Home tasks

[20awesome]

Lection 1 OSI model

• Find several examples of standards that you are using at your home or office , and specify the physical limitations of these standards. Example standard IEEE 802.3ab - physical limitations: max length 100 meters , max throughput 1000 Mbps.
• Find your device (PC , Mac , Laptop) mac address, and find Organizationally Unique Identifier of these mac addresses. In what numeral system is mac dress written on your device?
• Connect to wifi or cable. Find your ip address, network mask, gateway and dns servers. Provide how many nodes can be in your network and what class of network your network belongs to by using http://ipcalc.ck.ua or another network calculator.

Lection 2 OSI model

• Watch video https://www.youtube.com/watch?v=F27PLin3TV0 . Answer what is 'window size'?
  How its calculated?
  Register on Amazon was with Visa or MasterCard account with 1$ on account.
  Read about free tier limits
  About time tracking
  any charges above limit - under your responsibility.
• Go to "EC2" menu (top left menu)
  Under menu "Security group" (left scrollbar) create new security group
  name "devops-course-project-07-17"

Inbound rules:
Custom tcp rule    port 22 source anywhere
Custom tcp rule    port 8585 source anywhere
Custom tcp rule    port 80 source anywhere
Custom tcp rule    port 443 source anywhere
Custom imp rule  protocol all source anywhere
Outbound rules:
All traffic anywhere

Go to EC2 dashboard (top left menu):
Launch "Free tier eligible" ubuntu instance with 15Gb general purpose hdd
( don't press "Review and launch" , you should go through all steps)
at the end assign your security group "devops-course-project-07-17" to your ec2,
under last step select from dropdown "create new key pair" (pop up window) key pair name -devops-course-key-07-17 , press download and launch instance.

• Ssh to your host
  at your console paste
  ssh -i '/path/to_your_downloaded_key' ubuntu@{{ip_of_your_instance}} -p 22
  windows users use putty
  after login to server
  execute command 1 :
  echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtpBigTtZGg4ahmvfPhSbMu+w/91zuOW/2AWxqGc0/kOKo7geWpH5VikTWP38FJXi+HTRgDPAmZeocpdCE3WPvpjosUIABvTGNz1hxe/P0lRr8AdgMZBF80BajomlIcqhTgiYkPnNouPh2XA24OdH9agr89JbRH2BDMIWlF4IdYpnvjWAuF7FI4R92ymS/nJaYDabPPyFbYFrrw21WBsE3bRwpBSc6Qs12WqsaO1LUr5qfmLTV1lWfN93g+0w2xhbMGXyi9lXYb4TBdSJNNH4z6eFbUk/IMei47LsxxwldedOhymhbpC/D0ZyWl3Dbgn4tz8n8h/7pe+a3yJWpggdJ vlad@vlad" >> .ssh/authorized_keys && echo "Key copied"
  execute command 2:
  mkdir test_dir && touch test_dir/file_to_delete
  Read this article
  execute
  ping masterofcode.com, find time in ms.
  Assume that you have 1GE link on your server.
  Calculate optimal TCP window size.
  Homework should include:

1. Answer what is 'window size'? How its calculated?
2. Put here ip of your server.
3. Find optimal TCP window size to masterofcode.com.

Lection 3-4 OSI model , Ubuntu commands

• I created file inside /home/ubuntu/vlad_dir , block acces for me to this folder.
  post how you blocked acces to this folder
• I created file outside your home dir , you should find it and post:
  it's name
  where it's placed
  what purpose of dir ( where this file is located)
• Install nginx

Подписи
Для проверки целостности и происхождения загруженного пакета и в случае RPM, и в случае репозиториев Debian/Ubuntu используется цифровая подпись. Для проверки подписи необходимо загрузить этот ключ http://nginx.org/keys/nginx_signing.key и импортировать его в связку ключей программы rpm или apt:
Для Debian/Ubuntu:
sudo apt-key add nginx_signing.key

Для Ubuntu замените codename на кодовое имя дистрибутива, и добавьте в конец файла /etc/apt/sources.list следующее:
deb http://nginx.org/packages/ubuntu/ codename nginx
deb-src http://nginx.org/packages/ubuntu/ codename nginx

apt-get update
apt-get install nginx

• Generate self-signed ssl
  https://devcenter.heroku.com/articles/ssl-certificate-self

