DEV Community: Raymond The latest articles on DEV Community by Raymond (@tinhtq97). https://dev.to/tinhtq97 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1640471%2F1fd2232d-231c-482c-aa5d-d2501927d124.png DEV Community: Raymond https://dev.to/tinhtq97 en Enhancing AWS Learning with Amazon Q Developer and Bedrock Nova: A Certification Practice App Journey Raymond Wed, 07 May 2025 07:44:36 +0000 https://dev.to/aws-builders/enhancing-aws-learning-with-amazon-q-developer-and-bedrock-nova-a-certification-practice-app-437b https://dev.to/aws-builders/enhancing-aws-learning-with-amazon-q-developer-and-bedrock-nova-a-certification-practice-app-437b <h2> AWS Certification Practice App with AI-Enhanced Explanations </h2> <p><em>This is a submission for the <a href="https://dev.to/challenges/aws-amazon-q-v2025-04-30">Amazon Q Developer "Quack The Code" Challenge</a>: That's Entertainment!</em></p> <h2> What I Built </h2> <p>I built an interactive AWS Certification Practice App that makes studying for AWS exams both educational and entertaining. The application features over 100 practice questions for various AWS certification exams, but what makes it truly engaging is the AI-enhanced explanations powered by Amazon Bedrock.</p> <p>Traditional certification practice apps can be dry and uninspiring, but this app transforms the learning experience by providing:</p> <ul> <li>Detailed AI-generated explanations that break down complex AWS concepts in an approachable way</li> <li>Interactive quiz interface with immediate feedback and score tracking</li> <li>Automatic detection of relevant AWS services in questions with direct links to official documentation</li> <li>Visual indicators showing your progress and knowledge gaps</li> </ul> <p>The entertainment factor comes from turning a typically stressful certification preparation process into an engaging, game-like experience where users can challenge themselves, track improvements, and receive personalized AI assistance that feels like having a knowledgeable AWS expert by your side.</p> <h2> Demo </h2> <p>This is Amazon Q generated diagram with <code>awslabsaws_diagram_mcp_server</code><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fguo2rsrzzlekh9axivu9.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fguo2rsrzzlekh9axivu9.png" alt="Diagram" width="800" height="554"></a></p> <ol> <li>Import your question bank - Just upload your question.json file with AWS certification questions <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2u4ed7itjr9etuyggtl6.png" alt="Inset practice question" width="800" height="237"> </li> <li>Start practicing - Hit that "Start Practice" button and the quiz begins!</li> <li>Test your AWS knowledge - Select what you think is the right answer</li> <li>Check your understanding - Submit your answer <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwgftvjfs5cd4yj2sdpjo.png" alt="Answer the question" width="800" height="554"> </li> <li>Level up with AI - Need more details? Click "Get AI-Enhanced Explanation" for a comprehensive breakdown powered by Amazon Bedrock <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3hi81wy78m3o70ppj4qf.png" alt="Right answer" width="800" height="546"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F79e17rqf3rxtc20dslos.png" alt="Wrong answer" width="800" height="602"> </li> </ol> <p>Key features demonstrated:<br> The interactive quiz interface with multiple-choice questions<br> Real-time scoring and feedback<br> AI-enhanced explanations from Amazon Bedrock<br> Automatic AWS documentation linking</p> <h2> Code Repository </h2> <p><a href="https://github.com/tinhtq/aws-certification-practice" rel="noopener noreferrer">GitHub Repository: AWS Certification Practice App</a></p> <h2> How I Used Amazon Q Developer </h2> <p>Amazon Q Developer was my coding companion throughout this project, helping me tackle challenges I wouldn't have solved efficiently on my own:</p> <h3> 1. Infrastructure as Code Development </h3> <p>When building the Terraform configuration, I asked Amazon Q Developer to help me set up the proper IAM permissions for Lambda to access Bedrock. It not only provided the exact policy statements needed but also explained why each permission was necessary:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code><span class="k">resource</span> <span class="s2">"aws_iam_policy"</span> <span class="s2">"lambda_bedrock_policy"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"lambda_bedrock_policy"</span> <span class="nx">description</span> <span class="p">=</span> <span class="s2">"Policy for Lambda to access Bedrock"</span> <span class="nx">policy</span> <span class="p">=</span> <span class="nx">jsonencode</span><span