit)

14. Now, you realize that you made a mistake and want to go to previous version
$ git log
will displays the commit ID
To restore to previous, just copy the hash value of commited ID, you can get your original file.

$ git checkout <COMMIT ID - HASH value>
$ cat abc.html

You will all file contents here.

$ git log

Create a new branch
$ git checkout -b newbranch
$ git branch -> list new branch

$ git checkout master
$ git merge newbranch

$ git log

now, your new branch is merged with master branch.

Now, lets create a repo on git hub. Browse, login and create a new private repo
Once you create a repo, it will give your the repo link with comand lie,
$ git remove add origin https://github.com/myrepo.../test.git
$ git push origin master

Now, your codes are pushed to remove repo

Now, say, if its your repo and need to share with your peers,
Go to github -> settings -> Manage access -> Invite collaborator -> enter usename or email.

Pull the updated repo
$ git pull origin master

Concept of branches

- You copy the code on your local computer
- You make a local copy of copied contents.
# git branch <name_of_branch>

Check what branch you are working on
# git branch

If you see master, it is an exact copy of remote repo
to create, you run the command
# git branch update_1
# git branch

3. to switch to the branch
# git checkout <name_of_branch>

4. add changed files to the staging area
# git add <file-names>
# git add .

5. show current state of the branch. Whar are staged and what are unstaged.
# git status

6. Now, save it to local repo
# git commit -m "My commit messages"

7. Now, merge it to local master branch
# git checkout master
# git merge <name_of_branch> # the branch you created and now merging to master

8. Now, sync to remote repo
# git push origin <brnch-name>
# git push origin master
origin is repote repo
master is local repo

install, configure,
initilize
git init

create file
hello.txt
git add hello.txt -> stage ->
git commit -m "Your message"
version of file now git will track

git log

git add and git commit to save
it will keep record of all changes

git status
git diff

git reset
git branch
git checkout

so, in summary, what we did,
1. Clone a repo
2. Created a branch
3. Modified the content in the branch
4. Saved (commit) the change
5. Merged to master
6. Pushed the change to the repote repo.

1. Set up password less authentication between servers.
$ ssh-keygen
$ cat id_rsa.pub

2. Copy the key and paste it to github/gitlab

3. Go to your home dir and create a dir
$ mkdir myrepo

4. Clone remote repo
$ git clone <repo_URL>

5. Start working on it by editing files

$ git clone <URL_Repo>
$ git checkout -b task_2254
$ git status
$ git add roles
$ git status
$ git commit
$ git status
$ git push origin task_2254
$ git status
$ git checkout master
$ git pull --rebase
$ git status
$ git remote -v
$ git branch -a
$ git branch -d -r origin/task_2254
$ git git branch -d task_2254
$ git branch -a
$ git status
$ git log
$ git pull <URL>

$ ansible -i patch_hosts all -a "uptime"

AWS - Introduction to AWS

We learn from each other.

PLM - personal learning manager
-------------------------------

- Since we are connecting remotely, we may face problem with voice and connectivity.
my connection is GB so there might be problem.

Expectation on class
- ask right question (do some research before question, save time)
- Avid question that can be googled.
- Your feedback is really important for me, so rate

AWS intro
Support Plan

10 modules

Introduction to AWS
Security management in AWS
Object stoage Options
Amazon EC2
Load Balancing, auto-scaling and Route 53
Database services and Analytics
Networking and Monitoring services
Application services and AWS LAMBDA
Configuration management and Automation
ASW architectural Design

Introduction

- What is cloud computing
- Services

AWS global infrastructure
- dge location

cli interface and management console

Cloud is a collection of computing resources CPU, Memory, storage, network.

why?
-

Datacenter
---------
IT resources
- servers [ Win. Lin ]
- Network
- Storage

tech stack - Java, php, LAMP, .net

- you need money initially to invent on infrastructure.
- You have 2 server can haldle 1000 request/sec and load increase to 10K/sec, you add other 15 servers
but it is a problem to buy and you will have problem with scalibility.
- Yo uhave to plan ahead and say you have natural disaster, what happens?
- say you have DR site and again need investment.
- you are spending much on people, process

but for cloud, you start with small servers and need extra resources, you can increase quickly.

so
- cloud effective
- pay when you use
- flexible as compare to traditional data center model.

On prem - You manage all

Apps
Data
Runtime
Middleware
OS
Hypervisor
Compute
Storage
Network

Cloud computing model
IaaS - infrastructure as service
- Databse, web servers, app servers
messagin servces
storage, network and mire..

customer pay as per use.

