profile for Gajendra D Ambi on Stack Exchange, a network of free, community-driven Q&A sites

Saturday, March 31, 2018

Setting up powershell for microsoft azure cloud

So it is that time of the day, actually night, actually morning 2:15am where I felt like trying out of azure. I most prefer to learn by seeing and doing but i like my words, thank you very much. The way you do with words (command prompt, script, automation) remains same, similar and sometimes identical forever but GUI keeps changing.
Run your powershell 5, 6 or ISE, whichever you like; even your visual studio code if it is configured with powershell.
Install-Module -Name AzureRM -AllowClobber

I also suggest you to go ahead and get the cli tool for powershell from here
close all the powershell windows.
launch the powershell as administrator and enable execution of script by running the following.
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Now we want to get the azure credentials.
Get-AzurePublishSettingsFile
It takes you to the azure portal where you can select the payment model, validate and for that you get to download publish settings.
Now we will import them using the downloaded file and delete that file. Once imported that file is no more needed (for security reasons).

PS C:\Users\<username>> Import-AzurePublishSettingsFile 'C:\Users\<username>\Documents\azure\Windows Azure MSDN - 1_4_2018, 04_43_29 - credentials.publishsettings'

Id                                   Name          State ExtendedProperties                        
--                                   ----          ----- ------------------                        
f6ec6bf5-7459-46f5-a274-5a44c60fef0a Pay-As-You-Go       {[Account, 411690FA9A067441A00E1DDBECD7...
Now let us whether it worked by trying to list all the azure environments.

PS C:\Users\<username> Get-AzureEnvironment


Name                                     : AzureGermanCloud
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.cloudapi.de/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : http://portal.microsoftazure.de/
ServiceManagementUrl                     : https://management.core.cloudapi.de/
PublishSettingsFileUrl                   : https://manage.microsoftazure.de/publishsettings/index
ResourceManagerUrl                       : https://management.microsoftazure.de/
SqlDatabaseDnsSuffix                     : .database.cloudapi.de
StorageEndpointSuffix                    : core.cloudapi.de
ActiveDirectoryAuthority                 : https://login.microsoftonline.de/
GraphUrl                                 : https://graph.cloudapi.de/
TrafficManagerDnsSuffix                  : azuretrafficmanager.de
AzureKeyVaultDnsSuffix                   : vault.microsoftazure.de
AzureKeyVaultServiceEndpointResourceId   : https://vault.microsoftazure.de

Name                                     : AzureCloud
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.windows.net/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : http://go.microsoft.com/fwlink/?LinkId=254433
ServiceManagementUrl                     : https://management.core.windows.net/
PublishSettingsFileUrl                   : http://go.microsoft.com/fwlink/?LinkID=301775
ResourceManagerUrl                       : https://management.azure.com/
SqlDatabaseDnsSuffix                     : .database.windows.net
StorageEndpointSuffix                    : core.windows.net
ActiveDirectoryAuthority                 : https://login.microsoftonline.com/
GraphUrl                                 : https://graph.windows.net/
TrafficManagerDnsSuffix                  : trafficmanager.net
AzureKeyVaultDnsSuffix                   : vault.azure.net
AzureKeyVaultServiceEndpointResourceId   : https://vault.azure.net

Name                                     : AzureUSGovernment
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.usgovcloudapi.net/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : https://manage.windowsazure.us
ServiceManagementUrl                     : https://management.core.usgovcloudapi.net/
PublishSettingsFileUrl                   : https://manage.windowsazure.us/publishsettings/index
ResourceManagerUrl                       : https://management.usgovcloudapi.net/
SqlDatabaseDnsSuffix                     : .database.usgovcloudapi.net
StorageEndpointSuffix                    : core.usgovcloudapi.net
ActiveDirectoryAuthority                 : https://login.microsoftonline.us/
GraphUrl                                 : https://graph.windows.net/
TrafficManagerDnsSuffix                  : usgovtrafficmanager.net
AzureKeyVaultDnsSuffix                   : vault.usgovcloudapi.net
AzureKeyVaultServiceEndpointResourceId   : https://vault.usgovcloudapi.net

Name                                     : AzureChinaCloud
EnableAdfsAuthentication                 : False
ActiveDirectoryServiceEndpointResourceId : https://management.core.chinacloudapi.cn/
AdTenant                                 : Common
GalleryUrl                               : https://gallery.azure.com/
ManagementPortalUrl                      : http://go.microsoft.com/fwlink/?LinkId=301902
ServiceManagementUrl                     : https://management.core.chinacloudapi.cn/
PublishSettingsFileUrl                   : http://go.microsoft.com/fwlink/?LinkID=301776
ResourceManagerUrl                       : https://management.chinacloudapi.cn/
SqlDatabaseDnsSuffix                     : .database.chinacloudapi.cn
StorageEndpointSuffix                    : core.chinacloudapi.cn
ActiveDirectoryAuthority                 : https://login.chinacloudapi.cn/
GraphUrl                                 : https://graph.chinacloudapi.cn/
TrafficManagerDnsSuffix                  : trafficmanager.cn
AzureKeyVaultDnsSuffix                   : vault.azure.cn
AzureKeyVaultServiceEndpointResourceId   : https://vault.azure.cn
and yes it did. 