class="p">({</span> <span class="nx">Version</span> <span class="p">=</span> <span class="s2">"2012-10-17"</span> <span class="nx">Statement</span> <span class="p">=</span> <span class="p">[</span> <span class="p">{</span> <span class="nx">Action</span> <span class="p">=</span> <span class="p">[</span> <span class="s2">"bedrock:InvokeModel"</span><span class="p">,</span> <span class="s2">"bedrock:ListFoundationModels"</span> <span class="p">]</span> <span class="nx">Effect</span> <span class="p">=</span> <span class="s2">"Allow"</span> <span class="nx">Resource</span> <span class="p">=</span> <span class="s2">"*"</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">Action</span> <span class="p">=</span> <span class="p">[</span> <span class="s2">"logs:CreateLogGroup"</span><span class="p">,</span> <span class="s2">"logs:CreateLogStream"</span><span class="p">,</span> <span class="s2">"logs:PutLogEvents"</span> <span class="p">]</span> <span class="nx">Effect</span> <span class="p">=</span> <span class="s2">"Allow"</span> <span class="nx">Resource</span> <span class="p">=</span> <span class="s2">"arn:aws:logs:*:*:*"</span> <span class="p">}</span> <span class="p">]</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <h3> 2. Debugging CORS Issues </h3> <p>When I encountered CORS errors with API Gateway, Amazon Q Developer quickly identified the issue and suggested the exact configuration needed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code><span class="k">resource</span> <span class="s2">"aws_api_gateway_gateway_response"</span> <span class="s2">"cors"</span> <span class="p">{</span> <span class="nx">rest_api_id</span> <span class="p">=</span> <span class="nx">aws_api_gateway_rest_api</span><span class="p">.</span><span class="nx">bedrock_api</span><span class="p">.</span><span class="nx">id</span> <span class="nx">response_type</span> <span class="p">=</span> <span class="s2">"DEFAULT_4XX"</span> <span class="nx">response_parameters</span> <span class="p">=</span> <span class="p">{</span> <span class="s2">"gatewayresponse.header.Access-Control-Allow-Origin"</span> <span class="p">=</span> <span class="s2">"'*'"</span> <span class="s2">"gatewayresponse.header.Access-Control-Allow-Headers"</span> <span class="p">=</span> <span class="s2">"'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"</span> <span class="s2">"gatewayresponse.header.Access-Control-Allow-Methods"</span> <span class="p">=</span> <span class="s2">"'GET,POST,OPTIONS'"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This saved me hours of troubleshooting and research.</p> <h3> 3. Prompt Engineering for Bedrock </h3> <p>I asked Amazon Q Developer to help me craft an effective prompt for the Bedrock model. It suggested a structured approach that dramatically improved the quality of AI explanations:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">function</span> <span class="nf">createPrompt</span><span class="p">(</span><span class="nx">questionData</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">question</span><span class="p">,</span> <span class="nx">options</span><span class="p">,</span> <span class="nx">correctAnswerIndex</span><span class="p">,</span> <span class="nx">explanation</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">questionData</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">correctAnswer</span> <span class="o">=</span> <span class="nx">options</span><span class="p">[</span><span class="nx">correctAnswerIndex</span><span class="p">];</span> <span class="k">return</span> <span class="s2">`You are an AWS Certified expert. Provide a detailed explanation for the following AWS exam question: QUESTION: </span><span class="p">${</span><span class="nx">question</span><span class="p">}</span><span class="s2"> OPTIONS: </span><span class="p">${</span><span class="nx">options</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="dl">'</span><span class="se">\n</span><span class="dl">'</span><span class="p">)}</span><span class="s2"> CORRECT ANSWER: </span><span class="p">${</span><span class="nx">correctAnswer</span><span class="p">}</span><span class="s2"> BASIC EXPLANATION: </span><span class="p">${</span><span class="nx">explanation</span><span class="p">}</span><span class="s2"> Please provide: 1. Why this answer is correct (with technical details) 2. Why each of the other options is incorrect (be specific) 3. Key AWS concepts to understand related to this question 4. Any relevant AWS service limitations or best practices 5. Real-world application of this knowledge Format your response with clear headings and bullet points where appropriate.