React.JS


Let me share some useful resources related to React.JS

First let's have a look to overall Layer architecture, to get big picture.


Layer Component Examples
4 At browser : MVC Framework Angular.JS, React.JS, Veu.JS, Vanila JS etc.
3 Web Application Framework (WAF) Express.JS
2 Server side scripting Node.JS
1 Databse (DB) Mongo DB, Any NoSQL DB

With React.JS one can build: 

1. Web Application
2. Web Services
3. Web Resources
4. Web API

We have

1. React.JS to build user interface
2. React Native to build application for Android OS, iOS and UWP (Universal Windows Platform : Windows10)


Now here is list of URLs:

URLs
https://en.wikipedia.org/wiki/React_(JavaScript_library)
https://en.wikipedia.org/wiki/Web_framework
https://en.wikipedia.org/wiki/MEAN_(software_bundle)
https://www.quora.com/What-is-a-full-stack-in-JavaScript
https://redux.js.org/
https://reactjs.org/
http://www.material-ui.com/
https://x-team.com/blog/react-baby-steps/
Basics

HTML
https://www.w3schools.com/html/
CSS
https://www.w3schools.com/css/
https://www.codecademy.com/learn/learn-css
https://www.safaribooksonline.com/library/view/designing-with-web/9780321679765/ (safari books)
JavaScript
https://javascript.info/
https://www.safaribooksonline.com/library/view/speaking-javascript/9781449365028/ (safari books)
es6
https://www.udemy.com/essentials-in-javascript-es6/learn/v4/content
React

https://reactjs.org/tutorial/tutorial.html
https://reactjs.org/docs/getting-started.html
https://www.safaribooksonline.com/videos/reactjs-fundamentals-second/9780134854670 (safari books)
Webpack

https://webpack.js.org/concepts/
https://www.valentinog.com/blog/react-webpack-babel/

Redux

https://redux.js.org/
https://egghead.io/courses/getting-started-with-redux

React-Router

https://reacttraining.com/react-router/web/guides/quick-start
https://medium.com/@pshrmn/a-simple-react-router-v4-tutorial-7f23ff27adf

Internationalization

https://github.com/yahoo/react-intl/wiki#getting-started
https://medium.com/@marcelmokos/internationalize-react-apps-done-right-using-react-intl-library-82978dbe175e

Utility libraries
Axios

https://github.com/axios/axios

Loadash
https://lodash.com/docs/4.17.10
Moment
https://momentjs.com/docs/
Testing

https://jestjs.io/docs/en/getting-started (jest)
https://airbnb.io/enzyme/docs/api/ (enzyme)
https://hackernoon.com/testing-react-components-with-jest-and-enzyme-41d592c174f (react + jest +enzyme)

Container Runtime


Low-Level container run time:  At their core, low-level container runtimes are responsible for 
* setting up these namespaces and cgroups for containers, 
* allow for setting resource limits on the cgroup, 
* setting up a root filesystem, 
* chrooting the container's process to the root file system, and 
* then running commands inside those namespaces and cgroups
using the standard Linux cgcreate, cgset, cgexec, chroot and unshare commands.

Example
1. runC is reference implementation of OCI specification https://github.com/opencontainers/runtime-spec sudo runc run mycontainerid
2. lxc
3. lmctfy by Google. It has the ability to run sub-task containers under a pre-allocated set of resources on a server, and thus achieve more stringent SLOs than could be provided by the runtime itself. It supports container hierarchies that use cgroup hierarchies via the container names


High-level container run time (= container run time) supports: 
* image management, 
* image transport
* image unpack
* pass image to low-level container run time to run it. 
* provide daemon application
* gRPC API. gRPC is a modern, open source, high-performance remote procedure call (RPC) framework 
* Web API. 

Example
1. containerd from docker. ctr is command line client for containerd. https://github.com/docker/containerd/blob/master/design/architecture.md
2. rkt by CoreOS 
3. cri-o

Relations

* rkt is a runtime containing both high level runtime and low level runtime. 
containerd and cri-o are on top of runC
* containerd does not have support for building container image. 
* rkt can build docker image, however does not provide remote API. 
* docker provides everything
* rkt can become alternative of docker. K8s can use rkt instead of docker. K8s can also use cri-o + runC instead of docker. 
* rkt supports pod natively. 


Reference : https://www.youtube.com/watch?v=Utf-A4rODH8

Docker


Under the hood

Docker is programme written in Go

Docker needs Linux kernel version 3.10 or more. 


Docker is 2 programme = client + server. The server can be on remote machine

Docker manage kernel features (1) cgroups (2) namespace (3) copy-on-write COW file system

1. cgroups : limits the amount of resources (CPU, Memory) 
2. namespace = mount, IPC, network, PID, user (user and group) and UTS (=Unix Time Sharing. Host name and domain name). 

Network name space includes : network devices, IPv4  and  IPv6  protocol stacks, IP routing tables, firewalls, the /proc/net directory, the /sys/class/net directory, port numbers (sockets), and  so  on

Namespace API has 3 system calls I. clone II. unshare III. setns 

Network Namespace

Typically, "ip netns" can be used 

ip netns exec $namespace_id
to run some arbitrary command inside a given namespace.

