DevOps for the Desperate: A Hands-On Survival Guide

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

DevOps for the Desperate is a hands-on, no-nonsense guide for those who land in a DevOps environment and need to get up and running quickly. This book introduces fundamental concepts software developers need to know to flourish in a modern DevOps environment including infrastructure as code, configuration management, security, containerization and orchestration, monitoring and alerting, and troubleshooting. Readers will follow along with hands-on examples to learn how to tackle common DevOps tasks. The book begins with an exploration of DevOps concepts using Vagrant and Ansible to build systems with repeatable and predictable states, including configuring a host with user-based security. Next up is a crash course on containerization, orchestration, and delivery using Docker, Kubernetes, and a CI/CDpipeline. The book concludes with a primer in monitoring and alerting with tips for troubleshootingcommon host and application issues. You'll learn how to: • Use Ansible to manage users and groups, and enforce complex passwords • Create a security policy for administrative permissions, and automate a host-based firewall • Get started with Docker to containerize applications, use Kubernetes for orchestration, and deploycode using a CI/CD pipeline • Build a monitoring stack, investigate common metric patterns, and trigger alerts • Troubleshoot and analyze common issues and errors found on hosts

Author(s): Bradley Smith
Edition: 1
Publisher: No Starch Press
Year: 2022

Language: English
Commentary: Vector PDF
Pages: 186
City: San Francisco, CA
Tags: DevOps; Linux; Security; Python; Monitoring; System Administration; Docker; Deployment; Troubleshooting; Kubernetes; Continuous Integration; Containerization; SSH; Automation; Ansible; Testing; Test Automation; Vagrant; Container Orchestration; Configuration Management; Infrastructure as Code; Continuous Deployment; Firewalls; User Management; Password Management; VirtualBox; Observability; Nmap

DevOps for the Desperate
Brief Contents
Contents in Detail
About the Author
Acknowledgments
Introduction
What Is the Current State of DevOps?
Who Should Read This Book?
How This Book Is Organized
Part I: Infrastructure as Code, Configuration Management, Security, and Administration
Part II: Containerization and Deploying Modern Applications
Part III: Observability and Troubleshooting
What You’ll Need
Downloading and Installing VirtualBox
Companion Repository
Editor
Part I: Infrastructure as Code, Configuration Management, Security, and Administration
Chapter 1: Setting Up a Virtual Machine
Why Use Code to Build Infrastructure?
Getting Started with Vagrant
Installation
Anatomy of a Vagrantfile
Basic Vagrant Commands
Getting Started with Ansible
Installation
Key Ansible Concepts
Ansible Playbook
Basic Ansible Commands
Creating an Ubuntu VM
Summary
Chapter 2: Using Ansible to Manage Passwords, Users, and Groups
Enforcing Complex Passwords
Installing libpam-pwquality
Configuring pam_pwquality to Enforce a Stricter Password Policy
Linux User Types
Getting Started with the Ansible User Module
Generating a Complex Password
Linux Groups
Getting Started with the Ansible Group Module
Assigning a User to the Group
Creating Protected Resources
Updating the VM
Testing User and Group Permissions
Summary
Chapter 3: Using Ansible to Configure SSH
Understanding and Activating Public Key Authentication
Generating a Public Key Pair
Using Ansible to Get Your Public Key on the VM
Adding Two-Factor Authentication
Installing Google Authenticator
Configuring Google Authenticator
Configuring PAM for Google Authenticator
Configuring the SSH Server
Restarting the SSH Server with a Handler
Provisioning the VM
Testing SSH Access
Summary
Chapter 4: Controlling User Commands with sudo
What Is sudo?
Planning a sudoers Security Policy
Installing the Greeting Web Application
Anatomy of a sudoers File
Creating the sudoers File
The sudoers Template
Provisioning the VM
Testing Permissions
Accessing the Web Application
Editing greeting.py to Test the sudoers Policy
Stopping and Starting with systemctl
Audit Logs
Summary
Chapter 5: Automating and Testing a Host-Based Firewall
Planning the Firewall Rules
Automating UFW Rules
Provisioning the VM
Testing the Firewall
Scanning Ports with Nmap
Firewall Logging
Rate Limiting
Summary
Part II: Containerization and Deploying Modern Applications
Chapter 6: Containerizing an Application with Docker
Docker from 30,000 Feet
Getting Started with Docker
Dockerfile Instructions
Container Images and Layers
Containers
Namespaces and Cgroups
Installing and Testing Docker
Installing the Docker Engine with Minikube
Installing the Docker Client and Setting Up Docker Environment Variables
Testing the Docker Client Connectivity
Containerizing a Sample Application
Dissecting the Example telnet-server Dockerfile
Building the Container Image
Verifying the Docker Image
Running the Container
Other Docker Client Commands
exec
rm
inspect
history
stats
Testing the Container
Connecting to the Telnet-Server
Getting Logs from the Container
Summary
Chapter 7: Orchestrating with Kubernetes
Kubernetes from 30,000 Feet
Kubernetes Workload Resources
Pods
ReplicaSet
Deployments
StatefulSets
Services
Volumes
Secrets
ConfigMaps
Namespaces
Deploying the Sample telnet-server Application
Interacting with Kubernetes
Reviewing the Manifests
Creating a Deployment and Services
Viewing the Deployment and Services
Testing the Deployment and Services
Accessing the Telnet Server
Troubleshooting Tips
Killing a Pod
Scaling
Logs
Summary
Chapter 8: Deploying Code
CI/CD in Modern Application Stacks
Setting Up Your Pipeline
Reviewing the skaffold.yaml File
Reviewing the Container Tests
Simulating a Development Pipeline
Making a Code Change
Testing the Code Change
Testing a Rollback
Other CI/CD Tooling
Summary
Part III: Observability and Troubleshooting
Chapter 9: Observability
Monitoring Overview
Monitoring the Sample Application
Installing the Monitoring Stack
Verifying the Installation
Metrics
Golden Signals
Adjusting the Monitoring Pattern
The telnet-server Dashboard
PromQL: A Primer
Alerts
Reviewing Golden Signal Alerts in Prometheus
Routing and Notifications
Summary
Chapter 10: Troubleshooting Hosts
Troubleshooting and Debugging: A Primer
Scenario: High Load Average
uptime
top
Next Steps
Scenario: High Memory Usage
free
vmstat
ps
Next Steps
Scenario: High iowait
iostat
iotop
Next Steps
Scenario: Hostname Resolution Failure
resolv.conf
resolvectl
dig
Next Steps
Scenario: Out of Disk Space
df
find
lsof
Next Steps
Scenario: Connection Refused
curl
ss
tcpdump
Next Steps
Searching Logs
Common Logs
Common journalctl Commands
Parsing Logs
Probing Processes
strace
Summary
Index