Setting up powershell with AWS

Okay,
So I needed to setup my new powershell 6 with AWS. Didn't want to enter the credentials and all.
Install-Module -Name AWSPowerShell
Run this on your powershell 5 and/or 6 and you will have your aws tools for powershell ready to go.
Also run
notepad $profile
on powershell 5, powershell ISE, powershell 6 and copy paste the following, save them.
Import-Module AWSPowerShell
Also, if you want to be able to run scripts on your system then enable it toot by doing
Set-ExecutionPolicy RemoteSigned
Close all of your powershell windows now, launch powershell and run the following
Get-AWSPowerShellVersion -ListServiceVersionInfo
and you should get

PS C:\WINDOWS\system32> Get-AWSPowerShellVersion -ListServiceVersionInfo

AWS Tools for Windows PowerShell
Version 3.3.208.0
Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.

Amazon Web Services SDK for .NET
Core Runtime Version 3.3.21.2
Copyright 2009-2015 Amazon.com, Inc. or its affiliates. All Rights Reserved.

Release notes: https://aws.amazon.com/releasenotes/PowerShell

This software includes third party software subject to the following copyrights:
- Logging from log4net, Apache License
[http://logging.apache.org/log4net/license.html]


Service                               Noun Prefix API Version
-------                               ----------- -----------
AWS AppStream                         APS         2016-12-01 
AWS AppSync                           ASYN        2017-07-25 
AWS Batch                             BAT         2016-08-10 
AWS Budgets                           BGT         2016-10-20 
AWS Certificate Manager               ACM         2015-12-08 
AWS Cloud Directory                   CDIR        2016-05-10 
AWS Cloud HSM                         HSM         2014-05-30 
AWS Cloud HSM V2                      HSM2        2017-04-28 
AWS Cloud9                            C9          2017-09-23 
AWS CloudFormation                    CFN         2010-05-15 
AWS CloudTrail                        CT          2013-11-01 
AWS CodeBuild                         CB          2016-10-06 
AWS CodeCommit                        CC          2015-04-13 
AWS CodeDeploy                        CD          2014-10-06 
AWS CodePipeline                      CP          2015-07-09 
AWS CodeStar                          CST         2017-04-19 
AWS Config                            CFG         2014-11-12 
AWS Cost Explorer                     CE          2017-10-25 
AWS Cost and Usage Report             CUR         2017-01-06 
AWS Data Pipeline                     DP          2012-10-29 
AWS Database Migration Service        DMS         2016-01-01 
AWS Device Farm                       DF          2015-06-23 
AWS Direct Connect                    DC          2012-10-25 
AWS Directory Service                 DS          2015-04-16 
AWS Elastic Beanstalk                 EB          2010-12-01 
AWS Elemental MediaConvert            EMC         2017-08-29 
AWS Elemental MediaLive               EML         2017-10-14 
AWS Elemental MediaPackage            EMP         2017-10-12 
AWS Elemental MediaStore              EMS         2017-09-01 
AWS Elemental MediaStore Data Plane   EMSD        2017-09-01 
AWS Greengrass                        GG          2017-06-07 
AWS Health                            HLTH        2016-08-04 
AWS Identity and Access Management    IAM         2010-05-08 
AWS Import/Export                     IE          2010-06-01 
AWS Import/Export Snowball            SNOW        2016-06-30 
AWS IoT                               IOT         2015-05-28 
AWS IoT Jobs Data Plane               IOTJ        2017-09-29 
AWS Key Management Service            KMS         2014-11-01 
AWS Lambda                            LM          2015-03-31 
AWS Marketplace Commerce Analytics    MCA         2015-07-01 
AWS Marketplace Entitlement Service   MES         2017-01-11 
AWS Marketplace Metering              MM          2016-01-14 
AWS Migration Hub                     MH          2017-05-31 
AWS OpsWorks                          OPS         2013-02-18 
AWS OpsWorksCM                        OWCM        2016-11-01 
AWS Organizations                     ORG         2016-11-28 
AWS Price List Service                PLS         2017-10-15 
AWS Resource Groups                   RG          2017-11-27 
AWS Resource Groups Tagging API       RGT         2017-01-26 
AWS Security Token Service            STS         2011-06-15 
AWS Serverless Application Repository SAR         2017-09-08 
