Unlocking Seamless Application Streaming with AWS AppStream 2.0

Introduction:

AWS AppStream 2.0 is a cutting-edge managed application streaming service designed to provide virtualized access to desktop applications from anywhere in the world using thin client devices. This fully managed service dynamically scales based on demand or customizable threshold limits, offering a responsive, fluid, and high-definition experience.

Key Features of AppStream 2.0:

1. Convert to SaaS: Transform traditional applications into Software as a Service (SaaS) models for enhanced accessibility.
2. Cloud Rendering: Render content in the cloud for improved performance and flexibility.
3. Device Agnostic Streaming: Stream applications to any device, enabling a truly flexible and device-agnostic experience.
4. Scalability on Demand: Automatically scale in and out based on demand or user-defined threshold limits.
5. Host Entire or Partial Applications: Choose to host either the entire application or specific parts, offering versatility in deployment.

Differentiating AppStream 2.0 from Amazon WorkSpaces:

While both services offer virtualization, AppStream 2.0 focuses on application streaming, while Amazon WorkSpaces is geared towards virtual desktop infrastructure (VDI), emphasizing the distinction between desktop and application-centric solutions.

Constructing Your AppStream 2.0 Environment:

To build a robust AppStream 2.0 environment, consider the following components:

1. Images: Utilize public or private images to create customized application configurations.
2. Fleets: Opt for On-Demand, Always-On, or Elastic fleets to meet varying usage scenarios.
3. Stacks: Configure permissions, user settings, branding, and streaming protocols for a tailored user experience.
4. User Pool: Create user pools and assign stacks to streamline user access and management.
5. User Experience: Ensure end-to-end secured user experiences with comprehensive security measures.

Security Measures in AppStream 2.0:

AppStream 2.0 prioritizes security with the following features:

1. Non-Downloading of Applications: Applications are never downloaded to user devices, enhancing security.
2. Video Streaming: Data is streamed as video, minimizing security risks associated with traditional downloads.
3. Entitlement Service: Utilize entitlement services for authorized connections, ensuring secure access.
4. Cloud Security: Applications are securely hosted in the AWS Cloud, providing a protected environment.

Example Use Cases of AppStream 2.0:

AppStream 2.0 caters to diverse industry needs, such as:

1. 3D CAD Design: Streamlining complex design processes with seamless access.
2. Medical Imaging: Facilitating remote access to critical medical imaging applications.
3. Media and Entertainment: Enhancing collaboration in media production workflows.
4. Video Games: Enabling gaming experiences on various devices.
5. Consumer Electronics: Supporting applications in the development of consumer electronic devices.
6. Productivity Applications: Empowering remote workers with efficient access to productivity tools.

In conclusion, AWS AppStream 2.0 revolutionizes application streaming, providing a secure, scalable, and versatile solution for diverse industries and use cases.

DevOps Foundation

    

 Fundamentals of DevOps

These are the fundamentals of DevOps as is,

1. Code
2. Test
3. Deploy
4. Operation

Implementing of DevOps

1. Core Values
2. Core Ideas
3. Methods
4. Practice
5. Tools

Why DevOps?

In initial stages we were been using waterfall model, following to that we started to use Agile methodology, as we have some disadvantages in using Agile, like the development and operations teams are scattered and not able to work collaboratively and the process of agile is step by step process, in this case operations team can work only after developer releases the application. 

Then comes the DevOps methodology or framework where people can work collaboratively till the software delivery. 

By this way there is a significant increase on the development and operations lifecycle of about 50% faster on deployment and less failure with better recovery time in case of failure. 

DevOps CAMS

C - Culture - People / Process /Tools

A - Automation - Think automation is really required

M - Measurement - Monitoring and action on it

S - Sharing - Share the responsibility and share ownership

DevOps in 3 Ways....!

DevOps can be achieved in 3 different ways,

1. Flow Thinking
2. Amplifying Feedback
3. Experiment and Learn

DevOps - Big Overview to Remember

• People over process over tools
• Continuous Delivery
• Lean Management
• Infrastructure as Code

IT Divide

    Developers want to deliver features fast and deploy them quickly.

    Ops want system to be stable and uptime should be important. 

Culture of DevOps

• Blameless Postmortem
• Transparent Downtime
• Integrate Team 
• Extension of Agile
• Infrastructure as Code - Git for Ops

DevOps Terminology

• Provisioning - Making the Infra ready
• Deployment - Adding Software to the infra
• Orchestration - Co-ordinated operations on multiple systems
• Configuration Management - managing server via files
• Imperative (Procedural) - commands to produce desired state
• Declarative (Procedural) - desired state is defnied and tools will achieve it
• Idempotent - repeat execution and same results
• Blue Green Deployment - Identical deployment, used as switch
• Continuous Integration - build and unit test at every check
• Continuous Delivery - deploy on production line environment
• Continuous Deployment - after unit testing, deploy changes to production in small batch
• 
  

Chrome Enterprise: Configuring Google Safe Browsing, downloads and passw...

How to check if your Linux server is under DDOS Attack?

Login to your server as root and fire the following command, using which you can check if your server is under DDOS attack or not:

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort –n

This command will show you the list of IP’s which have logged in is maximum number of connections to your server.