However, ip netns only knows about namespaces listed in /var/run/netns/, and neither docker nor k8s have symlink its namespaces there. 
but they can be accessed using "nsenter" and specifying the process ID of the container, e.g.

nsenter -t ${PID} -n ip addr
nsenter -t ${PID} -n route -n
sudo nsenter -t ${PID} -n /bin/sh


nsenter discovers the network namespace at /proc/$PID/ns/net, where the namespace is accessible (by syscalls like setns(2)) via file descriptor.

Docker creates bridges. Docker sets routes. docker uses iptables

Docker Dependencies

ca-certificates package contains certificates provided by the Certificate Authorities.


apt-transport-https allows the use of repositories accessed and downloaded via https protocol


software-properties-common provides some useful scripts for adding and removing PPAs + the DBUS backends. Without it, you would need to add and remove repositories (such as PPAs) manually by editing /etc/apt/sources.list and/or any subsidiary files in /etc/apt/sources.list.d


To add non-root user

sudo groupadd docker

sudo gpasswd -a docker
sudo usermod -aG docker
sudo setfacl -m user::rw /var/run/docker.sock

Docker Flow

docker run puts image to container

1. docker commit creates new image from container
Here commit will also tag image. default tag value is 'latest"
2. docker tag "old name" "new name may contain registry url"
Here "tag" is optional. 
Instead of 1, and 2 use single command
"docker commit "

docker image and container both have IDs. They are different. 


Docker run command

docker run --memory --cpu-share --cpu-quota -p [outside port:]"inside port"[/tcp|udp] --link --name -ti --privileged=true --net="host | some name" --ip "ip address" -v [absolute local path:] --restart=always --pid=host --env KEY=VALUE --volumes-from --rm -d [:tag default is latest]
ti = interactive terminal
rm = remove container, once it is done.
d = detach
-p here outside port is optional
-p :/ default is tcp
-P = --publish-all For exposing all ports
--link = it will add "ip address another container name" at /etc/hosts. It will auto detect IP address of another container. Assume the IP address does not change. 
-v for volume
--privileged to get full access of host OS
--pid will give more privilege to control PID of host OS
--restart : To restart if it dies. 
--net : To specify network name space

^d to exit container. 


https://docs.docker.com/engine/reference/commandline/run/

docker run = docker create + docker start

Attach and detach 


attach using

docker attach <container name>

to detach, when you are inside container, press ^p, ^q


Run process at container


docker -exec

Cannot add ports, volumes etc.
docker -exec -ti my_container sh -c "echo a && echo b"

Running more than one process or service in a container is discouraged for maximum efficiency & isolation. 

Logs


docker logs


Remove and Kill


docker kill

Container moves to stopped state. 

docker rm  

This will remove the container

docker ps -l

l = last running container. 

Network


docker port

It will list out external v/s internal ports. Same like iptables

For dynamic link, first create network
docker network create  

Then use --net while creating both networks.

here a name server will be added to network and it will take care of new ip address. 

If we specify --net=host then we can see, all the bridges inside container also with "brctl show" command

Docker inspect

This command gives various information about docker like author, pid, IP address etc. 

docker inspect --format '{{ .State.Pid }}' "name"
docker inspect --format '{{ .NetworkSettings.IPAddress }}' "name"

Docker images


docker images

List downloaded image. 

Docker Registry 

name = registry FQDN : port /organization name/image name:version tag

short name = organization name/image name


docker rmi


docker login
docker pull
docker push "name as per used in docker tag"
docker search

https://hub.docker.com/

Nexus

port 5000 for push, pull etc. 


https://docs.docker.com/registry/deploying/#copy-an-image-from-docker-hub-to-your-registry

The docker images can be stored at local host, docker, AWS, Google, Microsoft

docker save -o "tar.gz file" "one or more than one docker image:tag"
docker load -i "tar.gz file"

Volumes

virtual disc

persistent (-v) v/s ephemeral (--volumes-from)
not part of image

mount -o bind "original folder" "new name of folder. May be existing folder"


Host file system over guest can be mounter. Not vica versa. 

Dockerfile


No. Purpose docker file "docker run" command
1 Base image FROM
2 "Author" as output of "docker inspect" command MAINTAINER
3 Debug statement RUN
4 ADD "URL | local path" "container path"
5 During build time and run time ENV --env (or -e)KEY=VALUE
--env-file
6 It is like CMD. It is first programe to run inside container ENTRYPOINT --entrypoint It will override from DockerFile
7 CMD Last Argument is combination of ENTRYPOINT + CMD
8 Multi project file  COPY
9 sets working dir for build and for container. it is like CD WORKDIR --workdir
10 binary argument Shell Form
11 ["bianry", "argument"] Exec Form
12 Opening outgoing port at iptables firewall EXPOSE portNumber -p [outside port:]"inside port" P=publish. Publish is for outside network. Expose is for inside network.
13 Avoid local path VOLUME ["optional local path" "container path] -v and --volume-from
14 the container will run as user USER sudo