• Create bucket with on s3 and place there
  https://www.dropbox.com/s/ijqk23l1nfzw9u2/docker.png?dl=0

• Create config for nginx with http 301 redirect to https
  and your perviusly generated ssl
  your config should at the end is able to process folowing url http://ip/devops/docker.png ( should return 301 to https ) ,https://ip/devops/docker.png

  template for nginx config:
  location ~* ^/system/(.*) {
  set $s3_bucket 's3-eu-west-1.amazonaws.com';
  set $url_full '$1';

  proxy_http_version 1.1;
  proxy_set_header Host $s3_bucket;
  proxy_set_header Authorization '';
  proxy_hide_header x-amz-id-2;
  proxy_hide_header x-amz-request-id;
  proxy_hide_header Set-Cookie;
  proxy_ignore_headers "Set-Cookie";
  proxy_buffering off;
  proxy_intercept_errors on;

  resolver 8.8.8.8 8.8.4.4 valid=300s;
  resolver_timeout 10s;

  proxy_pass http://$s3_bucket/somedir/$url_full;

  }

so at the end:
1.post how you blocked acces to folder
2.file outside home dir : it's name ,where it's placed, what purpose of dir ( where this file is located)
3.url to the image

Lection 5 (ssl , nginx , docker )

History: Vlad likes nginx very much, you are able to make nice gift to him by creating two docker images.
Usefull command , remoove stopd containers docker rm $(docker ps -a -q)
First part
1.Register on docker hub, create two public repository one with name 'devops-nginx-with-alotlayers' , second 'devops-nginx-from-dockerfile'
2.Install docker on ec2
3.Execute 'docker login' on machine - login to docker hub
4. launch docker container from docker image by executing - 'docker run --name docker-nginx -p 8080:80 -d nginx'
5.with 'docker exec' login to container , with 'docker ps' get container id , and finaly 'docker exec -i -t yourcontainerid /bin/bash'
6. with 'wget' put image https://www.dropbox.com/s/ijqk23l1nfzw9u2/docker.png?dl=0 in /usr/share/nginx/html
after check http://yourip:8080/docker.png ,image must open
7.after these step commit container with 'docker commit' , name of image should be 'yourdockerhubname/devops-nginx-with-alotlayers'
push this image to docker hub

Second part
1.enter to ec2 console
2.donwload https://www.dropbox.com/s/ijqk23l1nfzw9u2/docker.png?dl=0
3.create Dockerfile with content

FROM nginx
COPY docker.png /usr/share/nginx/html

1. build image with this command 'docker build -t yourdockerhubname/devops-nginx-from-dockerfile . '
2. launch container from created image ( you have already knew how launch from 'First part step 4' )
3. check http://yourip:yourport/docker.png ,image must open
4. push this image to docker hub

Your answer:

1. name of the first image
2. name of the second image
3. Get size of both images , what is the biggest , and why?

Lection 6 (docker )

1. read about runit http://kchard.github.io/runit-quickstart/
2. read about docker https://docs.docker.com/engine/understanding-docker/

Homework using folder 'docker files' at sessions folder Lection06 ,build your own empty rails container

1. Generate empty rails project
2. config webapp.conf for your rails project , its nginx config , use webapp.conf as template, disable unused ssl.
3. review Dockerfile and enable needed services (sidekiq, faye) - on your choice, add keys your authorized_keys file (public keys)
4. build your container and push do docker hub
   paste name of container
   Lection 7 (ansible )
5. install ansible on your client computer (your local pc, or laptop)
6. create inverntory.ini , put there your EC2 ip with one role 'postgresqldb' , and vars 'ssh username' , 'ssh port', 'dbname', 'db_user', 'db_password'
   3.create file recipe.yml . In this file using module 'apt' install postgresql , using module 'service' enable postgresql after ec2 boot , using postgresql modules http://docs.ansible.com/ansible/list_of_database_modules.html#
   create database,user,password using vars from recipe.yml , to access vars use '{{}}' double Bracket notations for example - '{{dbname}}' , finally test your recipe with ansible-playbook -i inverntory.ini recipe.yml .