Azure VPN Gateway Troubleshooting Steps:

  1. Log in to the Azure Portal portal.azure.com
  2. Go to all services > type Virtual network gateway service.
  3. Select virtual gateway, for which we are facing the issue.
  4. Click on VPN troubleshoot.
  5. Start VPN troubleshooting after selecting the VPN gateway
  6. VPN logs will transfer to storage container
  7. Perform a deep analysis of VPN logs
  8. Second troubleshooting step is verifying the VPN gateway health probe using VPN Gateway public IP.

Eg: https://<PublicIP&gt;:8081/healthprobe

9. If you see the xml response then VPN gateway is working fine.

Copy files from one S3 bucket to another S3 bucket on same account

  1. Create a new S3 bucket testbucketbkp1.
  2. Create a new S3 bucket testbucketbkp2.
  3. Upload a test file to testbucketbkp1.
  4. Now install the AWS CLI on PC.
  5. Type aws configure

Enter the access key ID and secret access

6. Copy the objects between the source and target buckets using sync command

aws s3 sync s3://testbucketbkp1 s3://testbucketbkp2

8. The sync command uses the CopyObject APIs to copy objects between S3 buckets.

Public Cloud Vendor Service Icon Links

AWS Icons Link:

https://d1.awsstatic.com/webteam/architecture-icons/Q32020/AWS-Architecture-Icons-Deck_For-Dark-BG_20200911.pptx.d3ede776850ba23f4fdbf63270c3a0be9e801d25.zip

https://d1.awsstatic.com/webteam/architecture-icons/Q32020/AWS-Architecture-Icons-Deck_For-Light-BG_20200911.pptx.b238f9167071d2e7dccf32957782161dd1fe7a56.zip

GCP Icons Link:

https://docs.google.com/presentation/d/1aGOTpNdCoO4GXZ2es38ZFO5qPGEAjTtDSVeHaDpwsas/edit#slide=id.g5e923c6224_190_56

Azure Icons Link:

https://arch-center.azureedge.net/icons/Azure_Public_Service_Icons_V3.zip

Difference Between AWS Classic and Application Load Balancer:

FeatureClassic Load BalancerApplication Load Balancer
ProtocolsHTTP, HTTPS, TCP, SSLHTTP, HTTPS
PlatformsEC2-Classic, EC2-VPCEC2-VPC
Sticky sessions (cookies)YES (you can provide your own application cookie)Load balancer generated
Back-end server authenticationYESNO
Back-end server encryptionYESYES
Idle connection timeoutYESYES
Connection drainingYESYES
Cross-zone load balancingYESAlways enabled
Health checksYESYES
CloudWatch metricsYESYES
Access logsYESYES
Path-based routingNOYES
Route to multiple ports on a single instanceNOYES
HTTP/2 supportNOYES
Websockets supportNOYES
Load balancer deletion protectionNOYES

Cloud Storage Cost Details

PricingAWSAzureGoogle
StorageAmazon S3Azure blob storageGoogle Cloud storage
Pricing Details First 50TB/month –> $0.023 per GB
Next 450TB/month –> $0.022 per GB
Next 500TB/month –>$0.021 per GB
GRS (Global redundant system)
First 50TB/month –> $0.0368 per GB
Next 450TB/month –> $0.0354 per GB
Over 500TB/month  –> $0.0339 per GB
LRS (Local redundant system)
First 50TB/month –> $0.0184 per GB
Next 450TB/month à $0.0177 per GB
Over 500TB/month  à $0.0170 per GB
Cloud Storage:
Multi regional à $0.026 to 0.036 per GB/month
Regional à $0.02 to $0.035 per GB/month
Cold line (Archive) à $0.004 to $0..014 per month
Archive
Details
S3 Glacier (Archive) –> $0.004 per GBArchive –> 0.01 GB per monthCold line (Archive) –> $0.004 to $0..014 per month