`</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h3> 4. Data Analysis and Pattern Recognition </h3> <p>The most impressive contribution was when Amazon Q Developer analyzed my question data and discovered systematic discrepancies between the marked correct answers and the explanations. It identified patterns in the explanations (like "Option B is correct") and suggested code to automatically correct the indices:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">function</span> <span class="nf">extractCorrectAnswerFromExplanation</span><span class="p">(</span><span class="nx">explanation</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Look for patterns like "Option B is correct" or "B (100%)"</span> <span class="kd">const</span> <span class="nx">optionPattern</span> <span class="o">=</span> <span class="sr">/Option </span><span class="se">([</span><span class="sr">A-D</span><span class="se">])</span><span class="sr"> is correct|</span><span class="se">([</span><span class="sr">A-D</span><span class="se">])</span><span class="sr"> </span><span class="se">\(</span><span class="sr">100%</span><span class="se">\)</span><span class="sr">/i</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">match</span> <span class="o">=</span> <span class="nx">explanation</span><span class="p">.</span><span class="nf">match</span><span class="p">(</span><span class="nx">optionPattern</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">match</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">letter</span> <span class="o">=</span> <span class="nx">match</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span> <span class="o">||</span> <span class="nx">match</span><span class="p">[</span><span class="mi">2</span><span class="p">];</span> <span class="c1">// Convert letter to index (A=0, B=1, etc.)</span> <span class="k">return</span> <span class="nx">letter</span><span class="p">.</span><span class="nf">charCodeAt</span><span class="p">(</span><span class="mi">0</span><span class="p">)</span> <span class="o">-</span> <span class="dl">'</span><span class="s1">A</span><span class="dl">'</span><span class="p">.</span><span class="nf">charCodeAt</span><span class="p">(</span><span class="mi">0</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h3> 5. Frontend JavaScript Optimization </h3> <p>Amazon Q Developer helped me optimize the frontend JavaScript code, particularly with the dynamic rendering of AI explanations and documentation links. It suggested using template literals and DOM manipulation techniques that made the code more maintainable and performant.</p> <h2> Tips for Using Amazon Q Developer </h2> <ol> <li><p><strong>Be specific with your requests</strong>: The more details you provide, the better the response. For example, instead of asking "How do I fix CORS?", ask "How do I configure CORS headers in API Gateway using Terraform?"</p></li> <li><p><strong>Use it for code analysis</strong>: Amazon Q Developer excels at analyzing existing code and identifying patterns or issues.</p></li> <li><p><strong>Ask for explanations</strong>: When Amazon Q Developer provides code, ask it to explain why certain approaches were taken. This helps you learn and make better decisions.</p></li> <li><p><strong>Iterate on solutions</strong>: If the first suggestion doesn't fully solve your problem, provide feedback and ask for refinements.</p></li> <li><p><strong>Use it for documentation</strong>: Amazon Q Developer can help generate clear, comprehensive documentation for your projects.</p></li> </ol> <p>Amazon Q Developer transformed my development process, allowing me to focus on creating an entertaining learning experience rather than getting bogged down in technical details and debugging.</p> devchallenge awschallenge ai webdev Vault Secret as an External Secret Raymond Wed, 03 Jul 2024 00:34:11 +0000 https://dev.to/tinhtq97/vault-secret-as-an-external-secret-357 https://dev.to/tinhtq97/vault-secret-as-an-external-secret-357 <p>This guide to help people who are new to Vault create a Kubernetes Secret through Vault</p> <p>There are two ways to use Vault Secret:</p> <ul> <li>Adding the annotations</li> <li>Use External Secret Operator</li> </ul> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F259zhq379pxgbfqrxrok.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F259zhq379pxgbfqrxrok.png" alt="External Secret" width="752" height="648"></a><em><small>Source: external-secrets.io</small></em></p> <p>I used the second step in this article because I used ArgoCD before and wanted to visualize all the resources I created.</p> <h2> Walkthrough </h2> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdbo1k4r6v3n8a2fsgd46.