AWS Service Catalog                   SC          2015-12-10 
AWS Shield                            SHLD        2016-06-02 
AWS Storage Gateway                   SG          2013-06-30 
AWS Support API                       ASA         2013-04-15 
AWS WAF                               WAF         2015-08-24 
AWS WAF Regional                      WAFR        2016-11-28 
AWS X-Ray                             XR          2016-04-12 
Alexa For Business                    ALXB        2017-11-09 
Amazon API Gateway                    AG          2015-07-09 
Amazon Athena                         ATH         2017-05-18 
Amazon CloudFront                     CF          2017-03-25 
Amazon CloudSearch                    CS          2013-01-01 
Amazon CloudSearchDomain              CSD         2013-01-01 
Amazon CloudWatch                     CW          2010-08-01 
Amazon CloudWatch Events              CWE         2015-10-07 
Amazon CloudWatch Logs                CWL         2014-03-28 
Amazon Cognito Identity               CGI         2014-06-30 
Amazon Cognito Identity Provider      CGIP        2016-04-18 
Amazon Comprehend                     COMP        2017-11-27 
Amazon DynamoDB                       DDB         2012-08-10 
Amazon DynamoDB Accelerator (DAX)     DAX         2017-04-19 
Amazon EC2 Container Registry         ECR         2015-09-21 
Amazon EC2 Container Service          ECS         2014-11-13 
Amazon ElastiCache                    EC          2015-02-02 
Amazon Elastic Compute Cloud          EC2         2016-11-15 
Amazon Elastic File System            EFS         2015-02-01 
Amazon Elastic MapReduce              EMR         2009-03-31 
Amazon Elastic Transcoder             ETS         2012-09-25 
Amazon Elasticsearch                  ES          2015-01-01 
Amazon GameLift Service               GML         2015-10-01 
Amazon GuardDuty                      GD          2017-11-28 
Amazon Inspector                      INS         2016-02-16 
Amazon Kinesis                        KIN         2013-12-02 
Amazon Kinesis Analytics              KINA        2015-08-14 
Amazon Kinesis Firehose               KINF        2015-08-04 
Amazon Kinesis Video Streams          KV          2017-09-30 
Amazon Kinesis Video Streams Media    KVM         2017-09-30 
Amazon Lex                            LEX         2016-11-28 
Amazon Lex Model Building Service     LMB         2017-04-19 
Amazon Lightsail                      LS          2016-11-28 
Amazon MQ                             MQ          2017-11-27 
Amazon MTurk Service                  MTR         2017-01-17 
Amazon Machine Learning               ML          2014-12-12 
Amazon Pinpoint                       PIN         2016-12-01 
Amazon Polly                          POL         2016-06-10 
Amazon Redshift                       RS          2012-12-01 
Amazon Rekognition                    REK         2016-06-27 
Amazon Relational Database Service    RDS         2014-10-31 
Amazon Route 53                       R53         2013-04-01 
Amazon Route 53 Domains               R53D        2014-05-15 
Amazon SageMaker Runtime              SMR         2017-05-13 
Amazon SageMaker Service              SM          2017-07-24 
Amazon Server Migration Service       SMS         2016-10-24 
Amazon Simple Email Service           SES         2010-12-01 
Amazon Simple Notification Service    SNS         2010-03-31 
Amazon Simple Queue Service           SQS         2012-11-05 
Amazon Simple Storage Service         S3          2006-03-01 
Amazon Simple Systems Management      SSM         2014-11-06 
Amazon Step Functions                 SFN         2016-11-23 
Amazon Translate                      TRN         2017-07-01 
Amazon WorkDocs                       WD          2016-05-01 
Amazon WorkSpaces                     WKS         2015-04-08 
Application Auto Scaling              AAS         2016-02-06 
Application Discovery Service         ADS         2015-11-01 
Auto Scaling                          AS          2011-01-01 
Elastic Load Balancing                ELB         2012-06-01 
Elastic Load Balancing V2             ELB2        2015-12-01 

PS C:\WINDOWS\system32> 

So this means we have the AWS module working. but we want to be able to get this working but we want to set it in a way where it won't ask for credentials so that we can use provisioning tools like vagrant, ansible or chef.
Now we have to create a profile and set aws access to that so that we can perform activities without credentials.

