What are Snapshots?

Snapshots are on-demand disc images of a server, virtual machine, or storage system at any given moment. As the name suggests, they are a “snap” of the files and/or configurations of the server at a specific time to preserve system settings for use in the future. In addition to enabling rollbacks, Snapshots are also pretty useful in replicating the settings for additional servers or storage.

How are Snapshots Different from Backups?

In cloud computing, Snapshots and Backups are often used in place of each other but serve different purposes. Snapshots are all about speed, flexibility, and efficiency and come in handy in situations where time is of the essence, like fail-safe rollbacks. However, Backups are a more comprehensive method for restoring data and system state. In exchange for immediacy, Backups help with data protection more efficiently than Snapshots, because, unlike a Snapshot, data is pulled and copied to create a Backup. Backups can also occasionally rely on Snapshots for speed and consistency, but they are always stored externally.

Which one of the two should I pick?

The core difference between a Snapshot and a Backup is the fact that Backups are generally stored externally, which adds a slight latency in comparison to Snapshots.

If your business use case revolves around speed and efficiency and you’re on the lookout for data protection and rollbacks that are quick, Snapshots are the best fit for you. Snapshots are highly useful for version control, as every single Snapshot segregates into a new branch to protect your infrastructure from potential damage in the middle of upgrades.

However, this should not stop you from also using Backups for regular protection and maintenance, as they store individual files that cannot be restored from Snapshots. Also, be mindful that Snapshots end up consuming a chunk of the primary storage capacity.

Instead of asking which one of the two is better, it’s always recommended to go for both, as they only complement each other to safeguard data and restore system state at the earliest.

Snapshots on DigitalOcean

In this blog, we are also going to check out how to create and use Snapshots on DigitalOcean. If you don’t have an account yet, you can create one for free using this link and get $200 worth of free credits while you’re at it.

The pricing of Snapshots on DigitalOcean depends entirely on the size of the same. There are no additional charges for making a snapshot available in multiple regions, and Snapshots are charged at $0.06 GB per month for Droplets and Volumes.

Create a Snapshot of a Droplet:

1. Head over to the control panel and select the specific Droplet.
2. Shut down the Droplet using the Interface or execute the following in the console:

sudo shutdown -h now

If you’re using the Interface of DigitalOcean, you’ll find the toggle button towards the top right of your screen.

3. After shutting down the Droplet, in the menu, find the option that reads “Snapshots”, enter a name of your liking, and click “Take Live Snapshot”.

The process takes roughly a minute, and then you’re all set!

Create a Snapshot of a Volume:

You can take a Snapshot of a Volume from Control Panel > Volumes or you can do it directly from the Droplet’s Menu if the Volume is attached to your Droplet. For the Latter:

1. On the same menu as the aforementioned one, select Volumes.
2. Click on the drop-down that reads “More” and select “Take Snapshot”.

3. Give it a name of your liking and then select “Take Snapshot” one more time. Done!

Create a New Droplet from a Snapshot:

1. Click on the green “Create” button towards the top right of the interface and from the drop-down select “Droplets”.
2. Choose the region and datacenter that you want to proceed with and then scroll down to the option that reads “Choose an Image”.
3. Now find the “Snapshots” tab and select the Snapshot that you wish to go ahead with.

4. Select the Size and CPU Options as per your requirements and then click on the “Create Droplet” button.

Your new Droplet created from a Snapshot should be ready in a couple of minutes!

Create a New Volume from a Snapshot:

1. Click on the green “Create” button towards the top right of the interface and from the drop-down select “Volumes”.
2. In the pop-up that shows up, select the tab that reads “Create from Snapshot”, select the Snapshot you wish to use and click on “Next”.

3. Select Volume Size and Droplet to attach to based on your requirements and give the Volume a name. Once through, click on “Create Volume” and that’s all!

The new Volume created from the Snapshot will be ready to use within a minute!

Ending Notes

Snapshots are a powerful tool in the world of Cloud Computing and can be very useful in situations where time is of the essence to recover and restore system state. Since each Snapshot branches out, version control can become really easy with these. However, if you wish to have a restorable copy of all the data on your architecture, also consider using Backups. It’s not Snapshots vs Backups, but Snapshots and Backups, since both are equally significant.

Released back in 2016, Pokémon Go was an instant hit. As a matter of fact, the augmented-reality development, available for both Android and iOS devices, surged player traffic way past Niantic’s expectations within 15 minutes of its launch in Australia and New Zealand. Niantic chose to launch Pokémon Go over Google Cloud and the teams estimated 1X player traffic with the worst-case estimate of 5X of the same. Take a look at the image below to visualize the actual traffic in terms of Cloud Datastore Transactions per second shared by Google Cloud:

Within a few hours of the launch, the actual player traffic touched ten times the worst-case estimate.

