DEV Community: burhanuddin taha

Running Kubernetes on MacBook, without minikube

burhanuddin taha — Sat, 12 Sep 2020 17:23:20 +0000

Docker on Mac with Kubernetes

Docker on mac version 2.3.0.4 is come with default support of kubernetes. Kubernetes support with docker on mac is available since 18.06 stable or higher, but by default kubernetes is not enable, you have to enable it which we will see how to do it

It is very easy to enable kubernetes.

Go to Preferences of Docker on Mac
Select kubernetes and click on enable kubernetes checkbox. finally restart and observe Kubernetes status.

If you are lucky enough kubernetes satus might get turn from starting to running state. But don't worry if kubernetes is not getting started perform following action.

go to terminal and run following command
rm -rf ~/Library/Group\ Containers/group.com.docker/pki/
rm -rf ~/.kube
finally
restart Docker for Mac:

after restart give 5 mins for kubernete to start and you will see following

AWS running Docker on EC2 and use Elastic Load balancer.

burhanuddin taha — Tue, 19 May 2020 11:04:13 +0000

Running the docker service and docker image on EC2 instance is very simple in this brief write up i will try to cover how we can setup docker engine and then run application on the docker and then expose using Application load balancer

I have use EC2 instance with Ubuntu 18.04, one can find this in the catalog under free tier

once the instance is up and running and you are connected with the instance. (follow following tutorial to connect EC2 instance form your machine.)

Make sure you have root access or IAMROLE to install using root user
Firstly, we're going to install Docker and Docker Compose packages to the Ubuntu system. And we will be using Docker packages from the Official Ubuntu repository. The first step is to add the GPG key for the official Docker repository using :
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
Adding Docker repository to APT sources is next we have to do:
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
Next, we have to update the package database usual ubuntu command:
sudo apt-get update
Finally, we are ready to install docker on system
sudo apt-get install -y docker-ce
lets check if docker installed and give correct version
docker --version
when we run this command on EC2 instance of AWS we usually get error and required sudo to run command.
to avoid this we have to add our user in the group name as docker which is available by default on the AWS
sudo usermod -aG docker ${USER}
now exit the shell and close the terminal, and re-connect to the EC2 instance
Now try to run
docker version
you will see something like this
Lets install docker compose which is use for orchestrating docker services
sudo apt install docker-compose -y
docker-compose version
which should return something like below

Thats it now we are ready to run docker on EC2 instance, lets create one image and run the image
docker run hello-world
if all is setup properly we can see following on console.

Hurray!!! all is done.

Now to expose our service using Elastic load balancer,

what i have done i have run Laravel application on Docker on EC2.
running Laravel application using docker is not in the scope on this writeup but i will cover in dedicated blog.
so i have following

Laveravel php application
Ngnix running on docker and contain Laravel appliaction as root.

when all services are up and running on EC2 instance.something like this for me as i am running Nginx under docker.

Lets move the expose the docker service running on EC2 using Elastic Loadbalancer.

Create target group, target group is use to route the traffic from loadbalancer to EC2 instance based on rule define on loadbalancer level.
Click to Target Group
Create new target group
Select target
Edit and add EC2 instance in this target group on port 80

what it says is that "in this target group there is one EC2 instance which is listening to port 80 to serve any request".
Now if you see above as said i have nginx see i have port 80 on which nginx server is listening with php application.

Now we need loadbalancer which will help to route external traffic to our instance.

AWS provide two different flavour of loadbalancer

Application load balancer (which we will use)
Network load balancer (use when you need to control traffic, need static ip for your application or want very high performance)

To enable loadbalancer

click on loadbalancer on EC2 console something like this
create loadbalancer
Now give the name of your load balancer and finally main part is to add listener.

Chose protocol http/https
Chose port on which load balancer will listen
And finally define rule like forward request to already created target group (as we did above)
Finally the main part, either create or choose the security group which has inbound rule where above port is open for all incoming traffic. something like this if this is not present then you will not able to access load balancer url from outside as from outside ports couldn't be reachable.

Thats it, now copy the dns name or public ip of your loadbalancer and try to access using browser, you will see application index page loaded which is running in docker on EC2 instance.

Spring Social Login

burhanuddin taha — Fri, 20 Mar 2020 05:08:58 +0000

In my last post i tried to cover different ways by which one can integrate with social login in application, we started with dependencies selection and in this post we will try to understand how implementation is differ with each other, based on usecase we can select the way of implementation which starts with dependencies.

As we all know that integration with any authorization server (here in our case any social service provider like google) is based on OAUTH2, which deals with authentication (openid) and authorization (scope/grants). In our case we ask user to perform login on any social site and once login is successful, we will allow user to perform action on our application.