$accessKey = 'ADFASGALKJCUIERHL' # fake example
$secretKey = 'SADFDSGDFH5d6+1P2pmIGW8fdkekdfsneujK14u' # fake example
$profileName = 'myProfileName' # fake example
Set-AWSCredential -AccessKey $accessKey -SecretKey $secretKey -StoreAs $profileName

So now the profile has our credentials stored. Let us now set a default region as Asia Pacific (Singapore)

Initialize-AWSDefaultConfiguration -ProfileName $profileName -Region ap-southeast-1
So we are all done. We can provision stuff from from AWS powershell with ease.

PS C:\WINDOWS\system32> Get-AWSRegion


Region         Name                      IsShellDefault
------         ----                      --------------
ap-northeast-1 Asia Pacific (Tokyo)      False         
ap-northeast-2 Asia Pacific (Seoul)      False         
ap-south-1     Asia Pacific (Mumbai)     False         
ap-southeast-1 Asia Pacific (Singapore)  True          
ap-southeast-2 Asia Pacific (Sydney)     False         
ca-central-1   Canada (Central)          False         
eu-central-1   EU Central (Frankfurt)    False         
eu-west-1      EU West (Ireland)         False         
eu-west-2      EU West (London)          False         
sa-east-1      South America (Sao Paulo) False         
us-east-1      US East (Virginia)        False         
us-east-2      US East (Ohio)            False         
us-west-1      US West (N. California)   False         
us-west-2      US West (Oregon)          False    
As you can see currently I have sen my default region as singapore.
Note: Powershell 6 somehow isn't playing well yet. May be in future it will. Everything howerver worked great with powershell 5.

Deploying multi node VMs with vagrant

So we all know how to deploy/provision a single node VM from here.
What if you want to deploy more than one VM? A 3 tier web app may be! for your development team or you have nothing else to do and you are bored.


My setup:

windows 10
babun shell emulator
vagrant 2.x

Goal:

Deploy a 3 tier web app

Process:


1
2
3
4
5
{ vagrant }  » mkdir 3tier
{ vagrant }  » cd 3tier/
{ 3tier }  » ls
{ 3tier }  » touch Vagrantfile
{ 3tier }  » cat Vagrantfile
line
1. created a project directory
2. got inside the directory
4. created an empty Vagrantfile
5. listing the contents of the Vagrantfile shows nothing which means it is empty
Using the nano or vi editor I will add the following
Vagrant.configure("2") do |config|
  config.vm.box = "ubuntu/trusty64"
end

from the following link
https://app.vagrantup.com/ubuntu/boxes/trusty64 to the Vagrantfile
because that is what we need to deploy a bare minimum vagrant VM.
Now let us provision the VM.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
{ 3tier }  » cat Vagrantfile
# my 3 tier web app
Vagrant.configure("2") do |config|
  config.vm.box = "ubuntu/trusty64"
end
###

{ 3tier }  » vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Importing base box 'ubuntu/trusty64'...
==> default: Matching MAC address for NAT networking...
==> default: Checking if box 'ubuntu/trusty64' is up to date...
==> default: Setting the name of the VM: 3tier_default_1522504177366_47355
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
    default: Adapter 1: nat
==> default: Forwarding ports...
    default: 22 (guest) => 2222 (host) (adapter 1)
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
    default: SSH address: 127.0.0.1:2222
    default: SSH username: vagrant
    default: SSH auth method: private key
    default:
    default: Vagrant insecure key detected. Vagrant will automatically replace
    default: this with a newly generated keypair for better security.
    default:
    default: Inserting generated public key within guest...
    default: Removing insecure key from the guest if it's present...
    default: Key inserted! Disconnecting and reconnecting using new SSH key...
==> default: Machine booted and ready!
==> default: Checking for guest additions in VM...
    default: The guest additions on this VM do not match the installed version of
    default: VirtualBox! In most cases this is fine, but in rare cases it can
    default: prevent things such as shared folders from working properly. If you see
    default: shared folder errors, please make sure the guest additions within the
    default: virtual machine match the version of VirtualBox you have installed on
    default: your host and reload your VM.
    default:
    default: Guest Additions Version: 4.3.36
    default: VirtualBox Version: 5.2
==> default: Mounting shared folders...
    default: /vagrant => D:/vagrant/3tier
{ 3tier }  » vagrant ssh
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-143-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sat Mar 31 13:50:11 UTC 2018

  System load:  0.33              Processes:           82
  Usage of /:   3.6% of 39.34GB   Users logged in:     0
  Memory usage: 25%               IP address for eth0: 10.0.2.15
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