Google Customer Reliability Engineering

Google introduced Customer Reliability Engineering (CRE), a new engagement model in which technical staff from Google integrates with customer teams, creating a shared responsibility for the reliability and success of critical cloud applications.

CRE’s first client was Niantic and their first assignment was monitoring and stabilizing the launch of Pokémon Go in the US. Niantic reached out to the CRE Team for reinforcements.

Google Cloud Technologies Involved

Pokémon Go was a container-based application and used many services across Google Cloud, but Cloud Datastore became a direct proxy for the game’s overall popularity given its role as the game’s primary database for capturing the Pokémon game world. The transactions per second surged to 50 times the initial target. The Google CRE Team seamlessly provisioned extra capacity on behalf of Niantic to stay well ahead of their record-setting growth. The Team worked hand-in-hand with Niantic to review every part of their architecture, tapping the expertise of core Google Cloud engineers and product managers — all against a backdrop of millions of new players pouring into the game. The application logic for the game runs on Google Container Engine (GKE) powered by the open-source Kubernetes project.

What and Why Kubernetes

Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. It was originally designed by Google and is now maintained by the Cloud Native Computing Foundation.

Resources like deployments help to automate and manage clusters of applications effortlessly with very little downtime. Deployments keep an eye on the pods and if any of the pods go down due to failure, it tries to get the pod back online. This eliminated the need to keep on monitoring every container on every node on which the application is running.

Back in 2016, Niantic chose GKE for its ability to orchestrate its container cluster at a planetary scale, freeing its team to focus on deploying live changes for their players.

Pokémon Go is the largest Kubernetes deployment ever on Google Container Engine.

How Kubernetes Benefitted in the Process

During the US launch, things did not unfold as expected and a lot of issues emerged around the game’s stability.

Niantic and the Google CRE team had to upgrade to a newer version of GKE that would allow for more than a thousand additional nodes to be added to its container cluster, in preparation for the highly anticipated launch in Japan just a few days later. Careful measures were taken to avoid disrupting existing players, cutting over to the new version while millions of new players signed up and joined the Pokémon game world.

A side benefit of the experience was that due to the scale of the container cluster and accompanying throughput, a multitude of bugs were identified, fixed, and merged into the Kubernetes open-source project, adding to its popularity amongst developers.

On top of this upgrade, the engineers worked in concert to replace the network load balancer, deploying the newer and more sophisticated HTTP/S load balancer in its place. The HTTP/S load balancer is a global system tailored for HTTP/S traffic, offering higher throughput for the amount and types of traffic Pokémon Go was seeing.

The Outcome

Improving upon the US launch, generous capacity provisioning, the architectural swap to the latest version of Container Engine powered by Kubernetes, along with the upgrade to the HTTP/S Load Balancer paid off when the game launched without any incidents in Japan, where the number of new users signing up to play tripled the US launch two weeks earlier.

Google’s global network helped reduce the overall latency for Pokémon Trainers inhabiting the game’s shared world. Game traffic travels Google’s private fiber network through most of its transit, delivering reliable, low-latency experiences for players worldwide.

Ending Notes

Niantic and Google Cloud — spanning CRE, SRE, development, product, support, and executive teams — collectively built Pokémon Go from the ground up. Without Google Cloud’s SRE team in place, I doubt if Pokémon Go would be as popular, even more than 5 years after its launch. One of the most widely played games of all time, the number of players are rising once again, especially now that people are able to start going outside post-pandemic. Who knew Pokémons would help Kubernetes grow?

What are Auth0 Actions?

Actions are secure, tenant-specific, versioned functions written in Node.js that execute at certain points during the Auth0 runtime. In short, an Action is a programmatic way to add custom business logic into your login flow. With Actions, you can add a customized mandatory logic to your login and identity flows that satiate your needs. The service also allows you to connect external integrations that complement the overall extensibility experience.

In the aforementioned flow, you can observe that as the user tries logging into the system, a trigger is initiated to verify the user’s identity using Onfido, and then the user’s consent is confirmed using OneTrust before completing the login flow and issuing the token.

Why Auth0 Actions?

• Observability: When Actions are executed, Auth0 will capture key metrics about them and link them to Auth0 Logs.
• Extensibility: Auth0 Actions is built to give developers more tooling and a better experience in their login workflows.
• Multiple actions on every trigger: Every Action trigger supports multiple independent Actions.
• Version Control: You have the ability to store a history of individual Action changes and the power to revert back to previous versions as needed.
• Access to NPM Packages: Nearly all public NPM packages are available to be used within Actions.
• Pre-Production Testing: Your personal Actions can be drafted, reviewed, and tested before deploying into production.
• Improved Developer Experience: The flow editor lets you visually build custom workflows with drag and drop Action blocks for complete control.