F5 BIGPIPE AND TMSH COMMANDS

bigpipe commandTMSH Commands
b arp showshow /net arp all
b arp all deletetmsh delete /net arp all
b class DATA-GROUP mode readmodify ltm data-group DATA-GROUP access-mode read-only
b class showshow running-config /ltm data-group
b cluster showshow /sys cluster all-properties
b config save file.ucssave /sys ucs file.ucs
b config install file.ucsload /sys ucs file.ucs
b config syncrun /sys config-sync
b config syncrun /cm config-sync from-group/to-group DEVICEGROUPNAME
b conn showshow /sys connection
b conn show allshow /sys connection all-properties
b conn ss server node-ip:node-port deletedelete /sys connection ss-server-addr node-ip ss-server-port node-port
b daemon listlist /sys daemon-ha all-properties
b db < key name > < value >modify /sys db < key name > value < value >
b db Platform.PowerSupplyMonitor disabletmsh modify sys db platform.powersupplymonitor value disable
b db showshow running-config /sys db -hidden all-properties
b export my.config.scfsave /sys scf my.config.scf
b failover standbyrun /sys failover standby
b failover showshow /sys failover
b failover standbyrun /util bigpipe fo standby
b ha tableshow /sys ha-status all-properties
b hardware baud ratemodify /sys console baud-rate
b system console inactivity timeout #tmsh modify sys global-settings console-inactivity-timeout #
b ha table showshow /sys ha-status all-properties
b httpd listlist /sys httpd
b interface show -jshow /net interface -hidden all-properties
b loadload sys config partitions all
b mergeload /sys config merge
b merge /path/to/file.txttmsh load /sys config file /path/to/file.txt merge
b mgmt showshow running-config /sys management-ip
b mgmt route any gateway 192.168.0.1tmsh create /sys management-route default gateway 192.168.0.1
b monitor showshow /sys memory
b nat showshow /ltm nat all or list /ltm nat all-properties
b node all monitor showlist ltm node monitor
b node showshow /ltm node
b ntp servers 10.10.10.10modify sys ntp servers add { 10.10.10.10 }
b partitionlist auth partition
b persisttmsh show ltm persistence persist-records
b platformshow /sys hardware
b pool listlist /ltm pool
b pool mypool member 192.168.0.1:80 addtmsh modify /ltm pool mypool members add { 192.168.0.1:80 }
b pool mypool member 10.10.10.10:80 down(v10.2.4) tmsh modify ltm pool webbian443 members modify { 192.168.10.16:https { state down } } | (v11.1) tmsh modify ltm pool httppool1 members modify { 10.10.10.10:80 { state user-down }
b savesave sys config
b self showshow running-config /net self
b softwareshow sys software
b versionshow /sys version
b virtual address showshow /ltm virtual-address all-properties

Azure- Increase the VM Size

  1. Login to Azure cloud website https://portal.azure.com
  2. Go to the search tab  and  type  virtual machine
  3. Click on virtual machine which you want to upgrade
  4.  Go to settings > size
  5. Select the new size as mentioned below

VM1

6. Click on resize

If the virtual machine is currently running, changing its size will cause it to be restarted. Please schedule the activity in maintenance window.

 

Powershell commands to resize the VM;

$vm = Get-AzVM -ResourceGroupName $resourceGroup -VMName $vmName
$vm.HardwareProfile.VmSize = “<newVMsize>”
Update-AzVM -VM $vm -ResourceGroupName $resourceGroup

Azure Backup – Recovery Service Vault

  1. Login to  https://portal.azure.com
  2.  Search for Recovery service vault

Azure-1

3. Click on Recovery services vaults

Azure-2

4.  Provide Subscription name, Resource group, vault name and region details and click   review and create it.

5.  Now go to newly created recovery service vaultAzure-3

5.  Go to Settings  > Properties and configure backup configuration according to your requirement (Locally Redundant or Geo Redundant)

Azure-4

6.  Now go to getting started > Backup > Select workload as Azure and virtual machine under want do you to backup

Azure-5

7. Click on Backup, either select default policy or create a new policy according to your business requirement

Azure-6

Azure-7

 

8.  Click ok and now add virtual machine to the backup policy.

Azure-8

9. Click ok and deployment will start for backup.

10. Go to protected items > Backup items

Azure9

11. Now VM backup will happen according to the schedule configuration.

Azure-10

Restricting to the F5 webui access

  • To verify existing allowed subnets use the below command from F5 CLI:

tmsh list /sys httpd allow

  • To modify the existing allowed IP’s or subnets for F5 webui access use the below command.

             tmsh modify /sys httpd allow add { <IP address or IP address range> }

   tmsh modify /sys httpd allow add {1.1.1.1}

             tmsh modify /sys httpd allow add {172.1.0.0/255.255.0.0}

After updating the subnets save the configuration using the below command.

tmsh save /sys config

  •         To replace all the existing values use the below command.

            tmsh modify /sys httpd allow replace-all-with { <IP address or IP address range> }

          tmsh modify /sys httpd allow replace-all-with { 172.2.0.0/255.255.255.0 }

After updating the subnets save the configuration using the below command.

tmsh save /sys config