New release '16.04.4 LTS' available.
Run 'do-release-upgrade' to upgrade to it.


vagrant@vagrant-ubuntu-trusty-64:~$ hostname
vagrant-ubuntu-trusty-64
vagrant@vagrant-ubuntu-trusty-64:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:bd:94:b9 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:febd:94b9/64 scope link
       valid_lft forever preferred_lft forever
vagrant@vagrant-ubuntu-trusty-64:~$

line
3-5 contents of the Vagrantfile
8. provision the vagrant VM which is mentioned int he Vagrantfile
9. virtualbox is the default virtualization provider unless mentioned otherwise in the vagrantfile
45. vagrant ssh gets you connected to the newly provisioned vagrant VM since there is only one now.
70. hostname of the vagrant vm
72-84. the new VM's networking information.

Now let us destroy this VM and deploy 3 of these.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
vagrant@vagrant-ubuntu-trusty-64:~$ exit
logout
Connection to 127.0.0.1 closed.
{ 3tier }  » ls
Vagrantfile
{ 3tier }  » vagrant status
Current machine states:

default                   running (virtualbox)

The VM is running. To stop this VM, you can run `vagrant halt` to
shut it down forcefully, or you can run `vagrant suspend` to simply
suspend the virtual machine. In either case, to restart it again,
simply run `vagrant up`.
{ 3tier }  » vagrant destroy
    default: Are you sure you want to destroy the 'default' VM? [y/N] y
==> default: Forcing shutdown of VM...
==> default: Destroying VM and associated drives...
{ 3tier }  »
line
1-3. exiting out of the vm
6. checking the vagrant vm status
15. destroying the current vagrant VM.

Now I clear out the Vagrantfile and populate it with the following (without the line numbers)

1
2
3
4
5
6
7
8
9
Vagrant.configure("2") do |config|

  config.vm.define "web" do |web|    
    web.vm.box = "ubuntu/trusty64"
    web.vm.hostname = "web.local"
    web.vm.network "private_network", ip: "192.168.9.2"
  end
  
end

line
1. Start of vagrant file configuration
9. End of vagrant file configuration

3-7. configuration for the VM named web
4. box name
5. hostname for the web vm
6. networking configuration for the web vm

Let us deploy and check it out.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
{ 3tier }  » ls
Vagrantfile
{ 3tier }  » cat Vagrantfile
Vagrant.configure("2") do |config|

  config.vm.define "web" do |web|
    web.vm.box = "ubuntu/trusty64"
    web.vm.hostname = "web.local"
    web.vm.network "private_network", ip: "192.168.9.2"
  end

end{ 3tier }  » vagrant up
Bringing machine 'web' up with 'virtualbox' provider...
==> web: Importing base box 'ubuntu/trusty64'...
==> web: Matching MAC address for NAT networking...
==> web: Checking if box 'ubuntu/trusty64' is up to date...
==> web: Setting the name of the VM: 3tier_web_1522508097183_4245
==> web: Clearing any previously set forwarded ports...
==> web: Clearing any previously set network interfaces...
==> web: Preparing network interfaces based on configuration...
    web: Adapter 1: nat
    web: Adapter 2: hostonly
==> web: Forwarding ports...
    web: 22 (guest) => 2222 (host) (adapter 1)
==> web: Booting VM...
==> web: Waiting for machine to boot. This may take a few minutes...
    web: SSH address: 127.0.0.1:2222
    web: SSH username: vagrant
    web: SSH auth method: private key
    web:
    web: Vagrant insecure key detected. Vagrant will automatically replace
    web: this with a newly generated keypair for better security.
    web:
    web: Inserting generated public key within guest...
    web: Removing insecure key from the guest if it's present...
    web: Key inserted! Disconnecting and reconnecting using new SSH key...
==> web: Machine booted and ready!
==> web: Checking for guest additions in VM...
    web: The guest additions on this VM do not match the installed version of
    web: VirtualBox! In most cases this is fine, but in rare cases it can
    web: prevent things such as shared folders from working properly. If you see
    web: shared folder errors, please make sure the guest additions within the
    web: virtual machine match the version of VirtualBox you have installed on
    web: your host and reload your VM.
    web:
    web: Guest Additions Version: 4.3.36
    web: VirtualBox Version: 5.2
==> web: Setting hostname...
==> web: Configuring and enabling network interfaces...
==> web: Mounting shared folders...
    web: /vagrant => D:/vagrant/3tier
{ 3tier }  » vagrant ssh
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-143-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sat Mar 31 14:55:30 UTC 2018

