Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover
Title Page
Copyright
Dedication
About the Author
Acknowledgments
Introduction
What Is the Current State of DevOps?
Who Should Read This Book?
How This Book Is Organized
Part I: Infrastructure as Code, Configuration Management, Security, and Administration
Part II: Containerization and Deploying Modern Applications
Part III: Observability and Troubleshooting
What You’ll Need
Downloading and Installing VirtualBox
Companion Repository
Editor
Part I: Infrastructure as code, Configuration management, security, and administration
Chapter 1: Setting Up a Virtual Machine
Why Use Code to Build Infrastructure?
Getting Started with Vagrant
Installation
Anatomy of a Vagrantfile
Basic Vagrant Commands
Getting Started with Ansible
Installation
Key Ansible Concepts
Ansible Playbook
Basic Ansible Commands
Creating an Ubuntu VM
Summary
Chapter 2: Using Ansible to Manage Passwords, Users, and Groups
Enforcing Complex Passwords
Installing libpam-pwquality
Configuring pam_pwquality to Enforce a Stricter Password Policy
Linux User Types
Getting Started with the Ansible User Module
Generating a Complex Password
Linux Groups
Getting Started with the Ansible Group Module
Assigning a User to the Group
Creating Protected Resources
Updating the VM
Testing User and Group Permissions
Summary
Chapter 3: Using Ansible to Configure SSH
Understanding and Activating Public Key Authentication
Generating a Public Key Pair
Using Ansible to Get Your Public Key on the VM
Adding Two-Factor Authentication
Installing Google Authenticator
Configuring Google Authenticator
Configuring PAM for Google Authenticator
Configuring the SSH Server
Restarting the SSH Server with a Handler
Provisioning the VM
Testing SSH Access
Summary
Chapter 4: Controlling User Commands with sudo
What Is sudo?
Planning a sudoers Security Policy
Installing the Greeting Web Application
Anatomy of a sudoers File
Creating the sudoers File
The sudoers Template
Provisioning the VM
Testing Permissions
Accessing the Web Application
Editing greeting.py to Test the sudoers Policy
Stopping and Starting with systemctl
Audit Logs
Summary
Chapter 5: Automating and Testing a Host-Based Firewall
Planning the Firewall Rules
Automating UFW Rules
Provisioning the VM
Testing the Firewall
Scanning Ports with Nmap
Firewall Logging
Rate Limiting
Summary
Part II: containerization and deploying modern applications
Chapter 6: Containerizing an Application with Docker
Docker from 30,000 Feet
Getting Started with Docker
Dockerfile Instructions
Container Images and Layers
Containers
Namespaces and Cgroups
Installing and Testing Docker
Installing the Docker Engine with Minikube
Installing the Docker Client and Setting Up Docker Environment Variables
Testing the Docker Client Connectivity
Containerizing a Sample Application
Dissecting the Example telnet-server Dockerfile
Building the Container Image
Verifying the Docker Image
Running the Container
Other Docker Client Commands
exec
rm
inspect
history
stats
Testing the Container
Connecting to the Telnet-Server
Getting Logs from the Container
Summary
Chapter 7: Orchestrating with Kubernetes
Kubernetes from 30,000 Feet
Kubernetes Workload Resources
Pods
ReplicaSet
Deployments
StatefulSets
Services
Volumes
Secrets
ConfigMaps
Namespaces
Deploying the Sample telnet-server Application
Interacting with Kubernetes
Reviewing the Manifests
Creating a Deployment and Services
Viewing the Deployment and Services
Testing the Deployment and Services
Accessing the Telnet Server
Troubleshooting Tips
Killing a Pod
Scaling
Logs
Summary
Chapter 8: Deploying Code
CI/CD in Modern Application Stacks
Setting Up Your Pipeline
Reviewing the skaffold.yaml File
Reviewing the Container Tests
Simulating a Development Pipeline
Making a Code Change
Testing the Code Change
Testing a Rollback
Other CI/CD Tooling
Summary
Part III: Observability and troubleshooting
Chapter 9: Observability
Monitoring Overview
Monitoring the Sample Application
Installing the Monitoring Stack
Verifying the Installation
Metrics
Golden Signals
Adjusting the Monitoring Pattern
The telnet-server Dashboard
PromQL: A Primer
Alerts
Reviewing Golden Signal Alerts in Prometheus
Routing and Notifications
Summary
Chapter 10: Troubleshooting Hosts
Troubleshooting and Debugging: A Primer
Scenario: High Load Average
uptime
top
Next Steps
Scenario: High Memory Usage
free
vmstat
ps
Next Steps
Scenario: High iowait
iostat
iotop
Next Steps
Scenario: Hostname Resolution Failure
resolv.conf
resolvectl
dig
Next Steps
Scenario: Out of Disk Space
df
find
lsof
Next Steps
Scenario: Connection Refused
curl
ss
tcpdump
Next Steps
Searching Logs
Common Logs
Common journalctl Commands
Parsing Logs
Probing Processes
strace
Summary
Index
← Prev
Back
Next →
← Prev
Back
Next →