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdbo1k4r6v3n8a2fsgd46.png" alt="Create Secret" width="800" height="351"></a></p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7dt3mxiostq9x6wsp2j8.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7dt3mxiostq9x6wsp2j8.png" alt="Enable Secret Engine" width="800" height="509"></a></p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcujvzlcyventouz7v4qu.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcujvzlcyventouz7v4qu.png" alt="Path" width="800" height="398"></a></p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fke3q4za0r07eoxr8hzil.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fke3q4za0r07eoxr8hzil.png" alt="Value" width="800" height="372"></a></p> <p>Create a Secret for the Vault token<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="s">kubectl create secret generic vault-token --from-literal=token=&lt;token&gt;</span> </code></pre> </div> <p>or<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">echo</span> <span class="nt">-n</span> <span class="s2">"token"</span> | <span class="nb">base64</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">data</span><span class="pi">:</span> <span class="na">token</span><span class="pi">:</span> <span class="s">&lt;Encoded Vault Token&gt;</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Secret</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">vault-token</span> <span class="na">type</span><span class="pi">:</span> <span class="s">Opaque</span> </code></pre> </div> <p>Install External Secrets using Helm<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>helm repo add external-secrets &lt;https://charts.external-secrets.io&gt; helm <span class="nb">install </span>external-secrets external-secrets/external-secrets </code></pre> </div> <h2> SecretStore </h2> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6dpu39w44mei9gya0guw.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6dpu39w44mei9gya0guw.png" alt="Note" width="800" height="298"></a></p> <p>Create secret-store.yaml file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">external-secrets.io/v1beta1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">SecretStore</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">secret-store</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">provider</span><span class="pi">:</span> <span class="na">vault</span><span class="pi">:</span> <span class="na">server</span><span class="pi">:</span> <span class="s">http://&lt;serverAddresss&gt;:&lt;port&gt;</span> <span class="na">path</span><span class="pi">:</span> <span class="s">&lt;path&gt; ----- see the picture above</span> <span class="na">version</span><span class="pi">:</span> <span class="s2">"</span><span class="s">&lt;version&gt;"</span> <span class="s">---- See the version near the path above</span> <span class="na">auth</span><span class="pi">:</span> <span class="na">tokenSecretRef</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">vault-token</span> <span class="na">key</span><span class="pi">:</span> <span class="s">token</span> </code></pre> </div> <h2> ExternalService </h2> <p>Create external-secret.yaml file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">external-secrets.io/v1beta1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">ExternalSecret</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">external-secret</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">refreshInterval</span><span class="pi">:</span> <span class="s">5m ------ Time for fetching new values</span> <span class="na">secretStoreRef</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">secret-store ------- Secret Store Name</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">SecretStore</span> <span class="na">target</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">secret-to-be-created --------- Secret Name</span> <span class="na">creationPolicy</span><span class="pi">:</span> <span class="s">Owner</span> <span class="na">dataFrom</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">extract</span><span class="pi">:</span> <span class="na">key</span><span class="pi">:</span> <span class="s2">"</span><span class="s">&lt;key&gt;"</span> <span class="s">------- See the picture above</span> </code></pre> </div> <p>It will automatically get all values from Vault Secret and create a new secret if it does not exist.</p> <h2> Preferences </h2> <p><a href="https://external-secrets.io/latest/provider/hashicorp-vault/?source=post_page-----78173a0d9b5a--------------------------------">HashiCorp Vault</a></p> <p>English is not my first language, and I am not good at it, but I want to improve and enhance my English every day. Writing a blog is the best way I have chosen. Please let me know if there is anything confusing because of my English.