  System load:  0.46              Processes:           82
  Usage of /:   3.6% of 39.34GB   Users logged in:     0
  Memory usage: 25%               IP address for eth0: 10.0.2.15
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

New release '16.04.4 LTS' available.
Run 'do-release-upgrade' to upgrade to it.


vagrant@web:~$ hostname
web
vagrant@web:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:bd:94:b9 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:febd:94b9/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:9f:45:5c brd ff:ff:ff:ff:ff:ff
    inet 192.168.9.2/24 brd 192.168.9.255 scope global eth1
       valid_lft forever preferred_lft forever
vagrant@web:~$

line
4-12. configuration of our Vagrantfile
12-51. provisioning of the vagrant box
52. ssh to our newly deployed vagrant box
77-78. checking the hostname of the vagrant box (web vm)
79-95. networking configuration of the web vagrant box.
94. the ip address that we specified in the vagrantfile is seen here.

Now let us do it for 3 VMs. Web, app and db vm. Here how my new VM looks.

Vagrant.configure("2") do |config|

  config.vm.define "web" do |web|    
    web.vm.box = "ubuntu/trusty64"
    web.vm.hostname = "web.local"
    web.vm.network "private_network", ip: "192.168.9.2"
  end
  
  config.vm.define "app" do |app|    
    app.vm.box = "ubuntu/trusty64"
    app.vm.hostname = "app.local"
    app.vm.network "private_network", ip: "192.168.9.3"
  end
  
  config.vm.define "db" do |db|    
    db.vm.box = "ubuntu/trusty64"
    db.vm.hostname = "db.local"
    db.vm.network "private_network", ip: "192.168.9.4"
  end
  
end

Now I ran the Vagrant up and it deployed all 3 VMs. Below is me checking them out.

{ 3tier }  » vagrant status
Current machine states:

web                       running (virtualbox)
app                       running (virtualbox)
db                        running (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run `vagrant status NAME`.
{ 3tier }  » ssh vagrant

{ 3tier }  » vagrant ssh
This command requires a specific VM name to target in a multi-VM environment.
{ 3tier }  » vagrant ssh web
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-143-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sat Mar 31 15:10:01 UTC 2018

  System load:  0.56              Processes:           84
  Usage of /:   3.6% of 39.34GB   Users logged in:     0
  Memory usage: 25%               IP address for eth0: 10.0.2.15
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

New release '16.04.4 LTS' available.
Run 'do-release-upgrade' to upgrade to it.


vagrant@web:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:bd:94:b9 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:febd:94b9/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:8d:f5:db brd ff:ff:ff:ff:ff:ff
    inet 192.168.9.2/24 brd 192.168.9.255 scope global eth1
       valid_lft forever preferred_lft forever
vagrant@web:~$ exit
logout
Connection to 127.0.0.1 closed.
{ 3tier }  » vagrant ssh app
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-143-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sat Mar 31 15:10:52 UTC 2018

  System load:  0.46              Processes:           80
  Usage of /:   3.6% of 39.34GB   Users logged in:     0
  Memory usage: 25%               IP address for eth0: 10.0.2.15
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

New release '16.04.4 LTS' available.
Run 'do-release-upgrade' to upgrade to it.


vagrant@app:~$ exit
logout
Connection to 127.0.0.1 closed.
{ 3tier }  » vagrant ssh db
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-143-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sat Mar 31 15:11:44 UTC 2018

  System load:  0.52              Processes:           84
  Usage of /:   3.6% of 39.34GB   Users logged in:     0
  Memory usage: 25%               IP address for eth0: 10.0.2.15
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

New release '16.04.4 LTS' available.
Run 'do-release-upgrade' to upgrade to it.


vagrant@db:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:bd:94:b9 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:febd:94b9/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:30:09:9e brd ff:ff:ff:ff:ff:ff
    inet 192.168.9.4/24 brd 192.168.9.255 scope global eth1
       valid_lft forever preferred_lft forever
vagrant@db:~$ hostname
db



Friday, March 30, 2018

Common Intelligence (sense) Vs Artificial Intelligence

Recently I have started to realize that companies like google, amazon, microsoft who are betting on AI are ignoring common sense and common intelligence over AI. I have just aggregated a very few points to back my statement.
How did AWS came up? by being it's own guinea pig, by solving their own problem and later offering that solution to others who might need it. How did google came up? Some geeks wanted to solve their problem of indexing and searching content online and then later they offered it to others too. How did Microsoft came up? Well I can go on and on. When companies get big they start ignoring problems or areas of improvement not because they are insignificant but they are too big or on the top most floor to see what is on the ground. They have reached the eagle's height but an eagle can see a snake or rat crawling through the rocks but humans don't. Okay let me list out why I think companies are neglecting common sense/intelligence over AI and AI will take ages to even recognize the things that I am going to mention as problems before it can solve them.

