Showing posts with label Cloud. Show all posts
Showing posts with label Cloud. Show all posts

Saturday, October 12, 2019

Create a Free Tier Windows/Linux Virtual Machine in Azure

Azure free tier provides following free services for 12 months after one month for your free $200 credit:

  1. 750 hours B1S VM Windows Virtual machines
  2. 750 hours B1S VM Linux Virtual machines
  3. 64GB x 1 Storage - 2 P6 SDDs
  4. 5 GB File Storage
  5. 250 GB SQL DB
  6. 15 GB Bandwidth (Data Transfer)
  7. etc
Basically, you can run two virtual machines (one for windows , one for linux) free for a year.

Tuesday, September 24, 2019

VPS Bench Comparison for AWS,Azure,Google Cloud and Oracle Cloud (Free Tier & Regular Tier)

In this post, I am put all of following topics together
  • Benchmark free services for AWS, Azure, GCP
  • Another bench script
  • Benchmark regular size VM on AWS, Azure, GCP
  • How to find out what kind of hypervisor your cloud virtual machine is using?
Note: Sep 23 2019, just recently I started to test Oracle Cloud. Benchmark result has been added into the end of this post.

Benchmark Free Services for AWS, Azure, GCP
All of AWS, Azure and Google Cloud are providing some kind of free tier to the users. I am always wondering how those free tier VPS performance looks like. I did some bench work to test them out.

Here is the method and result.

I am going to use some bench scripts found from github and running them through the same size VM created on AWS, Azure and GCP. It will benchmark their CPU, Disk IO, network throughput

Wednesday, September 4, 2019

Gartner CASB (Cloud Access Security Brokers) Magic Quadrant

Cloud access security brokers have become an essential element of any cloud security strategy, helping organizations govern the use of cloud and protect sensitive data in the cloud. Security and risk management leaders concerned about their organizations’ cloud use should investigate CASBs.


Sunday, July 14, 2019

Running WordPress in the Docker of AWS EC2 Instance

Docker is a technology that allows you to build, run, test, and deploy distributed applications that are based on Linux containers. Docker is already available on many different operating systems, including most modern Linux distributions, like Ubuntu, and even Mac OSX and Windows.If you are using Amazon EC2 already, you can launch an instance and install Docker to get started.

Youtube Video:

Monday, June 10, 2019

How to Enable Root Account and Enable Username/password Access in GCP

By default, Google Compute Engine offers the browser-based Google Cloud Platform Console tool that lets you manage your Google Compute Engine resources through a graphical interface. Use the GCP Console to manage your resources if you prefer using a user-interface through the browser.

In the GCP documentation setting up ssh keys  which shows how to set up your own ssh key to access all your virtual machines in GCP. here's the summary of steps:
  1. Generate your keys using ssh-keygen or PuTTYgen for Windows, if you haven't already.
  2. Copy the contents of your public key. If you just generated this key, it can probably be found in a file named
  3. Log in to the Developers Console.
  4. In the navigation, Compute->Compute Engine->Metadata.
  5. Click the SSH Keys tab.
  6. Click the Edit button.
  7. In the empty input box at the bottom of the list, enter the corresponding public key, in the following format: 

    <protocol> <public-key> [email protected] 

    This makes your public key automatically available to all of your instances in that project. To add multiple keys, list each key on a new line.
  8. Click Done to save your changes. 

    It can take several minutes before the key is inserted into the instance. Try connecting with ssh to your instance. If it is successful, your key has been propagated to the instance.

Sunday, June 9, 2019

Using Portainer to Deploy Guacamole Docker- Web-based Remote Access Gateway

Apache Guacamole is a clientless remote desktop gateway. It has been called clientless gateway because no plugins or client software are required. The utility offers a HTML5 interface that is used to start remote sessions. There is no other special client software need to be installed as long as you have a browser. The following popular protocols are supported, VNC, RDP, SSH, Telnet.

Guacamole consists of the following components:
Guacamole architecture
  • Guacamole Server (Tomcat Servlet Container)
  • Guacamole Proxy Server (guacd), establishes remote connections
  • Remote hosts – accessible via protocols above
A Guacamole server can contact multiple proxy servers. Using this, it is possible to access desktops in multiple network segments using one frontend.