</p> Basic CICD with GitHub Action Raymond Sat, 22 Jun 2024 12:47:24 +0000 https://dev.to/tinhtq97/basic-cicd-with-github-action-3pc8 https://dev.to/tinhtq97/basic-cicd-with-github-action-3pc8 <h2> Prerequisites </h2> <ul> <li>Virtual Machine with Public IP</li> <li>Docker, Docker Compose installed</li> </ul> <h2> Diagram </h2> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmob6ht6xul8807vkv712.jpg" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmob6ht6xul8807vkv712.jpg" alt="Diagram" width="800" height="390"></a></p> <p>When the developer pushes a commit to the repository, GitHub Action (GA) triggers the pipeline that builds the docker image and pushes it to GitHub Container Registry (ghcr.io). Then, the next job is to connect to the server by SSH, pull the latest Docker image, and restart Docker Compose.</p> <h2> Walkthrough </h2> <p><strong>Step 1</strong>: Create a docker-compose file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">web</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">ghcr.io/yourusername/your-web-app:latest</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">8080:8080"</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">DATABASE_HOST=db</span> <span class="pi">-</span> <span class="s">DATABASE_PORT=5432</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">db</span> <span class="na">db</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">ghcr.io/yourusername/your-database:latest</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">5432:5432"</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">POSTGRES_DB=mydatabase</span> <span class="pi">-</span> <span class="s">POSTGRES_USER=myuser</span> <span class="pi">-</span> <span class="s">POSTGRES_PASSWORD=mypassword</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">db-data:/var/lib/postgresql/data</span> <span class="na">volumes</span><span class="pi">:</span> <span class="na">db-data</span><span class="pi">:</span> </code></pre> </div> <p>Create a directory that contains the docker-compose file. Save it as DIRECTORY variable.</p> <p><strong>Step 2</strong>: Create Repository Secrets</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7fpq69i4ie29dy4pvjmi.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7fpq69i4ie29dy4pvjmi.png" alt="GitHub Secrets" width="800" height="263"></a></p> <p>Go to Settings → Secrets and variables → Repository secrets → New repository secret.</p> <p><strong>Step 3</strong>: Create a Github Workflow</p> <p>Create <code>.github/workflows/deploy.yaml</code> file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Deploy to VPS</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">main</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">permissions</span><span class="pi">:</span> <span class="na">contents</span><span class="pi">:</span> <span class="s">read</span> <span class="na">packages</span><span class="pi">:</span> <span class="s">write</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up QEMU</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">docker/setup-qemu-action@v3</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up Docker Buildx</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">docker/setup-buildx-action@v3</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Login to GitHub Container Registry</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">docker/login-action@v3</span> <span class="na">with</span><span class="pi">:</span> <span class="na">registry</span><span class="pi">:</span> <span class="s">ghcr.io</span> <span class="na">username</span><span class="pi">:</span> <span class="s">${{ github.repository_owner }}</span> <span class="na">password</span><span class="pi">:</span> <span class="s">${{ secrets.GITHUB_TOKEN }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set SHA-COMMIT</span> <span class="na">id</span><span class="pi">:</span> <span class="s">vars</span> <span class="na">run</span><span class="pi">:</span> <span class="s">echo "sha_short=$(git rev-parse --short HEAD)" &gt;&gt; $GITHUB_OUTPUT</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build and push image</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">docker/build-push-action@v5</span> <span class="na">with</span><span class="pi">:</span> <span class="na">context</span><span class="pi">:</span> <span class="s">.