Implementation

We will be creating an Auth0 Action similar to the flow we saw at the beginning of this article using React. We’ll basically be creating an Action to make Multi-Factor Authentication (MFA) mandatory. You’ll need the following:

1. An Auth0 Account (if you don’t have one yet, visit this link and create one for free)
2. Any Code Editor of your choice. I’d recommend Visual Studio Code.

Getting Started with Auth0

1. Assuming that you already have an Auth0 Account, scroll down to find the option that says “Create Application”.

2. In the modal that follows, add the name of the application and then select Single Page Web Applications as its type.

3. Click the Create button which will redirect you to the “Quick start” section. In the new modal, select “React”.

4. You should see a screen that’s similar to the one below. Proceed to download the code selecting the appropriate option.

5. Click on the Setting tab to change the configuration of your Auth0 application. We’ll also be borrowing some data from this tab, precisely the Domain, and Client ID. I won’t be covering the theory of different URLs and origins but if you are interested in reading more about them, refer to this similar article that I drafted a while back.

6. Add your localhost URL which will be http://localhost:3000 unless you have changed it, to the following fields in the Settings Page.

• Allowed Callback URLs
• Allowed Logout URLs
• Allowed Web Origins

Setting Up Users and Roles

1. Click on the User Management Tab in the sidebar. Click on the Users tab followed by the Create User Option. We’ll create 2 Users for our Action.

2. Now go to the Roles Tab and click on Create Role Button. We’ll name the role Admin. Once created go to the user tab and assign it to the Admin user we created previously.

We are through with setting up roles and users. Now let’s return to our actual Application.

Setting Up the React App

1. Unzip the file we downloaded a while back and open the folder in a code editor of your choice. In src/auth_config.json add the details of your application from the Auth0 Dashboard, specifically the domain and Client ID.
2. To run the code, we first need to install the dependencies. Execute npm installfor the same. Execute the following to run the application in development mode npm run dev. You’ll see a Single Page Application like the one below built using React.

You can choose to log in using the credentials we created for Users.

Setting Up Actions

Setting up Actions is easy.

1. Click on the Actions tab in the sidebar towards your left. Go to the Flows Category to set up the flow of our Login. Select Login Flow. This will run the flow of action once the trigger is executed.

2. Click on the + Button in front of Add Action and select Build Custom. Add a name, leave everything else as is and click on Create.

Once done, you’re redirected to a screen that looks like the one below:

3. Find the onExecutePostLogin function and add the following snippet to it:

if (event.authorization != undefined && event.authorization.roles.includes("Admin")) {
      api.multifactor.enable("any");
  };

What this simply does is verify if the user has an Admin role and if in case it does, asks the User to go through MFA. On the left side of the code editor, you can see a play button that will emulate a testing environment for your action. You will find the event object in which you can test the actions flow by adding Admin to the authorization.roles array.

When you run the function with an Admin role, you will see a response as follows and when it’s not present you get an empty array.

4. Click on Save Draft followed by Deploy. Now go back to the flow and click on the Custom tab towards the right and you will be able to drag and drop the Authentication Action into the flow. Click on Apply and the new flow will be integrated into your Application.

5. Now we need to enable Multi-Factor Authenticationin the Auth0 dashboard. In the Security Tab that you can find in the sidebar, choose Multi-factor Auth. In the following screen enable One-time Password. This will allow users to use applications like Google Authenticator for a one-time password. There are other factors as well that you can enforce such as SMS or Email-based OTP.

In the Define Policiessection leave everything as is and save.

Running the Application

No spoilers here. Just hit npm startand you’re all set. When you try to login into the Application with the Admin account, you’ll be asked to complete the MFA flow we created.

You’ll basically be asked to consent to share your data with the Application and will only be allowed to proceed further after you share the required things. Try to log in with both the users we created previously to see the difference. The Action we created checks if the user trying to log in has the Admin role and if so, it triggers an MFA workflow with any of the enabled MFA use cases of the tenant.

Ending Notes

In a few steps, this is how we can effectively boost the security of our Application using Auth0 Actions. If you are interested in knowing more about the different sorts of triggers, head over to this link. You can also find the official documentation right here.

This article is based upon the following blog post — How to Extend Your Login Flow with Auth0 Actions, drafted by Rohit Mathew, a fellow Auth0 Ambassador.

Implementing Auth0 is relatively easy in comparison to other services available in the market, which is why I prefer working with it. In case of any doubts or queries, please feel free to open a discussion below.

What is Auth0?

