Thursday, 25 June 2020

CISCO VPN - Docker Issue

Docker server means Docker Process alias Docker daemon. In the oracle vm docker daemon process is running.

Now from windows 10 ( Guest) Wants to talk with Docker Daemon process.  Now if you on cisco vpn then

Windows (10) Guest --> cisco vpn 

Now cisco vpn doesn't know who is the docker daemon process.

"Now we will use port forward technice like we are using in putty", now we will apply same technique through docker command style.

Now giving step by step process.

Click on docker quick start terminal > 

 Delete existing oracle vm instance default
1)  $docker-machine rm -f default

//Now we need create new docker instance (server)
2)  $docker-machine create default --virtualbox-no-vtx-check , if it's throwing error due to proxy then run below command

In case of proxy:
docker-machine create default --virtualbox-no-vtx-check \
--engine-env HTTP_PROXY=http://username:pwd@proxy-server:8080/ \
--engine-env HTTPS_PROXY=http://username:pwd@proxy-server:8080/ \
--engine-env NO_PROXY=localhost,127.0.0.1,10.96.0.0/12,192.168.99.0/24,192.168.39.0/24

//docker-env: This is very important step.
 3) $docker-machine env
     $eval $("C:\Softwares\Docker Toolbox\docker-machine.exe" env)

In case 3rd step failing, then you need manual enter below environment varialbes.
export DOCKER_HOST=tcp://192.168.99.101:2376
export DOCKER_TLS_VERIFY=auto
export DOCKER_TOOLBOX_INSTALL_PATH=C:\Softwares\Docker Toolbox
export DOCKER_CERT_PATH=C:/Users/rameshvanka/.docker/machine/machines/default

//check now docker is working or not
4) docker images

4th step not working means our vpn hero enter in the middle

cisco-vpn issue:
___________________

Reference: https://www.iancollington.com/docker-and-cisco-anyconnect-vpn/

$ export DOCKER_HOST="tcp://127.0.0.1:2376"
$ export DOCKER_CERT_PATH=C:/Users/rameshvanka/.docker/machine/machines/default

$ docker-machine stop default
$ VBoxManage modifyvm "default" --natpf1 "docker,tcp,,2376,,2376"
$ docker-machine start default

$ docker --tlsverify=false ps


$ alias docker='docker --tlsverify=false'

$ docker pull hello-world
pull giving error means then we need to follow below steps.

Reference : http://biercoff.com/fixing-docker-registry-io-timeout-issue-on-mac/

//Now connect oracle vm default through docker-machine:
$ docker-machine ssh default

****************NameServer update start******************************************
//change the nameserver
docker@default:~$ sudo vi /etc/resolv.conf
nameserver 8.8.8.8
****************NameServer update end*********************************************

****************profile update start******************************************
//If any proxy is there , configure the proxy details 
docker@default:~$ sudo vi /var/lib/boot2docker/profile

EXTRA_ARGS='
--label provider=virtualbox

'
CACERT=/var/lib/boot2docker/ca.pem
DOCKER_HOST='-H tcp://0.0.0.0:2376'
DOCKER_STORAGE=overlay2
DOCKER_TLS=auto
SERVERKEY=/var/lib/boot2docker/server-key.pem
SERVERCERT=/var/lib/boot2docker/server.pem

export "HTTP_PROXY=http://username:pwd@proxy-server:8080/"
export "HTTPS_PROXY=http://username:pwd@proxy-server:8080/"
export "NO_PROXY=localhost,127.0.0.1,10.96.0.0/12,192.168.99.0/24,192.168.39.0/24"

****************profile update end******************************************

//Now exit from docker default vm
docker@default:~$ exit

//Now restart docker default vm
$ docker-machine restart default

//Now check docker is working or not
$ docker pull hello-world


If you like my article, say yes in comments section.
Posted by at No comments:

Wednesday, 17 June 2020

OAUTH2

What is Oauth2 ?

I had went krutunga restaurant in my car. In the restaurant parking person is there, I will hand over my car keys to that hotel parking person. He will park my car into parking area.

Means ?

I am delegating my access to hotel parking person to park my car.

I ( Ramesh) - Resource Owner - User Context
Hotel Parking Person - Client - Client Context
Car - Resource

In the oauth2 means having 2 contexts 1) User Context 2) Client Context don't confuse.

Oauth2 id "Delegate Access Protocol"

OAuth2 having 4 main pillars
1) End User - Resource Owner
2) Client - Web application client/ any other
3) Authorization Server
4) Resource


Difference between Password Credentials and Authorization Code ?

In Password Credentials, EndUser (Ramesh) will give his credentials to Webapp Client, then Webapp Client will talk to (EndUser Credentials + Webapp Client Credentials) to Authorization Server.

In case Authorization code,
1) EndUser (Ramesh) will not share his credentials to Webapp Client,
Instead Authorization server will give login form, Enduser will enter his credentials login form, Authorization will evaluate it.

For Authorization code example:
https://www.linkedin.com/pulse/basic-oauth2-concepts-ramesh-vankayala-ramesh-vankayala/?published=t


I will update soon with diagrams to explain this concept.

Posted by at No comments:
Subscribe to: Posts (Atom)