</span> <span class="na">platforms</span><span class="pi">:</span> <span class="s">linux/amd64</span> <span class="na">push</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">tags</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">ghcr.io/yourusername/your-web-app:latest</span> <span class="s">ghcr.io/yourusername/your-web-app:${{ steps.vars.outputs.sha_short }</span> <span class="na">deploy</span><span class="pi">:</span> <span class="na">needs</span><span class="pi">:</span> <span class="s">build</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">timeout-minutes</span><span class="pi">:</span> <span class="m">5</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">appleboy/ssh-action@v1.0.3</span> <span class="na">with</span><span class="pi">:</span> <span class="na">host</span><span class="pi">:</span> <span class="s">${{ secrets.EC2_HOST }}</span> <span class="na">username</span><span class="pi">:</span> <span class="s">${{ secrets.EC2_USERNAME }}</span> <span class="na">key</span><span class="pi">:</span> <span class="s">${{ secrets.KEY }}</span> <span class="na">port</span><span class="pi">:</span> <span class="s">${{ secrets.PORT }}</span> <span class="na">command_timeout</span><span class="pi">:</span> <span class="s">30m</span> <span class="na">script</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">cd ${{ vars.DIRECTORY }}</span> <span class="s">docker compose pull</span> <span class="s">docker compose up -d</span> </code></pre> </div> <p>Note: Build and push image job contains context. If you include multiple projects in 1 repository, please specify the correct context</p> <p>Follow my repository here:</p> <p><a href="https://github.com/tinhtq/devops-exercise.git">https://github.com/tinhtq/devops-exercise.git</a></p> <p><strong>Step 4</strong>: Test it</p> <p>Push a commit to this repository and see the result.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwpw08z66m689s7vhsch6.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwpw08z66m689s7vhsch6.png" alt="Test Result" width="800" height="313"></a></p> Telnet multiple hosts with telnetlib3 Raymond Sat, 22 Jun 2024 12:38:43 +0000 https://dev.to/tinhtq97/telnet-multiple-hosts-with-telnetlib3-55bi https://dev.to/tinhtq97/telnet-multiple-hosts-with-telnetlib3-55bi <h2> Why did I create this script? </h2> <p>When you set up the new environment, you need to check whether all hosts and ports are reachable or not but you don’t want to execute telnet host port multiple times. It is a boring step that sometimes you may make a mistake here so I need to create a script to telnet multiple hosts with telnetlib3 library.</p> <p>(telnetlib will be deprecated in the new version)</p> <h2> Requirements </h2> <p>Python &gt; 3.7</p> <h2> Setup </h2> <p><strong>Step 1</strong>: Install telnetlib3<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip <span class="nb">install </span>telnetlib3 </code></pre> </div> <p><strong>Step 2</strong>: Create a <code>main.py</code> file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">asyncio</span> <span class="kn">import</span> <span class="n">telnetlib3</span> <span class="kn">import</span> <span class="n">io</span> <span class="k">async</span> <span class="k">def</span> <span class="nf">telnet_welcome_message</span><span class="p">(</span><span class="n">telnet_host</span><span class="p">,</span> <span class="n">telnet_port</span><span class="p">):</span> <span class="n">telnet_connection</span> <span class="o">=</span> <span class="bp">True</span> <span class="k">try</span><span class="p">:</span> <span class="k">await</span> <span class="n">asyncio</span><span class="p">.</span><span class="nf">wait_for</span><span class="p">(</span><span class="n">telnetlib3</span><span class="p">.</span><span class="nf">open_connection</span><span class="p">(</span><span class="n">telnet_host</span><span class="p">,</span> <span class="n">telnet_port</span><span class="p">),</span> <span class="mi">5</span><span class="p">)</span> <span class="nf">except </span><span class="p">(</span><span class="n">asyncio</span><span class="p">.</span><span class="n">exceptions</span><span class="p">.</span><span class="nb">TimeoutError</span><span class="p">,</span> <span class="nb">OSError</span><span class="p">)</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="n">telnet_connection</span> <span class="o">=</span> <span class="bp">False</span> <span class="nf">print</span><span class="p">(</span><span class="n">e</span><span class="p">)</span> <span class="k">return</span> <span class="n">telnet_connection</span> <span class="n">failed_connection</span> <span class="o">=</span> <span class="p">[]</span> <span class="k">with</span> <span class="nf">open</span><span class="p">(</span><span class="sh">"</span><span class="s">server.txt</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">r</span><span class="sh">"</span><span class="p">)</span> <span class="k">as</span> <span class="nb">file</span><span class="p">:</span> <span class="n">lines</span> <span class="o">=</span> <span class="nb">file</span><span class="p">.