Using spring we can achieve above use case by different ways.

Using Oauth2Client provided by Spring Security
Using SpringSocial provided by Spring

There is major change from Spring Security 4.X to Spring Security 5.x, this is worth to mention because spring boot 1.5.x to spring boot 2.1.x uses spring security with different version.

May be this table will help to understand

Spring Boot 1.5.x with spring security 4.2.x
Using Spring OAuth Client Spring boot security starter provides default spring security 4.x dependencies, and Spring 4.x doesn't have by default support available for oauth2, to work with oauth2, it is required to include additional dependency for Spring-Security-oauth2 Using @enableOAuthSSO Spring security oauth2 provides an special annotation named @enableOAuthSSO,using it one can enable Social Login without much effort, only need is to add the basic oauth configuration in yaml file. @enableOAuthSSO enables special filter called "Oauth2clientauthenticationprocessingfilter" which bridges gap between spring security and Oauth2 flow. This filter perform mainly two task Enable oauth2client for OAuth flow After successful oauth flow, align springsecuritycontext. But @enableOAuthSSO can only support single provider, means if you want to support more then one social login like google and facebook in same project, @enableOAuthSSO won't help Using Oauth2client If we want to integrate more then one social for the authentication purpose, then we have to do some extra things, Use @EnableOAuth2Client Write a custom filter class which will handle OAuth2ClientContext
Spring Boot 2.1.x with spring security 5.1.x
With Spring Security 5.1.x Oauth2 authentication is by default first class citizen, it is very simple for an application to act as Oauth2 client, As we seen with older version of Spring Security there is specific annotation called "EnableOAuthSSO" which enable under the hood oauth2client and OAuth2SecurityFilter, in latest version of spring security this annotation is removed, instead if you include the dependency of oauth2 client with spring security and provide the client configuration in the configuration (application.yml) spring by default enable oauth2 login With spring boot if we include, And add following configuration in the application.yaml spring: security: oauth2: client: registration: google: client-id: XX client-secret: XX Run the application and as soon as we will open the home page, it will by default navigate to the google, if there are more then one oauth2 client configure then spring will give the option to choose by providing the list. Spring provide default provider page, base on the configuration define in the application.yaml
Using Spring Social
The Spring Social project provides: A standard way to get access to the social network specific API’s with Java bindings to popular service provider APIs such as Facebook, Twitter, LinkedIn and GitHub. An extensible service provider framework that greatly simplifies the process of connecting local user accounts to social network provider accounts. Following are the step to provide login using social networking site like facebook and twitter, Define Social Configuration by providing userconnectionrepository (by default spring use in-memory implementation but there is also JDBC implementation provided by spring social.) Provide implementation for SignInAdaptor, this Adaptor is one hook point which Spring Social provide to take action as well as align the Spring security after successful Oath2 flow. (SingInAdaptor will be called only if UserConnectionisAlreadyExist) if user is not found in the UserConnectionRepository, then spring redirect to singup page (a url which is provided during defining ProviderSignInController).

In nutshell it is very easy with new spring security to provide login with any external authentication provider, by default spring provide implementation for most of the known social networking site.

In future article i will try to cover more on the implementation part as well as custom authorization server and authentication using it.

Spring boot social and dependencies overview

burhanuddin taha — Fri, 25 Oct 2019 22:57:55 +0000

This post is based on my latest experience, where i was just wanted to integrate Social login within my application. After spring boot it seems it is easy piece of cake, Yes i was developing an application and services using springboot, and here my struggle start.
Problem is spring do lot of thing behind the scene which some time make difficult to understand as we are developer we need all the control at-least we deserve to know whats going on (scherzosa).

First thing needed is the dependencies and here world of spring starter starts and dilemma of how to choose, This post mainly focus on the Spring starter dependencies and when to choose which one.

When i started to search how to integrate with social login i came across to following options.

Use Spring Oauth2 client
Use Spring Social.

Now to go with the first option Spring provides two starter which comes with two different flavour

A. If you are using Spring boot.

B. If you are using only spring security in your project

But some time we have a case where we don't need security from spring or we need only social login without security definition or any security context. Spring provide solution for such cases where we can choose spring social integration with specific provider like facebook, linkedin etc.
Here are the dependencies use for such cases.

Basically spring has different stream of projects, they usually combine some in specific starter like mostly spring boot starter and some specific stream starter like security. But one can always choose independent stream like Social case by case need.

After sorting out which dependencies should be needed we have to do real stuff, each dependencies come with some specific set of functionality. In later post i will try to cover the difference in the implementation.