You manage
==========
Apps
Data
Runtime
Middleware
OS

Managed by Vendor
=================
Hypervisor
Compute
Storage
Network

Paas - Platform as service
---------------------------
You manage
==========
Apps
Data

Managed by Vendor
=================
Runtime
Middleware
OS
Hypervisor
Compute
Storage
Network

SaaS - Software as a Service

You manage
==========
Nothing to manage
just use the app

Managed by Vendor
=================
Apps
Data
Runtime env
Middleware
OS
Hypervisor
Compute
Storage
Network

Deployment
- public (aws, gcp, azure)
- private (OpenStack, VMware)
- hybrid (setup betn datacenter, combination of private and public)
- community (form together with sevaral organization..

Introduction to AWS
-------------------
AWS is a secure cloud service provider which offers copute resources, network, storage, contentnt delivery and other services to business. You can scale up and down resources based on demand.

- Service provided all over the world
- Lots of services avialable
- They charge per minutes basis, so be careful when you create instance

google for aws success story
- read some case study
- why they pick cloud, how they get successful

Benefit of AWS
-------------
- Ease of use
- Dominant in market
- Reliable and flexiable on service offering
- Secure and cost effective (Know responsibility)
- Scalable and provides high performance
- Supports small to large organizations
- They are compliance so you can be confidents

Global Infrascture
1. Region
2. Availbility zones

1. Region
-

US EAST
- Area A -> Dataceter with all infrastructure
- Area B

- These two areas are seperate
- Saves
- They are connected with low latency, high throput, high bandwidth

These data centers are called availibility zone.
One does not impacted when some problem happens on other data center

Region
- region is a combination of two or more AZ.

There is an exceptio in Osaka but other region have at least 2 AZ.

Hints: Google global infrastructure
also look for Oaka region (single data center)

Edge Location (also called CDN)
-------------------------------
- CloudFront
- Akamai

You have a server and broadcasting live. You have customer on all over the world, But say you have user in India and africa. There will be some latency.

Friday, January 22, 2021

kubernetes - Deployment - Day 7

Kubernetes - 1/22/2021

PoD/RC

Replication controller
- helps you to manage the replicas
- Replicas gurantee the number of desired replica.

This concept is obsulated and replaced by replicaset (RS)

They are very similar

Deployment
-----------
How we deploy POD in real world

Normally we don't deploy pod directly. We use through replication controller but we use deployment.

Its one type of keywork avialable in kubernetes.

> kc get deployment

Repo (HUB)
- You store your Image
- You can download (pull) and install

Image (Bundle together)
- App (php-code)
- Webserver
- OS

LAB
[root@master ~]# kc get deployment
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   0/1     1            0           69d
[root@master ~]# kc get pods
NAME                    READY   STATUS    RESTARTS   AGE
al-pod                  0/1     Pending   0          44d
hello                   0/1     Pending   0          44d
mp-hellp                0/3     Pending   0          44d
myapp-pod               0/1     Pending   0          83d
mydb                    0/1     Pending   0          44d
nginx-f89759699-hxfnp   0/1     Pending   0          69d
p2-pod                  0/1     Pending   0          44d
secure-pod              0/1     Pending   0          44d
yo-namaste              0/1     Pending   0          44d
[root@master ~]# kc delete all --all
pod "al-pod" deleted
pod "hello" deleted
pod "mp-hellp" deleted
pod "myapp-pod" deleted
pod "mydb" deleted
pod "nginx-f89759699-hxfnp" deleted
pod "p2-pod" deleted
pod "secure-pod" deleted
pod "yo-namaste" deleted
service "kubernetes" deleted
deployment.apps "nginx" deleted
replicaset.apps "nginx-f89759699" deleted
[root@master ~]# kc get all
NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   2s
[root@master ~]#

========================

[root@master ~]# kc create deployment mydep --image=vimal13/apache-webserver-php
deployment.apps/mydep created
[root@master ~]# kc get deployment
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
mydep   0/1     1            0           16s
[root@master ~]# kc get rc
No resources found in default namespace.
[root@master ~]# kc get rs
NAME               DESIRED   CURRENT   READY   AGE
mydep-6d7898999b   1         1         0       49s
[root@master ~]#