</span><span class="nf">readlines</span><span class="p">()</span> <span class="k">for</span> <span class="n">line</span> <span class="ow">in</span> <span class="n">lines</span><span class="p">:</span> <span class="n">info</span> <span class="o">=</span> <span class="n">line</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="sh">"</span><span class="s">,</span><span class="sh">"</span><span class="p">)</span> <span class="n">host</span> <span class="o">=</span> <span class="n">info</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="n">port</span> <span class="o">=</span> <span class="nf">int</span><span class="p">(</span><span class="n">info</span><span class="p">[</span><span class="mi">1</span><span class="p">])</span> <span class="n">connection</span> <span class="o">=</span> <span class="n">asyncio</span><span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="nf">telnet_welcome_message</span><span class="p">(</span><span class="n">host</span><span class="p">,</span> <span class="n">port</span><span class="p">))</span> <span class="k">if</span> <span class="ow">not</span> <span class="n">connection</span><span class="p">:</span> <span class="n">failed_connection</span><span class="p">.</span><span class="nf">append</span><span class="p">({</span><span class="sh">"</span><span class="s">host</span><span class="sh">"</span><span class="p">:</span> <span class="n">host</span><span class="p">,</span> <span class="sh">"</span><span class="s">port</span><span class="sh">"</span><span class="p">:</span> <span class="n">port</span><span class="p">})</span> <span class="nf">print</span><span class="p">(</span><span class="n">failed_connection</span><span class="p">)</span> </code></pre> </div> <p>This script states that the hosts and ports are reachable for 5 minutes, if a timeout or denied, it returns the failed connections.</p> <p><strong>Step 3</strong>: Create a server.txt file that contains the host and port like this<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>192.168.1.1,8080 192.168.10.1,8191 </code></pre> </div> <p><strong>Step 4</strong>: Execute the below command to see which IP and port are not reached<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>python main.py </code></pre> </div> <h2> Preferences </h2> <p><a href="https://telnetlib3.readthedocs.io/en/latest/intro.html">https://telnetlib3.readthedocs.io/en/latest/intro.html</a></p> Configuring Access to Prometheus and Grafana via Sub-paths Raymond Tue, 18 Jun 2024 00:41:30 +0000 https://dev.to/tinhtq97/configuring-access-to-prometheus-and-grafana-via-sub-paths-55n7 https://dev.to/tinhtq97/configuring-access-to-prometheus-and-grafana-via-sub-paths-55n7 <h2> 1. Introduction </h2> <p>Grafana and Prometheus stand as integral tools for monitoring infrastructures across various industry sectors. This document aims to illustrate the process of redirecting Grafana and Prometheus to operate under the same domain while utilizing distinct paths.</p> <h2> 2. How does the story begin? </h2> <p>As a seasoned DevOps engineer, my commitment lies in sharing knowledge with a broader audience. My pursuit involves identifying tools conducive to enhancing the monitoring capabilities of both general users and fellow DevOps Engineers.</p> <h2> 3. Prerequisites </h2> <p>Functioning Kubernetes Cluster<br> Proficiency in Kubernetes Management<br> Helm Installation<br> Optional: K9s for Kubernetes Cluster Observation (<a href="https://github.com/derailed/k9s">GitHub link</a>)</p> <h2> 4. Goals &amp; Objectives </h2> <p>After researching, I found a lack of available information on this topic despite numerous related questions online. Hence, I’m writing a guide to fill this gap.</p> <h2> 5. Step-by-Step Guide </h2> <h3> Step 1: Installing <a href="https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack">Kube-prometheus-stack</a> </h3> <p>Create a values.yml file to configure the Helm chart values for both Prometheus and Grafana.