In this post, I am gong to present a way to set up Guacamole server in Azure free tier cloud VM. I am using docker technology with the help from Docker Web UI Portainer, to deploy a Guacamole docker into a Linux virtual machine. 

Sunday, January 20, 2019

Install OpenStack - DevStack into Ubuntu 16.04.05 Virtual Machine

DevStack is an opinionated script to quickly create an OpenStack development environment. It can also be used to demonstrate starting/running OpenStack services and provide examples of using them from a command line. This post is going to present the steps how to install DevStack into a VMware workstation Ubuntu VM.

Youtube Video:

1. Prepare Ubuntu VM

This Ubuntu Virtual machine will need at least 12G memory and 100G hard drive. I have given my OpenStack VM 16G memory and 120G hard drive for testing.

Tuesday, October 9, 2018

How Much Google Cloud Platform Charges on F1-Mirco VM

AWS offers a 1-year-free trial. The trial is more than enough to get your feet wet, including 750 hours/month of a small 1 CPU/1GB RAM instance with 30GB disk storage, 750 hours/month of a similarly-sized managed database instance (e.g. MySQL), and 5GB of cloud storage (enough for a small web server running constantly for a year).

Google Cloud offers a 12 months, $300 credit trial, and a Free Tier that isn’t time-limited. That means, you can get an instance with 1 shared  vCPU/0.6GB RAM with 30GB disk storage and 5GB cloud storage, all for free. You should be able to run a small website for free, forever if Google keeps this policy. 

In fact, there are always some other small charges coming based on my testing, especially from spiked cpu and egree traffic. I have been using GCP VM instance for a small site for a while. It was not been charged much since the traffic is small, a couple of thousand visitors per day from the world. 

To better trace the charges, I decided to spin up another VM around 10PM Sep 28 2018 to track how much it will charge daily with this minimum f1-micro (1 vCPU, 0.6 GB memory) VM.

I choosed Ubuntu 16.04 (Xenial Xerus) on f1-micro. License is free for this OS. The only service enabled on this f1-micro VM is Mysql used as backend of my blog. FrontEnd is another PHP/APACHE VM hosting in another GCP account.  I have hardened the firewall rules to allow only MySQL in from a specific ip.

Sunday, September 23, 2018

Red hat Openshift Deploy Image Example - Create V2Ray Server

Red Hat® OpenShift® is a comprehensive enterprise-grade application platform, built for containers with Kubernetes. It can automate the build, deployment, and management of applications so that you can focus on writing the code for your next big idea.

Basically OpenShift is Red Hat's Cloud platform as a service (PaaS). It provides a free and open source cloud-based platform allows developers to create, test and run their codes and deploy them into a free cloud platform.

This post is going to use an example to deploy a V proxy project into Red Hat OpenShift cloud to describe the basic steps.

Monday, August 13, 2018

How to Share GCP Images with Other Users and Projects

We always can share Compute Engine images, snapshots, and disks with other users outside of your project or organization. Basically users with read access to those resources can use them to complete operations in other projects and organizations. For example, if you grant a user read access to an image or snapshot in your project, they can use those resources to create persistent disks in their own projects.

Here is detailed steps how to share GCP (Google Cloud Platform) compute engine image cross user accounts and projects.

1. Log into your GCP

Thursday, June 28, 2018

Gartner Magic Quadrant for Cloud Infrastructure as a Service (Worldwide) (2018,2017,2016,2015,2014,2013,2012...)

In the context of this Magic Quadrant, cloud compute IaaS (hereafter referred to simply as "cloud IaaS" or "IaaS") is defined as a standardized, highly automated offering, where compute resources, complemented by storage and networking capabilities, are owned by a service provider and offered to the customer on demand. The resources are scalable and elastic in near real time, and metered by use. Self-service interfaces are exposed directly to the customer, including a web-based UI and an API. The resources may be single-tenant or multitenant, and hosted by the service provider or on-premises in the customer's data center. Thus, this Magic Quadrant covers both public and private cloud IaaS offerings.
Gartner's two top leaders, AWS and Microsoft, didn't change for all the time from 2010 to 2018. But Google Cloud Platform has made to leader quadrant this year.