[root@master ~]# kc describe deployment mydep
Name:                   mydep
Namespace:              default
CreationTimestamp:      Fri, 22 Jan 2021 11:38:12 -0500
Labels:                 app=mydep
Annotations:            deployment.kubernetes.io/revision: 1
Selector:               app=mydep
Replicas:               1 desired | 1 updated | 1 total | 0 available | 1 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=mydep
Containers:
   apache-webserver-php:
    Image:        vimal13/apache-webserver-php
    Port:         <none>
    Host Port:    <none>
    Environment: <none>
    Mounts:       <none>
Volumes:        <none>
Conditions:
Type           Status Reason
----           ------ ------
Available      False   MinimumReplicasUnavailable
Progressing    True    ReplicaSetUpdated
OldReplicaSets: <none>
NewReplicaSet:   mydep-6d7898999b (1/1 replicas created)
Events:
Type    Reason             Age   From                   Message
----    ------             ---- ----                   -------
Normal ScalingReplicaSet 111s deployment-controller Scaled up replica set mydep-6d7898999b to 1
[root@master ~]#

Review the strategy: rolling upgrade

You can change it if you like

scale your pod

[root@master ~]# kc get rs
NAME               DESIRED   CURRENT   READY   AGE
mydep-6d7898999b   1         1         0       2m41s
[root@master ~]# kc scale deployment mydep --replicas=3
deployment.apps/mydep scaled
[root@master ~]# kc get deployment
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
mydep   0/3     3            0           3m20s
[root@master ~]#
[root@master ~]# kc describe deployment mydep

[root@master ~]# kc delete deployment mydep
deployment.apps "mydep" deleted
[root@master ~]# kc get deploy
No resources found in default namespace.
[root@master ~]# kc get deployments
No resources found in default namespace.
[root@master ~]# kc get pods
No resources found in default namespace.
[root@master ~]# kc get rs
No resources found in default namespace.
[root@master ~]# kc get rc
No resources found in default namespace.
[root@master ~]#

mkdir lab
cd /lab
vi index.php
version1

hub.docker/com
search vimal12

vi Dockerfile
From vimal13/apache-webserver-php

COPY index.php /var/www/html/index.html

wq

# docker build -t vimal13/apache-webserver-php:lwv1 /dws2

# docket images | grep lwv1

Create on docker.hub
# docket login
enter your username:pw

# docket push vimal13/apache-webserver-php

It will uploaded to dockethub

Wednesday, January 20, 2021

Ansible - Change the permission using one liner

Audit log found that some of the servers had somehow incorrect permission - complaining about:-
The mode is too permissive.

To correct this permission, you have to login to each system, make change to each file one by one. If you have ansible environment, you have an easy solution. You can use ansible one liner

1. Existing permission
[root@worker1 ~]# ls -l /etc/shadow
-rwxr-xr-x. 1 root root 244 Jul 22 08:58 /etc/shadow

2. Run ansoble to fix this problem
[sam@master html]$ sudo ansible -i /root/myhosts all -a "chmod 0600 -v /etc/shadow" -b -K -o
BECOME password:
worker1 | CHANGED | rc=0 | (stdout) mode of '/etc/audit/rules.d/audit.rules' changed from 0755 (rwxr-xr-x) to 0600 (rw-------)
master | CHANGED | rc=0 | (stdout) mode of '/etc/audit/rules.d/audit.rules' retained as 0600 (rw-------)
worker2 | UNREACHABLE!: Failed to connect to the host via ssh: ssh: connect to host worker2 port 22: No route to host
[sam@master html]$

3. Verify the permission
[root@worker1 ~]# ls -l /etc/shadow
-rw-------. 1 root root 244 Jul 22 08:58 /etc/shadow

Tuesday, January 19, 2021

Git - Play around with git

Wednesday, January 13, 2021

Kubernetes - Services creating POD and Services - Day 6

1/13/2021

Kubernetes Service
yaml code for load balancer

> kc get services
> kc get svc

$ cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mylb1
spec:
selector:
    app: web
ports:
    - targetPort: 80
      port: 8080

> kc apply -f svc.yaml

> kc get svc
> kc describe svc mylb1

Output has no endpoint.
behind loadbalancer, there is no end point. or backend.