Auth0 is an easy-to-implement, adaptable authentication and authorization platform. In short, it is a highly customizable platform that provides authentication and authorization as a service that can help in securing your application with tools that offer seamless integration.

Using Auth0 for authentication with client-side apps means that Auth0 is going to be responsible for issuing an access token after the user’s identity has been verified. There are several ways to verify a user’s identity, out of those, two common authentication mechanisms found abundantly today are via credentials given by the user (the traditional email or username combination with a password) or through a social identity provider.

Find out more about Auth0, here.

Why Auth0?

• Single Sign-On with support for over 40 different Identity Providers. SSO allows users to simply log in once and use all applications they have been granted access to. You could use your Google account to authenticate yourself with an application that decided to delegate the responsibility to create, maintain, and protect your username and password to Google.

• Universal Login, which significantly improves user experience while boosting security and consistency. Since authentication takes place on the same domain as the login, credentials are not sent across origins, increasing security and protecting against phishing and bucket brigade attacks, also known as man-in-the-middle (MITM) attacks.
• Multi-Factor Authentication provides an additional layer of security, decreasing the likelihood of unauthorized access.
• Anamoly Detection detects anomalies and stops malicious attempts to access your application. Auth0 offers two different kinds of shields, Brute-force protection and breached password detection.

If you want to read about these features in detail, head over to this link.

Setting up the React App

In a terminal window, execute the following commands:

npx create-react-app auth0-authentication
cd auth0-authentication
npm i react-router react-router-dom

The first command will create a new React app for you while the second one navigates you into the directory. The two libraries that we installed in the third command will handle the navigation of our app. Run npm startto see what the app looks like before we make any changes. The command will start a development server that listens at port 3000 and will open the new app in your default web browser.

Now let’s update the index.js file. Simply add the following code snippet to the file:

import { BrowserRouter } from 'react-router-dom';

ReactDOM.render(
<BrowserRouter><App /></BrowserRouter>, document.getElementById('root'));

serviceWorker.unregister();

What we did was import BrowserRouter from the react-router-dom library, and encapsulate the App component inside this router. That’s pretty much it for kickstarting React Router.

Getting Started with Auth0

1. To integrate Auth0 in our Application, we first need an Auth0 account. To create an account, click here and sign up for free.
2. Once you’re done with this, scroll down to find the option that says “Create Application”.

3. In the modal that follows, add the name of the application and then select Single Page Web Applications as its type.

4. Click the Create button which will redirect you to the “Quick start” section.

5. Click on the Setting tab to change the configuration of your Auth0 application. We’ll also be borrowing some data from this tab, precisely the Domain, and Client ID.

6. Search for the Allowed Callback URLs field and insert http://localhost:3000/callback on it.

While authenticating the app using Auth0, users will be redirected to the Universal Login Page of the app and after the authentication process regardless of being successful or not, they will be redirected back to your application. Auth0 will redirect users only to URLs registered on the Allowed Callback URLs for security reasons.

7. Now we need to add Allowed Web Origins and Allowed Logout URLs. As the app is going to issue a request to Auth0, we will need to add http://localhost:3000 to Allowed Web Origins. Without this value, Auth0 would deny any incoming request coming from the app. To enable users to end their session at Auth0, we need to call the Logout URL. Similar to the authorization endpoint which is Allowed Web Origins, in this case, the log-out endpoint only redirects users to whitelisted URLs after the process. Hence, we’ll add http://localhost:3000 here as well.

And that’s pretty much it for setting up things over Auth0.

Integrating Auth0 with the React App

We’ll be using the official Auth0 Library now to integrate and secure the app we just created. Simply return to the terminal and execute the following command.

npm install auth0-js

We’ll now create a class that will store the Auth0 authentication functionality. We simply need to create a new file Auth.js inside the src folder of our react app and add the following lines of code:

As described above, we simply create an instance of auth0.WebAuth with our Auth0 values and define some other important configurations. Do NOT forget to replace the data from Line 7 to 9 with the one in your dashboard to make the app work.

Now to handle the callback route (http://localhost:3000/callback), we’ll define a component, create a new file called Callback.js inside the src directory. Simply add this code to the newly created file:

All this component does is call the handleAuthentication method to fetch the user information that is shared by Auth0. It also redirects users to the home page (history.replace('/')) after finishing the handleAuthentication process. The component also shares a message which reads “Authentication with Auth0 works!” to let you know that you’re on the right path.

Changes in the Front End

To reflect all the changes we made onto our front end, we need to update the App.js file and create a new file Home.js inside src folder. Home.js validates if the user is authenticated or not.

Check out both the files and make amendments.

After making and saving all the changes, execute npm start. Your React app with Auth0 User Authentication is ready.