DDoS becomes more complex as attackers use fewer connections with more number of attacking IP’s.In such cases, you should get less number of connections even when your server is under DDoS. One important thing that you should check is the number of active connections that your server currently has.For that execute the following command:

netstat -n | grep :80 |wc –l

The above command will show the active connections that are open to your server.

You can also fire the following command :

netstat -n | grep :80 | grep SYN |wc –l

Result of active connections from the first command will vary but if it shows connections more than 500, then you will be definitely having problems. If the result after you fire second command is 100 or above then you are having problems with sync attack.

Once you get an idea of the IP attacking your server, you can easily block it.

Fire the following command to block that ip or any other specific ip:

route add reject

Once you block a particular IP on the server, you can even crosscheck if the IP is blocked or not by using the following command:

route -n |grep

You can also block a IP with iptables on the server by using the following command.

iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT

service iptables restart

service iptables save

After firing the above command, KILL all httpd connection and than restart httpd service by using following command:

killall -KILL httpd

service httpd startssl

4 Ways to Speed Up SSH Connections in Linux

SSH is the most popular and secure method for managing Linux servers remotely. One of the challenges with remote server management is connection speeds, especially when it comes to session creation between the remote and local machines.

There are several bottlenecks to this process, one scenario is when you are connecting to a remote server for the first time; it normally takes a few seconds to establish a session. However, when you try to start multiple connections in succession, this causes an overhead (combination of excess or indirect computation time, memory, bandwidth, or other related resources to carry out the operation).

In this article, we will share four useful tips on how to speed up remote SSH connections in Linux.

1. Force SSH Connection Over IPV4
OpenSSH supports both IPv4/IP6, but at times IPv6 connections tend to be slower. So you can consider forcing ssh connections over IPv4 only, using the syntax below:

# ssh -4 [email protected]

Alternatively, use the AddressFamily (specifies the address family to use when connecting) directive in your ssh configuration file /etc/ssh/ssh_config (global configuration) or ~/.ssh/config (user specific file).

The accepted values are “any”, “inet” for IPv4 only, or “inet6”.

$ vi ~.ssh/config
Here is a useful starter guide on configuring user specific ssh configuration file:

Additionally, on the remote machine, you can also instruct the sshd daemon to consider connections over IPv4 by using the above directive in the /etc/ssh/sshd_config file.

2. Disable DNS Lookup On Remote Machine
By default, sshd daemon looks up the remote host name, and also checks that the resolved host name for the remote IP address maps back to the very same IP address. This can result into delays in connection establishment or session creation.

The UseDNS directive controls the above functionality; to disable it, search and uncomment it in the /etc/ssh/sshd_config file. If it’s not set, add it with the value no.

UseDNS  no
3. Reuse SSH Connection
An ssh client program is used to establish connections to an sshd daemon accepting remote connections. You can reuse an already-established connection when creating a new ssh session and this can significantly speed up subsequent sessions.

You can enable this in your ~/.ssh/config file.

Host *
ControlMaster auto
ControlPath  ~/.ssh/sockets/%[email protected]%h-%p
ControlPersist 600
The above configuration (Host *) will enable connection re-use for all remote servers you connect to using these directives:

ControlMaster – enables the sharing of multiple sessions over a single network connection.
ControlPath – defines a path to the control socket used for connection sharing.
ControlPersist – if used together with ControlMaster, tells ssh to keep the master connection open in the background (waiting for future client connections) once the initial client connection has been closed.
You can enable this for connections to a specific remote server, for instance:

Host server1
HostName   www.example.com
IdentityFile  ~/.ssh/webserver.pem
User username_here
ControlMaster auto
ControlPath  ~/.ssh/sockets/%[email protected]%h-%p
ControlPersist  600
This way you only suffer the connection overhead for the first connection, and all subsequent connections will be much faster.

4. Use Specific SSH Authentication Method
Another way of speeding up ssh connections is to use a given authentication method for all ssh connections, and here we recommend configuring ssh passwordless login using ssh keygen in 5 easy steps.

Once that is done, use the PreferredAuthentications directive, within ssh_config files (global or user specific) above. This directive defines the order in which the client should try authentication methods (you can specify a command separated list to use more than one method).

PreferredAuthentications=publickey
Optionally, use this syntax below from the command line.

# ssh -o "PreferredAuthentications=publickey" [email protected]
If you prefer password authentication which is deemed unsecure, use this.

# ssh -o "PreferredAuthentications=password" [email protected]
Finally, you need to restart your sshd daemon after making all the above changes.

# systemctl restart sshd   #Systemd
# service sshd restart          #SysVInit
For more information about the directives used here, see the ssh_config and sshd_config man pages.

# man ssh_config
# man sshd_config
Also check out these useful guides for securing ssh on Linux systems:

That’s all for now! Do you have any tips/tricks for speeding up SSH connections. We would love to hear of other ways of doing this. Use the comment form below to share with us.

Google's Balloon

BALLOON-POWERED INTERNET FOR EVERYONE

http://www.google.co.in/loon/

Asterisk WebRTC

After some days started working on WebRTC, finally succeeded with basic setup with Asterisk 11.6.0 (Current 11.x version) and latest stable SIPml5 API.

Now working on SMS like messaging, lets see how it goes.....

Reference Link:
System Setup
Troubleshooting