  1. Google latest, greatest pixel 2 xl takes few MINUTES to connect to my bose bluetooth device because it is 4th in the list of 5 devices which are listed under the recently connected (but not present) devices. So android tries to connect first to the most often connected that is my 2nd device in the list (sony wh1000xm2). So I have to manually select the device and even that sums up to a minute or more. The great part is they don't have a headphone jack. When you are trying to replace product A with product B (in this case wired audio devices with wireless) then B should be as good as A and more and only then you should replace it. An audio jack takes seconds for me to  get the audio out but an advanced bluetooth (latest bluetooth version too) takes minutes for me to enjoy the music.
    Anyone with common sense and some coding skills could change this. If an iphone costing 1/3rd of the latest google android can do it then why not google?
  2. None of my (bluetooth) devices which are paired to microsoft windows 10 (laptop and desktop) will not work with any other device unless I manually remove them from windows 10 first or go out of range from these windows 10 devices.
    Once again high marks to apple mac OS for not being jerk in this regard.
    It seems google and microsoft wants us to buy multiple bluetooth/wireless earphones/headphones and use them exclusively with just one device only.
  3. When I do control+F to find a string in excel or word or any other office document it is a common sense that the search window should not block/hide the search result. 
  4. When I do ctrl+F to search something on multi monitor setup the search window appears on the 3rd monitor while my document is on the 1st window. How lame microsoft! come on.
  5. All of these companies have support centers where people talk to customers and solve their issues. None of them currently have bothered to use their AI/speech recognition to listen to these calls for QA. why? If they do then they can offer this solution to almost all the companies in the world who have support centers. Just let the clients store their audio files on their cloud, charge for their storage and offer free analysis.
  6. All the icons and menus are currently distributed on top and bottom for all apps and mobile OS. They want you to use both of your hands. I understand that it is a simple psychology trick. If you are using just one hand to use your iphone/android then your other hand might have something else and your attention is divided and you have only 50% chance that you might leave your phone and switch to what is there in your other hand. So force users to use 2 hands in all of the app and OS design. Why not start filling all icon and menu items from bottom up since our thumbs are at the bottom and not top.

Tuesday, March 20, 2018

baby steps with vagrant on windows 10

I will try to keep what is this and what is that to a very brief. Vagrant allows developers to quickly provision VMs or environments which will be similar/identical to each other. Developers lose the escape catchphrase 'well it works on my machine so it should work on yours too'. Every human beings are created differently and so are every operating system, machine are configured differently. I can't even get the damn powercli 6.5 working on our VDI and we have to get newer VDI with windows 10 now, anyway.

Vagrant allows you to have a homogeneous environment across the development and production. Here are some words on why vagrant directly from the horse's mouth -> https://www.vagrantup.com/intro/index.html.
So I got excited that now we can have this vagrant on windows too.
I have windows 10. Vagrant also needs one of the virtualization application.
So install
  1. oracle virtualbox
  2. vagrant for windows
  3. babun [dont ask me why not cygwin, powershell, git, commander etc., I have tried and failed so just listen to me okay...]
  4. Enable virtualization in the BIOS
  5. Disable Hyper V if you are on windows like me. Launch windows command prompt as an administrator and run the following (a reboot is required after disabling hyper v)
    bcdedit /set hypervisorlaunchtype off
    launch 'turn on windows feature on or off ' from the control panel and make sure that the hyper V is disabled; otherwise you will face the following issue. You won't be able to boot your VMs.

==> default: Booting VM...
There was an error while executing `VBoxManage`, a CLI used by Vagrant
for controlling VirtualBox. The command and stderr is shown below.

Command: ["startvm", "df09f657-e04c-4d9a-b028-575f8465a5c8", "--type", "headless"]

Stderr: VBoxManage.exe: error: Raw-mode is unavailable courtesy of Hyper-V. (VERR_SUPDRV_NO_RAW_MODE_HYPER_V_ROOT)
VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component ConsoleWrap, interface IConsole

Now let us go shopping for our boxes.
Go to https://www.vagrantup.com/ and click on boxes. For our sanity we will go with the most popular one. https://app.vagrantup.com/ubuntu/boxes/trusty64
Click on the new tab
Make sure you create a new folder called vagrant/ubuntu and move to that path in babun console.
You can simply run the first command

vagrant box add ubuntu/trusty64
to add the box.

our lovely vagrant starts downloading this new ubuntu image.When you run the next command

vagrant init ubuntu/trusty64
it initializes the box. You will find a vagrantfile in the directory where you have opened this command prompt.

vagrant up

It automatically deploys this VM on your virtualbox.
Launch your virtualbox and this is what I saw...