Ending Notes

The app we just created can be reused for any React+Auth0 App you plan on building. Go through the official documentation of Auth0 to make it better and read about all the other services and tools offered by the Organization. Personally, I prefer Auth0 over Firebase simply because of the Single Sign-On Feature with access to a plethora of Identity Providers.

Implementing User Authentication with Auth0 in React was originally published in System Weakness on Medium, where people are continuing the conversation by highlighting and responding to this story.

If you’ve previously written database queries for Relational Databases you probably understand that it’s not a cakewalk for someone from an OOPs background. This is where ORM or Object Relational Mapping jumps in, allowing us to query and manipulate data from a database through an object-oriented programming language of our choice. Traditionally, if I were to interact with my database, I’d have to write SQL queries. Using an ORM I can simply communicate with the same using code written in JavaScript, for example. In a nutshell, an ORM is nothing but a layer between your code and your database, facilitating communication using methods declared within the framework.

What’s the benefit of using an ORM?

The biggest advantage that you get out of implementing an ORM is that you get to write your queries comfortably in the language of your choice. This minimizes the constraints you have in terms of development tremendously. For someone like me who absolutely detests query languages, ORM adds a lot of flexibility in terms of the usage of database(s) as well. Moreover, you can easily reuse your code with minor to no changes.

What is Prisma?

Prisma is a server-side library that helps your app read and write data to the database in an intuitive and safe way. Prisma supports MongoDB, PostgreSQL, MySQL, and SQL Servers amidst a lot of other databases. You have the option to either start a new database with Prisma or connect an existing database to Prisma.

In short, it’s an open-sourced ORM segregated into three services, namely:

1. Prisma Client: A query builder that gets auto-generated from the Prisma schema with types tailored to your application.
2. Prisma Migrate: A service that automatically generates SQL database migrations, that are fully customizable. For quick data model prototyping in development,prisma db push lets you make changes to the database without generating migration files.
3. Prisma Studio: A visual database browser that opens in your browser to graphically view and edit the data.

For more details about Prisma, click here.

How does it work?

Every project that uses a tool from the Prisma toolkit starts with a Prisma schema file. This Prisma schema file is the main configuration file for your Prisma setup. It is typically called schema.prisma and consists of Data Sources, Generators, and Data Model Definition. It allows developers to define their application models in an intuitive data modeling language. Whenever a prisma command is invoked, the CLI typically reads some information from the schema file, which contains the connection to a database and defines a generator.

Find the documentation here.

Installing Prisma

1. In order to get started, we’ll install the Prisma CLI tool as a development dependency using npm install —-dev prisma.
2. Now we’ll set up our Prisma project by creating the Prisma schema file template with npx prisma init. This creates a /prismafolder with a schema.prisma file at the root of the project. There’s also new /.env that you should add to .gitignore.
3. To connect your database, you need to set the url field of the datasource block in your Prisma schema to your database connection URL. The format of the connection URL for your database depends on the database you use.
4. With the npx prisma db pullcommand, Prisma can pull the pre-existing database schema and on its own copy and refactor it into the schema.prisma file. Alternatively, you can also install and generate Prisma Client. Simply run npm install @prisma/client, followed by npx prisma generate. This command reads your Prisma schema and generates your Prisma Client library.

Why Prisma?

Prisma’s main goal is to make application developers more productive when working with databases.

It is an upgraded ORM that mitigates many problems of traditional ORMs, such as bloated model instances, mixing business with storage logic, lack of type-safety, or unpredictable queries.

It uses the Prisma schema to define application models in a declarative way. Prisma Migrate then allows to generate SQL migrations from the Prisma schema and executes them against the database. CRUD queries are provided by Prisma Client, a lightweight and entirely type-safe database client for Node.js and TypeScript.

Ending Notes

ORM is advantageous for the folks who have a stronger background in OOPs and not SQL or query languages. Only consider implementing this system if you’re ready to learn more about the ORM library, what it offers and how to set it up error-free, otherwise, you might end up wasting your time instead of trying to save it. Even if you dive into ORM, continue to practice and have a good hold over SQL and other query languages.

Of all the different kinds of ORMs out there, I felt that Prisma was way ahead of all the competitors, thanks to the vast beginner-friendly documentation and this comparison page too.

I recently got on board as a Navigator and that’s how I came across the DigitalOcean Kubernetes Challenge, a challenge to sharpen your DevOps skills, learn more about Cloud Native Computing Foundation (CNCF) projects, and win various vouchers amidst a lot of other things. In this article, I’m going to document my submission and share how I built it.

About the Challenge

The DigitalOcean Kubernetes Challenge gives developers an opportunity to level-up their K8s skill set.

Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. It was originally designed by Google and is now maintained by the Cloud Native Computing Foundation.

DigitalOcean Kubernetes (DOKS) is a managed Kubernetes service that helps us to deploy Kubernetes clusters hassle free without needing to handle the control panel and containerised infrastructure. Clusters are compatible with standard Kubernetes toolchains and integrate natively with DigitalOcean Load Balancers and block storage volumes.

Find more details about the same here: https://www.digitalocean.com/community/pages/kubernetes-challenge

The Prizes

Those who successfully finish the challenge, receive the following prizes:

• $150 to donate to your project of choice in Open Collective
• $100 gift card to be used at the DigitalOcean Swag Store
• $50 gift card to be used at the CNCF Swag Store

My Submission

I decided to go ahead with the “Deploy an internal container registry” Challenge, housed under the “New to Kubernetes” category, as I still consider myself pretty new to DevOps. To try the aforementioned challenge, I received $60 worth of DigitalOcean Credits that I used to deploy the Internal Container Registry using Harbor.

Creating a Kubernetes Cluster

Over DigitalOcean, Kubernetes Clusters can be created in many ways, using the Dashboard, doctl CLI and so on. I used the DigitalOcean Dashboard to create it, specifically the Kubernetes Create Cluster Dashboard. Here are the specifications that I used:

• Kubernetes Version: 1.21.5-do.0
• Datacentre Region: I went with the default, though it’s advisable to select the one that’s nearest.
• Cluster Capacity; Machine Type, Node Count, Node Plan: I rolled with the lowest possible values for these so I could keep the monthly rate low, which allowed me to experiment around!

The process takes a while, for me the cluster was up and running in a few minutes.

Connecting to the Cluster

I was greeted with a pretty dashboard, the one below:

Towards the bottom of this dashboard I found the doctl command to run that automatically saves the Kubernetes configuration on your local machine;

doctl kubernetes cluster kubeconfig save *cluster_details*

After saving the auth config using the aforementioned command, I moved ahead with the installation of the image repository as well as the ingress using kubectl.

Setup

I used Helm, the Package Manager for Kubernetes, to setup Traefik Ingress.

helm install \
--namespace traefik \
--create-namespace \
--values charts/traefik/values.yml \
traefik traefik/traefik

The next step is to setup Harbor.

PASS=$(openssl rand -hex 8)
KEY=$(openssl rand -hex 8)
helm install \
--namespace harbor \
--create-namespace \
--values charts/harbor/values.yml \
--set-string "secretKey=$KEY" \
--set-string "harborAdminPassword=$PASS" \
harbor harbor/harbor

apply manages applications through files defining Kubernetes resources. It creates and updates resources in a cluster through running kubectl apply. So I created the following examples to deploy my submission:

kubectl apply -f yml/nginx-example.yml
kubectl apply -f yml/traefik-dashboard.yml

This looks super easy but it took me a while to be done with this!

Learnings

• I’ve always wanted to dive deeper into the world of DevOps, this challenge gave me the push that I truly needed!
• Apart from that, I was able to learn a lot about DOKS. I absolutely hate going through documentations but it was fun reading through doctl and kubectl without confusing between both.
• I had to choose between Harbor and Trow and my decision was influenced by the wider availability of documentation for Harbor. As a registry, it looks amazing.

Why Kubernetes though?

I pitched this question to myself everytime I failed to deploy the container but hey, it offers:

• Auto Scaling
• Automated Rollbacks
• Load Balancing
• Self Healing

It’s a good bargain after a few hiccups! Once you get the hang of K8s it’s a good tool that helps you be more productive, though it can sometimes be an overkill for simple applications! I loved the dashboard offered by DigitalOcean which highlights insights in an amazing way. Take a look:

Ending Notes

Kubernetes provides an easy way to scale your application compared to virtual machines. It keeps code operational and speeds up the delivery process. Kubernetes API allows the automation of a lot of resource management and provisioning tasks. I would recommend taking up the DigitalOcean Kubernetes Challenge if you’re looking forward to upskilling!

Brief Introduction to SRE

“The basic concept of reverse engineering is breaking something down to understand it and make it better.”

Reverse engineering was initially limited to hardware but today, we apply it to software, database, and even human DNA. What started as a learning tool is now being harnessed as a process to break things and make them better. When we specifically talk about Software Reverse Engineering, it helps developers build cheaper, more efficient, and interoperable systems. The purpose of reverse engineering is to facilitate maintenance work by improving the understandability of a system and producing the necessary documents for a legacy system. Reverse-engineering can also expose security flaws and questionable privacy practices.

What is Ghidra?

Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may also develop their own Ghidra extension components and/or scripts using Java or Python.