> kc get pods
no pod running.

now, launch a pod using pod definition file

$ cat mypod.yaml

apiVersion: v1
kind: Pod
metadata:
name: "mypod1"
labels:
    app: web

spec:
containers:
- name: "myc1"
    image: "dimple12/apache-webserver-php"

> kc apply -f pod.yaml

> kc get pods
> kc get pods -L app
> kc describe svc mylb1

-----------------------------------

apiVersion: v1
kind: Pod
metadata:
name: "mypod2"
labels:
    app: web

spec:
containers:
- name: "myc1"
image: "dimple12/apache-webserver-php"

> kc apply -f pod.yaml

> kc get pods
> kc get pods -L app
> kc describe svc mylb1

now IP is displayed - end point
> kc describe pods mypod2

luanch pod with new name ..

apiVersion: v1
kind: Pod
metadata:
name: "mypod3"
labels:
    app: web

spec:
containers:
- name: "myc1"
    image: "dimple12/apache-webserver-php"

> kc apply -f pod.yaml

> kc get pods
> kc get pods -L app
> kc describe svc mylb1

$ cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mylb1
spec:
type: NodePort
selector:
    app: web
ports:
    - targetPort: 80
      port: 8080
      nodePort: 30000

> kc get svs
kc apply -f svc.yaml

kc get svc
> kc describe svc mylb1

you see end point is available

now expose

go to windows and run

Ip is node IP and you are exposing the port.

curl https://192.168.99.100:30000

you get a page..

keywords:
replication controller - helps you to create replicas such as 4, 5 ports
load balancer
NodePort
Selector
targetport
clusterIP
external
exposed
service (load balancer)
deployment

cloud.creynold.net

Tuesday, January 5, 2021

AWS - VM migration to AWS

How to Migrate server to AWS
We will be using VMware VM to migrate to AWS

1. Create an IAM account with ec2 and s3 full access with programatic access to adminfull access
Record the access and secret key. Do not share on public.

2. Import Virtual Machine to AWS
- Open your VMware and export your machine to OVF format

3. Install ec2-api-tools
# mkdir -m 777 /opt/Migration
# cd /opt.Migration
# wget http://launchpadlibrarian.net/111617788/ec2-api-tools_1.6.1.1-0ubuntu1_all.deb
# dpkg -i ec2-api-tools_1.6.1.1-0ubuntu1_all.deb
# ec2-version

4. Import the image
- Go to your bucket location where you have vmdk file
# cd /opt/centosnet/centosnet7aa/centosnet02/

- Import *.vmdk file in s3 bucket
# export AWS_ACCESS_KEY="Ky-access-Key"
# export AWS_SECRET_KEY="my-sec-key"
# ec2-import-instance CentOSnet4-bit-disk1.vmdk -f VMDK -t t2.micro -a x86_64 -b import-exportmas -p Linux -o $AWS_ACCESS_KEY -w $AWS_SECRET_KEY --region us-east-1

- Check the conversion status
# ec2-describe-conversion-tasks -O $AWS_ACCESS_KEY -W $AWS_SECRET_KEY --region us-east-1

# ec2-describe-conversion-tasks import-i-fg7wgpui -O $AWS_ACCESS_KEY -W $AWS_SECRET_KEY --region us-east-1

- Check the instance list
# ec2-describe-instances -O $AWS_ACCESS_KEY -W $AWS_SECRET_KEY --region us-east-1

- Cancel conversion task
# ec2-cancel-conversion-task import-i-fh0pdfpb -O $AWS_ACCESS_KEY -W $AWS_SECRET_KEY --region us-east-1

- Resume import
# ec2-resume-import CentOSnet4-bit-disk1.vmdk -t import-i-fh0pdfpb -o $AWS_ACCESS_KEY -w $AWS_SECRET_KEY --region us-east-1

- Delete
# ec2-delete-disk-image -t import-i-fh0pdfpb -o $AWS_ACCESS_KEY -w $AWS_SECRET_KEY --region us-east-1

AWS - Create VPC, Subnet mask, private and public EC2 instances creation

Step by step Guide to create VPC, subnet mask and creating EC2 instances to public and private subnet.
and connecting private instances to internet.

What is VPC
- VPC is a logical boundary to allow communication witin the subnet.
- You can call VPC as your company building.
- Subnet is kind of datacenter with server, network connectivity.
- Public Subnet can access to internet since it is mapped with public IP
- Private subnet is not mapped with public IP so can't directly communicate outside subnet.