Wednesday, April 18, 2018

Gartner's Magic Quadrant for Public Cloud Infrastructure Managed Services Providers (2018, 2017)

What are Public Cloud Infrastructure Managed Service Providers?

Public cloud infrastructure as a service (IaaS) delivers compute, storage and network resources in a self-service, highly automated fashion. The leading public cloud IaaS providers also offer platform as a service (PaaS) capabilities and other cloud software infrastructure services as part of an integrated IaaS+PaaS offering

This Gartner magic quadrant report analyzed vendors in the market and states that “a public cloud infrastructure managed service provider (MSP), in the context of this Magic Quadrant, is an MSP that offers managed services and professional services related to infrastructure and platform operations for one or more hyperscale integrated infrastructure-as-a-service (IaaS)+platform-as-a-service (PaaS) providers.”

Three Vendors are in Leaders Quadrant:
  • Accenture
  • Cloudreach
  • Rackspace
This is the second consecutive year in which Accenture was recognized as a Leader in the Gartner report.

Friday, October 6, 2017

WAMP and Wordpress Install on AWS Free Tier Windows 2012 R2

AWS provides a 750 hours free tier on Windows machine. I am always wondering how to install wordpress on it to use this free tier instance . Here is all steps I followed today. Most steps are same as WPMU DEV's post "Setting Up WordPress Locally for PC/Windows with WampServer". I do add some of my own experience in the steps.

Basically WampServer = (Apache, PHP, MySQL on Windows). WAMP is the software suite installed on popular Windows operate system, includes Apache, MySQL, PHP and some other tools. It is derived from LAMP which stands for Linux, Apache, MySQL, and PHP. As the name implies, while LAMP is used on Linux servers, WAMP is used on Windows servers.

Note: Microsoft WebPI is another popular way to install wordpress on Windows server. But truly not recommend. I managed to get it working and eventually still find WAMP is better and easier to use.

For Windows: WAMP and Wordpress Install on AWS Free Tier Windows 2012 R2
For Ubuntu: LAMP and WordPress Installation on Ubuntu

Saturday, September 30, 2017

LAMP and WordPress with HTTPS Certification Cloud Installation on Ubuntu

I have selected Ubuntu as OS platform to install my php, wordpress and mysql. It gave me lots of learning experience on Linux. Here is many steps I recorded during working on my blog site.

For Windows: WAMP and Wordpress Install on AWS Free Tier Windows 2012 R2
For Ubuntu: LAMP and WordPress Installation on Ubuntu

1. Basic Ubuntu Configuration (Not in Cloud)
1.1 Configure Interfaces

Welcome to Ubuntu 15.10 (GNU/Linux 4.2.0-16-generic x86_64)

 * Documentation:

48 packages can be updated.
37 updates are security updates.

Last login: Sat Feb 13 20:16:03 2016 from
[email protected]:~$ cd /etc/network
[email protected]:/etc/network$ sudo vi interfaces
[sudo] password for john: 

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface -- use DHCP 
auto eth0

iface eth0 inet dhcp

# The secondart network interface -- use static ip address
auto ens160
iface ens160 inet static

[email protected]:/etc/network$sudo /etc/init.d/networking restart

Wednesday, September 27, 2017

Launch and Access Amazon AWS EC2 Instances

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. Millions of users are currently leveraging AWS cloud products and solutions to build sophisticated applications with increased flexibility, scalability and reliability.

In this post, I recorded all steps regarding how to launch a free tier AWS instance and how to use a client to access the instance.
1. Launch a EC2 Instance
1.1 Access Amazon AWS site :

Sunday, September 24, 2017

Create AWS Diagrams Online

I was looking for some online tools to create impressive AWS diagram for my learning process. Most of online diagram websites provide certain free usages.

