Reverse proxy, forward proxy, examples.
Reverse proxy (more popular) a server or software component that sits between client devices and web servers. It receives client requests and forwards them to the appropriate backend servers. Unlike a forward proxy that handles client requests on behalf of the clients, a reverse proxy acts on behalf of the servers to handle incoming requests from clients.
e.g. Nginx for web application (forward, reverse), HAProxy, Apache Http server or Apache (reverse),
what does HTTP Request, REST API HTTP request response?
HTTP Request -> HTML (source code of web page)
REST API HTTP Request -> JSON (not for human to read)
k8s NodePort: targetPort, port, nodePort. Which one is mandtory?
Port. Therefore the targetPort will be the same as it. NodePort is randomly assigned. targetPort is the exposed port number of the pod. port is the port on the service object.
k8s service endpoint number how to check?
kubectl describe svc will print the endpoints. Endpoint mainly means the pods which the service is connecting.
K8s ingress controller vs load balancer? Vs nginx server?
Ingress controller contains load balancer + nginx server + other functions
K8s ingress controller role in k8s?
Ingress controller helps the apps deployed in k8s using a single accessible url that you can configure routes to different services within your cluster based on the url path. It also implement ssl security.
What kind of k8s object need to set up ingress controller?
Deployment, service type of node port, configMap, service account.
Term of ingress rules?
Ingress resources
链接cluster的网址怎么config?可以有多个吗?
Get different domain name, and then add multiple DNS entries all pointing to the same ingress controller service on your cluster
imperative vs declarative ? Explain in the context of k8s.
imperative means: cli tool to create sth.
declarative: use yaml manifest
multi-namespaces, how to create ing?
create ing in each ns
use exponential backoff to retry? meaning?
The term “backoff” refers to the practice of delaying subsequent attempts at retrying a failed operation. This delay is typically implemented to avoid overwhelming a system, reducing the chances of further failures due to excessive load or congestion. The backoff time can vary depending on the context.
OpenID connect? SSO? Their relationship? Any other similar tech to OpenID connect?
OpenID connect is a authentication protocol. It allows users to login to various app/web via a single set of credentials (google login). Similar tech like SAML. SAML and OpenID connect can be used to implement SSO. SSO, Social Login are similar things, the are just the concepts of above.
DNS? CNAME?
when type a url in browser, DNS system translate that domain name into IP points to the server where the website is hosted. In DNS, different types of DNS records serve various purposes in mapping domain names to specific resources or services on the internet. CNAME is a type of DNS record. A CNAME record maps one domain name to be an alias for another domain, i.e.
What is DNS? Explain an example DNS record type: A record
“A record” (Address record) is one of the fundamental types of DNS records used to translate domain names into IP addresses.
dig google.de
in answer section, it shows “A”
dig @8.8.8.8 sdw-dev.allianz.com
change DNS server
AAAA (quat A records)
3 main DNS records types
map an name such as google.de to IPv6
A, AAAA, CNAME
maps.google.com
www.google.com
what are maps/www
subdomain
www is usually for public facing website
how to resolve maps.google.com
org/coopoerate DNS server -> root DNS server -> .com DNS server -> google DNS server -> find IP
this is cached to the first DNS server
in /etc/resolv.conf
search rootdom.net wwg00m.rootdom.net allianzde.rootdom.net
nameserver 100.64.0.1
search means within company org DNS, if u ping web
it will actually ping
web.rootdom.net
web.wwg00m.rootdom.net
…
Apigee? main use case?
Apigee can be used to build reserver proxy for API, but it covers the whole lifecycle of APIs
Apigee concepts: api proxy, api product, app and developer, api token
api proxy: a proxy for your api
CDN and Akamai
A CDN, or Content Delivery Network, is a system of distributed servers that deliver web content to users based on their geographic location, mainly for static contect
CDN + Nginx on Sales
In a typical setup, Nginx can handle dynamic requests and backend operations within the Kubernetes cluster, while the CDN manages the delivery of static frontend assets globally. This combination ensures efficient handling of both dynamic and static content, optimizing the overall performance of your application.
what is the edgekey.net of Akamai
The edgekey.net domain is an internal DNS domain used by Akamai to dynamically route web traffic through its global network of edge servers for optimized content delivery and enhanced security.