A. Create VPC       # note: mask bit can not be less than 16.
1. Go to AWS Dashboard
2. Search for VPC -> Your VPC
3. Create VPC
   Name: DC-VPC    IPv4: 192.169.0.0/16
4. Click on create

B. Create Public Subnet
5. Click on Subnets from VPC Dashboard
   Name: DC-PUB-Subnet   VPC: DC-VPC
   VPC CIDR: 192.168.0.0/16   - Associated
   IPv4 CIDR: 192.168.10.0/24
6. Click on Yes Create

C. Create Private Subnet
7. Now, you on VPC Dashboard under subnets
8. Click on create subnet
   Name: DC-PVT-Subnet   VPC: DC-VPC
   VPC CIDR: 192.168.0.0/16
   IPv4 CIDR Block: 192.168.20.0/24
9. Click on Yes Create

D. Create Internet Gateway
10. Now, click on Internet Gateways
11. Click on create internet Gateway
    Name Tag: DC-IGW
12. Click on Yes Create
13. Click on DC-IGW and click on Attach to VPC
14. Select DC-VPC and click on Yes Attach

E. Create Public Route table
   - Here you will associate public subnet with public route
   - And
15. Click on Route Tables
16. Click on Create Route Table
    Name: DC-Pub-route   VPC: DC-VPC
17, Click on Yes create.
18. Click on Route Tables you just created
19. Click on Subnet Associations and click on Edit
20. Select the DC-Public-Subnet and click on SAVE.
21. Click on Routes and click on Add another route
    Destination: 0.0.0.0/0   Target: DC-IGW
22. Click on Save

23. Again click on Create route table
    Name: DC-Pvt-route   VPC: DC-VPC
24. Click on Yes Create
25. Select the private route you just created and click on Subnet Associations Tab
26. Click on Edit and select DC-Pvt-Subnet
27. Click on Save.
27. Click on Router

F. Create AWS instances on private and public subnet
28. Launch EC2 instances on pub subnet (internet access) and private subnet.
    - To login to private subnet machine, first login to pub machine and from there login to private

G. How to allow internet access to private subnet
29. Create a NAT Gateway in public subnet
30. Go to private route table and add NAT-GW rule to allow private machines to have internet.

===========================================

How to connect to private VM in AWS ?

1. Create VM on Private and Public Subnet.
2. Login to public VM and create a directory with full permission.
3. Copy the keys there.
   $ ssh -i "mykey.pem" ec2-user@pub-IP_of-inst
   # mkdir /mykeys; chmod 777 /mykeys
   # exit

4. Copy private key to public VM
   $ scp -i mykey.pem <my-keyfile> ec2-user@pub-inst-IP:/mykeys
   $ scp -i mykey.pem mykey.pem ec2-user@55.230.15.34:/mykeys

5. Now, login to your public VM again. Go to /mykeys.
6. Now, initiate a ssh connection to private VM.
$ cd /zkeys
$ ssh   -i <key*.pem> ec2-user@<PVT_IP>

Create Nat Instance
launch in public subnet

AWS - Install and Configure OpenVPN

Install and configure AWS Open VPN

1. Go to AWS dashboard
2. Go to Marketplace and launch OpenVPN Access Server

Verify that it comes under free tier.

3. Login to your OpenVPN as openvpnas using putty/ssh/MobaX
c:> cd c:/awskeys
$ ssh -i "mykey.pem" openvpnas@55.25.22.120
- Type 'yes' for agreement
- Press enter enter - Default

Please specify the network interface and IP address to be
used by the Admin Web UI:
(1) all interfaces: 0.0.0.0
(2) eth0: 192.168.10.120
Please enter the option number from the list above (1-2).
> Press Enter for default [2]:

Please specify the port number for the Admin Web UI.
> Press ENTER for default [943]:

Please specify the TCP port number for the OpenVPN Daemon
> Press ENTER for default [443]:

Should client traffic be routed by default through the VPN?
> Press ENTER for default [no]:

Should client DNS traffic be routed by default through the VPN?
> Press ENTER for default [no]:

Use local authentication via internal DB?
> Press ENTER for default [yes]:

Private subnets detected: ['192.168.0.0/16']

Should private subnets be accessible to clients by default?
> Press ENTER for EC2 default [yes]:

To initially login to the Admin Web UI, you must use a
username and password that successfully authenticates you
with the host UNIX system (you can later modify the settings
so that RADIUS or LDAP is used for authentication instead).

You can login to the Admin Web UI as "openvpn" or specify
a different user account to use for this purpose.

Do you wish to login to the Admin UI as "openvpn"?
> Press ENTER for default [yes]:

> Please specify your OpenVPN-AS license key (or leave blank to specify later):

You can now continue configuring OpenVPN Access Server by
directing your Web browser to this URL:

https://55.25.22.120:943/admin
Login as "openvpn" with the same password used to authenticate
to this UNIX host.

During normal operation, OpenVPN AS can be accessed via these URLs:
Admin UI: https://55.25.22.120:943/admin
Client UI: https://55.25.22.120:943/

openvpnas@openvpnas2:~$ sudo su -
root@openvpnas2:/home/openvpnas# passwd openvpn