In my My Top Internet / Network Tools post, I mentioned following online diagram drawing websites which I used before:
  • Gliffy :After trial, it is still free to use, but not able to create a new diagram. Existing diagrams will still be kept for editing. Gliffy marks all diagrams as public when a trial expires. Any diagrams created would remain in the account. Diagrams always remain in the account regardless of the status. Gliffy never moves or deletes diagrams. Free account have a limit of 2MB or 5 diagrams, but usually it is enough since you export to gliffy format to import it later. 
  • Lucid Chart. It can import /export visio format file. Free account will limit complexity to only 60 objects, three active documents, 25mb of Storage, not able to edit imported visio files, etc. 
  • : it supports to save diagram to all kinds of Internet online drivers. 
  • SmartDraw :  provides desktop version, not free. For Cloud , trial for only 7 days, no free usage. 
  • : Best for AWS diagrams. It also gives you a budget number for your AWS infrastructure. Please check this post.

Here are some good AWS diagram websites I found useful to me.


1. AWS 3D Diagram from

It is quite impressive when I started to make my first diagram. Limit grid size is a big pain when you try to draw a detail diagram for your AWS VPC, but it is good enough to draw a three tier application deployment. 

Cloudcraft allows registered user to create AWS diagrams for free using all available components with some feature limited. Upgrade to Cloudcraft Pro for import of live AWS data and unlimited size diagrams. It can automatically calculate the cost for your design, and  also provides live connection to your AWS account. The smart components feature makes it much easier to connect other components you lay on the grid than any other websites I tried. Love it. So far, I think it is best site for me .

Monthly $49 can get your subscription to pro level to unlock those restrictions.

Building a 3S (Scalable, Stable and Secure) AWS Test Environment - Part 2

3.  Building a scalable AWS architecture (ELB, ASG, RDS)

  • Understand NAT Instance vs NAT Gateway
  • create your security groups
  • create your EC2 keypari
  • create your RDS SQL instance
  • Bake your amazon machine image
  • create your launch configuration
  • create your auto-scaling group
  • create your elastic load balancer
  • test, break, fix, celebrate
Understand NAT
You may need NAT for VPN. Two types NAT methods: NAT Instance and NAT Gateway

VPC: NAT Instance

Wednesday, September 13, 2017

Building a 3S (Scalable, Stable and Secure) AWS Test Environment - Part 1

Gartner Magic Quadrant for Cloud Infrastructure as a Service, Worldwide June 2017
Gartner's Magic Quadrant
for Cloud Infrastructure as a Service,
Worldwide June 2017. 
According to Gartner, Amazon Web Services (AWS) has became as the undisputed leading cloud provider in the world. AWS is rated “the most mature, enterprise-ready provider, with the deepest capabilities for governing a large number of users and resources.” Gartner says it can satisfy the cool kids who want cloud-native and old hands who want to shift traditional workloads to the cloud, in part because independent software vendors have clambered aboard in large numbers.

AWS has a good documentation Quick Start deployment guide which present a good example to build a VPC environment with the following features:
  • Up to four Availability Zones for high availability and disaster recovery. Availability Zones are geographically distributed within a region and spaced for best insulation and stability in the event of a natural disaster. AWS recommends maximizing your use of Availability Zones to isolate a data center outage. 
  • Separate subnets for unique routing requirements. AWS recommends using public subnets for external-facing resources and private subnets for internal resources. For each Availability Zone, this Quick Start provisions one public subnet and one private subnet by default.
  • Additional layer of security. AWS recommends using network access control lists (ACLs) as firewalls to control inbound and outbound traffic at the subnet level. This Quick Start provides an option to create a network ACL protected subnet in each Availability Zone. These network ACLs provide individual controls that you can customize as a second layer of defense.
  • Independent routing tables configured for every private subnet to control the flow of traffic within and outside the Amazon VPC. The public subnets share a single routing table, because they all use the same Internet gateway as the sole route to communicate with the Internet.
  • Highly available NAT gateways, where supported, instead of NAT instances. NAT gateways offer major advantages in terms of deployment, availability, and maintenance.
  • Spare capacity for additional subnets, to support your environment as it grows or changes over time.