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">grafana</span><span class="pi">:</span> <span class="na">env</span><span class="pi">:</span> <span class="na">GF_SERVER_SERVE_FROM_SUB_PATH</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">grafana.ini</span><span class="pi">:</span> <span class="na">server</span><span class="pi">:</span> <span class="na">domain</span><span class="pi">:</span> <span class="s2">"</span><span class="s">&lt;domain&gt;"</span> <span class="na">root_url</span><span class="pi">:</span> <span class="s2">"</span><span class="s">&lt;protocol&gt;:&lt;domain&gt;/&lt;path&gt;/"</span> <span class="na">prometheus</span><span class="pi">:</span> <span class="na">prometheusSpec</span><span class="pi">:</span> <span class="na">externalUrl</span><span class="pi">:</span> <span class="s2">"</span><span class="s">&lt;protocol&gt;:&lt;domain&gt;/&lt;path&gt;/"</span> <span class="na">routePrefix</span><span class="pi">:</span> <span class="s">/path`</span> </code></pre> </div> <p>For instance<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">grafana</span><span class="pi">:</span> <span class="na">env</span><span class="pi">:</span> <span class="na">GF_SERVER_SERVE_FROM_SUB_PATH</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">grafana.ini</span><span class="pi">:</span> <span class="na">server</span><span class="pi">:</span> <span class="na">domain</span><span class="pi">:</span> <span class="s2">"</span><span class="s">example.com"</span> <span class="na">root_url</span><span class="pi">:</span> <span class="s2">"</span><span class="s">https://example.com/grafana/"</span> <span class="na">prometheus</span><span class="pi">:</span> <span class="na">prometheusSpec</span><span class="pi">:</span> <span class="na">externalUrl</span><span class="pi">:</span> <span class="s2">"</span><span class="s">https://example.com/prometheus/"</span> <span class="na">routePrefix</span><span class="pi">:</span> <span class="s">/prometheus</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update helm <span class="nb">install</span> &lt;relase-name&gt; prometheus-community/kube-prometheus-stack <span class="nt">-n</span> &lt;namespace&gt; <span class="nt">-f</span> values.yml </code></pre> </div> <h3> Step 2. Create Ingress for mapping domain </h3> <p>There are two methods to accomplish this task:</p> <p>Define in the values.yml file for automatic creation.<br> Another approach involves manually creating a YAML file for the ingress. I opted for this method because it allows centralized management, facilitating easy problem identification if any issues arise.<br> Create ingress.yml file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apiVersion</span><span class="pi">:</span> <span class="s">networking.k8s.io/v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Ingress</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">prometheus</span> <span class="na">namespace</span><span class="pi">:</span> <span class="s">monitoring</span> <span class="na">annotations</span><span class="pi">:</span> <span class="na">kubernetes.io/ingressClassName</span><span class="pi">:</span> <span class="s2">"</span><span class="s">traefik"</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">rules</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">host</span><span class="pi">:</span> <span class="s2">"</span><span class="s">"</span> <span class="na">http</span><span class="pi">:</span> <span class="na">paths</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/prometheus</span> <span class="na">pathType</span><span class="pi">:</span> <span class="s">Prefix</span> <span class="na">backend</span><span class="pi">:</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">&lt;helm-release-name&gt;-kube-prometheus-prometheus</span> <span class="na">port</span><span class="pi">:</span> <span class="na">number</span><span class="pi">:</span> <span class="m">9090</span> <span class="pi">-</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/grafana</span> <span class="na">pathType</span><span class="pi">:</span> <span class="s">Prefix</span> <span class="na">backend</span><span class="pi">:</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">&lt;helm-release-name&gt;-grafana</span> <span class="na">port</span><span class="pi">:</span> <span class="na">number</span><span class="pi">:</span> <span class="m">80</span> </code></pre> </div> <p>Execute the following command to apply the changes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>kubectl apply <span class="nt">-f</span> ingress.yml </code></pre> </div> <p>The result is shown below</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjalm1a254zco31gd7p53.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjalm1a254zco31gd7p53.png" alt="Prometheus" width="800" height="263"></a></p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpg03vto5t355vxabom8t.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpg03vto5t355vxabom8t.png" alt="Grafana" width="800" height="263"></a></p> <h2> 6. Conclusion </h2> <p>As I venture into writing for Medium, I acknowledge potential errors in this documentation. I invite feedback and further inquiries from readers to improve the accuracy and comprehensiveness of this guide. Thank you for your attention and engagement.</p>