Friday, July 12, 2024

which layer does tls belong in networking?

Transport Layer Security (TLS) primarily operates between the Transport Layer and the Application Layer in the networking stack. While it is often associated with the Transport Layer due to its role in securing data transmission, it technically sits above the Transport Layer and below the Application Layer

Placement in Models:

  • OSI Model: TLS is generally considered to operate at the Presentation Layer (Layer 6), as it handles encryption and decryption of data.
  • TCP/IP Model: TLS is seen as part of the Application Layer, since the TCP/IP model has fewer layers and combines some of the OSI layers.

Functionality:

  • Encryption: Ensures that data is encrypted before transmission and decrypted upon receipt.
  • Authentication: Verifies the identities of the communicating parties using certificates.
  • Integrity: Ensures that the data has not been tampered with during transit.

This positioning allows TLS to provide secure communication for various application protocols like HTTP (resulting in HTTPS), SMTP, and IMAP.

 

OSI 7 layers 

Layers: 7 layers (Physical, Data Link, Network, Transport, Session, Presentation, Application).

 

TCP/IP layers:

Layers: 4 layers (Network Interface, Internet, Transport, Application).

 

Since OSI model is not really used in real world application, focus on TCP/IP model is better in programming.

 

Wednesday, October 11, 2023

Ubuntu docker access to other users

 

 

 Also make sure that docker.sock file is accessible by others.

sudo chmod 666 /var/run/docker.sock

 

Saturday, September 30, 2023

How to remove custom resource stuck on delete

 To delete the custom resource which stuck in delete state , follow these steps:

  1. Edit the Object : kubectl edit customresource/name.
  2. Remove finalizer parameter.
  3. Delete the object : kubectl delete customresource/name.


Tuesday, September 5, 2023

Show what code were covered or not using go tool cover command

 Once go test produces cover.out , you can use the following command to launch browser to show the coverage.

go tool cover -html=cover.out

Friday, August 18, 2023

To git restore all the unstaged files

 Sometimes, you may purposely delete some of the files for testing, then you will need to restore these files, it will take a lot of key strokes if you do file by file, the below command can restore all the unstaged files in git


git restore -- $(git ls-files -m)

Monday, August 14, 2023

KubeBuilder

Use kubebuilder to start a new project:

 

     kubebuilder init --domain my.domain --repo my.domain/guestbook
 
This step creates make file, dockerfile etc.
 
Once a project gets created, you normally run the following command to add API
 
     kubebuilder create api --group webapp --version v1 --kind CronJob 

Then you normally would edit the files in api/v1 _types.go files to add your own struct
basically data structure for your api. and make changes to the controller.go in the
controllers directory to implement your business logic.

Then you normally would need to run:
    make manifests to generate crds, roles, role bindings etc.
 
    make generate to generate code in zz_generated.deepcopy.go to capture changes that you
make to apis, that is, changes made in _types.go file will need to be reflected in
zz_generated.deepcopy.go file.

Wednesday, May 31, 2023

Deal with a local helm chart repo

 

# Start up a helm client
kubectl run -n pcloud helmtest --image=alpine/helm:3.12.0 --command -- sleep 3000

# add the repo locally named acc, given that the repo sits at http://acc-helm-repo:8080
helm repo add acc http://acc-helm-repo:8080

# search the repo and list all the charts from the repo acc.
helm search repo acc

# now inspect a particular chart, in this case, in repo named acc and chart named netapp-monitoring-operator
helm inspect all acc/netapp-monitoring-operator