Now You might say what you see in the pic is centos7 and what i was talking about was ubuntu. Yes I know because i want you to do something different that what i exactly did, otherwise there is no fun.
I did centos and you do ubuntu.
Now you want to ssh to you new VM. 

vagrant ssh-config
you should see

{ centos7 }  » vagrant ssh-config
Host default
  HostName 127.0.0.1
  User vagrant
  Port 2222
  UserKnownHostsFile /dev/null
  StrictHostKeyChecking no
  PasswordAuthentication no
  IdentityFile D:/vagrant/centos7/.vagrant/machines/default/virtualbox/private_key
  IdentitiesOnly yes
  LogLevel FATAL
Now use the details provided above to connect to our virtual machine

{ centos7 }  » ssh vagrant@127.0.0.1 -p 2222 -i D:/vagrant/centos7/.vagrant/machines/default/virtualbox/private_key
The authenticity of host '[127.0.0.1]:2222 ([127.0.0.1]:2222)' can't be established.
ECDSA key fingerprint is SHA256:TNC9QzLbOObS4ZtiaaH19W5uALyScnh10i2FDJKixqM.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:2222' (ECDSA) to the list of known hosts.
[vagrant@localhost ~]$
ssh <username>@<host> -p <port> -i <key>
So now you install a bunch of stuff here. Create the environment and pass it on to your fellow developer or colleague. Pass it on what? the 'Vagrantfile' that you see in your current working directory.
Go on and have fun.
update - 2018march3
if you run
vagrant ssh
it should ideally connect to the vm but it won't. So you run
vagrant --debug ssh
once to get connected to the VM and then onwards you can simply run
vagrant ssh
and you will be connected to the VM.

Thursday, March 1, 2018

The only way to not screw up Aadhar and its data anymore in india

Before we start let me make a bets.
You show me an
easier for consumers(citizens)
more secure
easier for clients (service providers)
least maintenance
more efficient (time invested in this vs benefits)
I am willing to share give away my salary.
I do not want to get into the whole controversy and conspiracy about the whole purpose of aadhar being data mining, monitoring of indians by the indian and international govts (big brother and others). What I want to get into though is how silly and easy it is to get any citizens details by any crook for the lowest price.
This aadhar number is attached to
1. bank accounts
2. all investments
3. All facilities that you obtain from govt (gas connection)
4. your phone connection
5. your internet connection
6. your insurances (health, automobile etc.,)
and more...
Such data was available on sale in the black market for as cheap as 500 INR (approx 7.5 USD). It was also easily hacked by one of the french researcher. It is becoming next to impossible or at least difficult to obtain anything which is any citizen's right, without providing aadhar details. So,
how can one provide aadhar details without providing aadhar details?
how can one authenticate or validate their authenticity of citizenship or aadhar without compromising it?
Simple. It already exists. I will first give an example.
you go to feedly.com and you can create an account or login without creating an account. how?. login with google or login with facebook or login with twitter.
you go to stackoverflow.com and you can login by just clicking on login with google or any other authentication provider.
you have today many big companies have such feature. microsoft allows you to apply to their jobs with linkedin button. you click on the login with linkedin button. It opens the pop up button which has the username and password section of linkedin and an allow access button with a cancel button.
so how do we solve this problem?

case 1: get gas connection or authenticate gas connection with aadhar

a) log into bharatgas app. click on add aadhar details button.
b) the above action triggers the aadhar app to open and allows us to choose yes or no.
c) If I choose Yes then it makes me log into the aadhar app and once I do the aadhar attachment or KYC (know your customer) process is done; If i choose no then it gets cancelled.
d) When I log into my aadhar app I can also see all the services to whom I have allowed my aadhar to use. I can just revoke the access to any of these at any point of time. ex: If you go to facebook or google it provides the list of all apps who have access token from them or these apps allow login from google or facebook. I can click on the x icon next to them and it revokes access.

Case 2: get phone connection 

a) download the service provider app
b) click on link aadhar or add aadhar button.
c) aadhar app pops up and asks us to allow this app to use its token.
d) If i choose yes on aadhar then the KYC is done and if i say no then it gets rejected.

We can also set an expiration date for such tokens to these services. If the use for example doesnt renew the KYC for his bank account then it gets expired. The service is put on hold. It makes sure that the services are not exploited by the users or user data is not exploited by the service providers.

PowerShell - Decision Making [6]