Get your copy of Ghidra here.

Installing Ghidra

Installation is easy. Unlike other programs that use a traditional installer, the Ghidra distribution file is simply extracted in-place on the filesystem. This simply means that administrative privilege is not required to install Ghidra for personal use, hence there are no updates to the OS Configuration. A downside of the same is that Ghidra will not automatically create a shortcut on the desktop or appear in application start menus.

Using the aforementioned link, download the distribution and follow these steps for Windows 10:

1. Extract the JDK by right-clicking on the .zip file and then selecting “Extract All”.
2. Open Environment Variables Window by right-clicking on the Windows start button, and then click “System”. Then select “Advanced System Settings”, followed by “Environment Variables”.
3. Add the JDK bin directory to the PATH variable by highlighting “Path” under System Variables. Simply at the end of the Variable value field, add a semicolon followed by <path of extracted JDK dir>\bin. You’re all set.
4. Restart any open Command Prompt windows for changes to take effect.

If you’re using Linux or macOS, the process is fairly similar. Extract the JDK distribution (.tar.gz file) to your desired location, and add the JDK’s bin directory to your PATH using the following commands:

tar xvf <JDK distribution .tar.gz>

vi ~/.bashrc

export PATH=<path of extracted JDK dir>/bin:$PATH

Save the file and restart for the changes to take effect.

Getting Started with SRE using Ghidra

Now that installation is complete, let’s reverse engineer a Portable Executable file for starters! Download the PE File here.

We now need to open the file in Ghidra and set up the analysis. Follow these steps to get it up and running in no time:

1. Open Ghidra and click on File > New Project.
2. Select Non-Shared Project and choose a Directory as well as Name for your project.
3. Once done, click on Import File and choose the Executable file shared above. As you’re through with this, your screen should resemble the one given below.

Now all you need to do is drag the file onto the Dragon-shaped icon in the Tool Chest. This will open the Code Browser Window where the remainder of the process will take place!

In the prompt which asks you if you want to analyze the file, select “Yes”. In the same prompt, uncheck PDB and Windows x86 PE RTTI Analyzer which won’t be necessary at the moment.

PDB is a file that supports the debugger but since our file does not require it, we won’t be using the tool. As for the other tool, it populates push instructions with comments which might help us make sense of the binary file more easily. We won’t be needing the Windows x86 PE RTTI Analyzer either.

If you have followed all the steps correctly, you’ll see a screen that is similar to this:

What you see on the Decompile window is the code for Function Entry. In the same window, as you scroll down, you’ll see the following:

_Code = FUN_00401000()

This is nothing but the main function! This is an optional step but consider renaming it to main so you can easily track it in the future. To do so, simply right-click on FUN_00401000() and select Rename. You can also follow this for renaming variables, which makes your job easier!

Give yourself a pat on your back as by following these steps, you have successfully reverse-engineered the given executable file using Ghidra!

Ending Notes

The Portable Executable File that we are using is actually a CTF Prompt so feel free to crack it!

SRE if done manually, would consume a lot of time and labor, which is why we use various automated tools to make our job easier. Reverse Engineering has its own pros and cons. Use Ghidra wisely to learn and grow as a developer.

If you are active on LinkedIn or in Technical Communities around you, you must have come across at least one Campus Ambassador for an XYZ Organization. But, first, who is a Campus Ambassador and second, why would anyone want to be one? If these questions have you rummaging around, read on!

Who is a Campus Ambassador?

Campus Ambassadors are students that serve as a link between the organization they are associated with and their institution. In a nutshell, they are the voice of a company in their University and are in charge of raising awareness about the same. Campus Ambassadors are leaders who take charge of marketing and evangelizing upcoming events or specific products or programs!

Now, why would anyone want to be a Campus Ambassador?

The answer to this question is simple, to gain exposure to the corporate world. It’s an amazing opportunity to work on your soft skills including your leadership and marketing skills as well as team management and event organization skills, all of this while also expanding your network exponentially. It gives you an opportunity to add an extra pointer to your resume and make it stand out from the rest. Being a Campus Ambassador also helps you earn some extra bucks in the form of incentives based upon your performance as one. Moreover, one gets the opportunity to be a part of a community that can help you out with your technical doubts as well! In most Campus Ambassador Programs (especially the ones that I’m a part of), the mentors are extremely knowledgeable and don’t leave a stone unturned to help the students who are associated with their organization!

Why YOU should sign up to be one?