Reference 


https://docs.docker.com/engine/reference/builder/ 
https://docs.docker.com/engine/reference/commandline/docker/
https://jvns.ca/blog/2016/10/10/what-even-is-a-container/

Playground

https://labs.play-with-docker.com/


https://nickjanetakis.com/blog/a-linux-dev-environment-on-windows-with-wsl-docker-tmux-and-vscode
https://nickjanetakis.com/blog/using-wsl-and-mobaxterm-to-create-a-linux-dev-environment-on-windows

Questions

1. How to run xserver in container ?
2. How to connect using docker client to remote docker server?
3. how to expose my docker server on network? How to bind it to tcp socket instead of unix socket
4. Is LXD replacement of docker? 
https://linuxcontainers.org/lxd/introduction/
https://us.images.linuxcontainers.org/
https://linuxcontainers.org/lxd/getting-started-cli/

DevOps Resources


Introduction


DevOps approach includes automation and event monitoring at each stage of build. DevOps is set of practice to reduce time to deploy committed code to production. It is cross-function mode of working among development, QA and Operations team. Its variants are:

1. ArchOps for architecture
2. DataOps for data engineers
3. DevSecOps with security
4. WinOps for MicroSoft centric view. etc. 



Conferences

1. DevOpsDays : Low Cost. Bangalore also
2. DevOps Enterprise Summit (DOES) : High cost
3. Velocity.

Technology Specific events

1. ChefConf
2. PuppetConf
3. AWS re:invent
4. Monitorama
5. Surge
6. ScaleConf
7. Structure 

NewsLatter : https://www.devopsweekly.com/

Twitter Handles

@garethr
@devopsdotcom
@ashimmy
@botchgalupe
@damonedwards
@nathenharvey
@devopsmaster
@ernestmueller
@wickett
@iteration1

Zappa is serverless Python web services
https://github.com/Miserlou/Zappa
https://www.zappa.io/
Use case: Reporting system

Security in DevOps

Rugged Manifesto for secure coding
DevOps Audit Defense Toolkit
Threat Stack builds cloud security solution
gauntlt security testing
Signal Sciences is web application firewall
Alien Vault manages cyber attacks. 

Reliability Engineering : 3rd Pillar of DevOps


Reliability : system or component function under stated condition for specified period of time. It includes :

- Availability
- Performance
- Security

These should not be part of non-functional requirements. 

Key Areas of DevOps

1. Extending delivery to production
2. Extending feedback from operations to development (operate for design)
3. Embedding development into operations
4. Embedding operations into development

Dev comes from the school and Ops comes from the street. Reliability engineering = design for operate + operate for design

As per "Site Reliability Engineering" book  by Google, development team handles 100% and after the service reach maturity and stability 5% of operational workload 

Design for operation
  • "Design Pattern" by Gang of Four is for software design, design pattern and architecture. Similar design pattern book for stability is "Release it" by Michale Nygard. Another good book is "The Twelve Factor App" https://12factor.net/
  • Failure at integration point : Hystrix is open source library by Netflix that wrap a call to integration point with circuit breaker. 
  • config state should be separate from app code and store in environment variable 
  • Factorish github project to move legacy app to 12 factor app. 
  • Follow https://martinfowler.com/
  • Replication avoid single point of failures
  • Performance testing can be part of build pipeline. 
  • User profiler tool and APM (Application Performance Management) tools to locate performance bottleneck. 

Operate for Design

Monitoring

Monitoring metrics

  1. service performance & uptime
  2. software components metrics 
  3. system metrics (time series metrics about host) 
  4. app metrics
  5. performance
  6. security
    1. System security : Bad TLS/SSL settings, open ports, system configuration probelms
    2. Application security : XSS/SQL injection, custom events like password reset, invalid logins, new account creation. 
    3. Anomalies 
Monitoring Tools


1. Legacy tools : Nagios, Savics 
2. Simple endpoint monitoring : Pingdom, 
3. system and metric monitoring : Datadog, Netuitive, Ruxit, and Librato, 
4. full application performance management tools: New Relic and AppDynamics. 
5. Open Source tools : graphite, grafana, statsd, gangila, InfluxDB, OpenTSDB, mitrics.dropwizard.io
6. Open source solutions : icinga, sensu similar to nagios
7. container monitoring open source tools: prometheus, sysdig
8. security monitoring tools



Metrics
Avoid so many metrics. 

Logging

5 principles of logging

1. Do not collect log, that you will not use
2. Retain log data as long as it needed to retain by regulatory authority
3. Log all you can, but alert only when actions needed. Define log levels 
4. application availability and security is more needed, compare to logging availability and security 
5. Logs change. Format, content. Let's all take ownership of their log and keep at centralized system. 

Books related to Logging

1. Logging and Log Management
2. The practice of cloud system administration
3. Web Operations.

Log Management Tools

1. Legacy tool : Splunk
2. Open source Elk stack = Elastic search + log stashin + kibana
3. SaaS incident management tool :  Pagerduty and VictorOps
4. Open source : flapjack.io
5. statuspage.io
6. Command dispatcher tools : RunDeck, 

In addition to Monitoring, Metrics and Logging, few more tools for feedback. Incident command system, blameless postmortem and transparent uptime.