Take the following pointers into consideration if you want a better perspective:

• You get an insight into how the corporate world functions. It helps you understand the working of organizations.
• You get the opportunity to build your network and work on your soft skills, here note that most recruiters value soft skills just as much as a candidate’s hard/technical skills. Skills here include your leadership, communication, and team-building skills as well as marketing skills and work etiquette.
• While you explore the world of digital marketing and evangelism, in the process you also learn how to pitch yourself in a better manner. Now during your interviews, you don’t just talk about your technical skills, you sell your resume to your interviewer and if you are good at presenting yourself, consider yourself shortlisted!
• Campus Ambassador Programs open doors to new opportunities. If you are a part of a community with other Ambassadors, you get a chance to connect with like-minded individuals. Most of the other Ambassadors share knowledge and guidance amidst a lot of other resources including details of technical or non-technical internship opportunities and if you are active in your community, you stand a really good chance at bagging one!
• You get access to resources shared by the Organization you are associated with and may get invited to exclusive events and webinars that will definitely help you boost your career.
• Last but not the least, you get industry certified with a Letter of Recommendation or a Certificate stating your association with the Organization. You may also receive incentives based upon your performance! Ambassador exclusive swags are counted!

If these pointers do not tempt you into filling up applications for being a Campus Ambassador for different organizations, I really don’t know what will.

What would be your responsibilities if you choose to be a Campus Ambassador?

I’m glad that you are considering it. As a Campus Ambassador for any organization, your responsibility will solely be to endorse the company or the products offered/events organized. To give you a better insight, here’s a list of things that you might have to do:

• Raise awareness about the brand.
• Organize or help organize events on your campus and manage the promotions for the same.
• Come up with new and innovative ideas for marketing, you’ll be rewarded for sure if you come up with exceptional ones.
• Develop strategic connections with clubs or communities around you or upcoming events to promote your brand.

My experience as a Campus Ambassador.

I currently am a Campus Ambassador for several reputed organizations like Auth0, HackerEarth, Hack Club, Coding Blocks, and AngelHack. I also am a GitHub Campus Expert and an Alexa Student Influencer and I don’t think I could’ve gotten in without the exposure that I received at the aforementioned organizations. I’ve been associated with Bolt IoT and Coding Ninjas as well but there wasn’t much to take home from these organizations hence I dropped out.

I started applying for Campus Ambassador Programs during my semester break post my first semester. I was pretty bored and the incentives seemed attractive! With each application, I could feel the bar of confidence in me rising, step by step I was learning how to be a better version of myself.

Not a promotion, but being a part of the Coding Blocks Superheroes Community helped me excel at content writing and the constant support that I have received from my mentors has helped me be better at digital marketing and graphic designing. The students who are a part of the community have tremendously helped me upskill my technology stack by sharing a zillion resources over trending technologies. Being a part of HackerEarth has helped me become a better coder. I’m elated to share that I’ve gotten technical internship opportunities through networking in the communities that I am a part of, I’ve received guidance for hackathons and I’ve also received the opportunity to mentor several students!

Finally, a list of Organizations you should consider if you are interested in being a Campus Ambassador!

The following list is in no particular order. Apply for one, apply for all! Just make sure that you divide your time smartly. I am not asking you to ditch working on your hard/technical skills. A reminder that soft skills are as important as hard skills. Here you go!

• Coding Blocks (highly recommended if you are a fresher)
• Microsoft Learn Student Ambassador (amazing opportunities, and Microsoft)
• GeeksForGeeks
• OnePlus
• Intel
• HackerEarth
• Verzeo (you may get a free course)

After gaining some experience as an ambassador, try applying for these Community-Oriented Programs as well!

• GitHub Campus Expert
• Developer Circles by Facebook
• AWS Educate by Amazon
• Developer Student Clubs by Google
• Auth0
• Mozilla Representative/Student Ambassadors

I personally would not recommend the following and I’ll highlight the reasons for the same.

• Internshala — You don’t really have anything to take home, no technical guidance or support in any form from what I’ve heard from Internshala Ambassadors.
• Coding Ninjas — Personally had a not-so-good experience as an Ambassador, ended up resigning.
• Bolt IoT — They just want you to run WhatsApp “drip” campaigns and have you convince your friends to buy the IoT Kit. If you somehow manage to persuade one, only then you’ll be eligible for a Certificate of Completion. Incentives are a bit messed up.

Ending notes.

I really hope that this post helps you have a better perspective over the Campus Ambassador Programs around you. Devote your time efficiently, do not overdo stuff, make sure you don’t sign up for too many programs at once. It’s not a compulsion to necessarily be a Campus Ambassador, it’s a choice and it entirely is up to you if you wish to add this experience to your list of responsibilities. Choose wisely, a humble request. If it takes a toll on you professionally, talk to your mentor or manager and take a break, it’s absolutely fine. For any queries, feel free to reach out and I’d love to guide you! I am open to feedbacks and additions to this post!