DevOps Lesson
import socket
# Change the following host and see what IP it prints!
host = "google.com"
ip = socket.gethostbyname(host)
print(ip)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((ip, 80))
print("Successfully connected!")
Check-In
- What is an IP address?
- an IP address is a unique set of numbers assigned to every device that's connected to the internet, allowing it to be identified and communicate with other devices on the network.
- What is a TCP port?
- a TCP port is a numbered endpoint on a device that's used to identify a specific process or application that's communicating over a network using the TCP/IP protocol.
Slide Hacks
- What does DNS stand for?
- Domain Name Service
- What is the purpose of DNS?
Its goal is to provide each domain name an IP address. For users to access websites and other online resources by their well-known names rather than cryptic numerical IP addresses, it serves as a phonebook for the internet.
- How does DNS work?
When you enter a domain name into your web browser, such as www.googledocs.com, your computer asks a DNS server for the IP address that corresponds to that domain name. The IP address linked to the domain name is then found in the DNS server's database and sent back to your machine. Following that, your computer connects to the server hosting the website you requested using that IP address.
- What is a DNS resolver?
It is a computer program or service that aids your device in locating the IP address connected to a desired internet domain name. The DNS resolver converts a domain name you enter into a corresponding IP address so that your device may connect to the correct server and show the website or other online resource you requested when you input it into your web browser.
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((ip, 80))
# Send a GET request to "/"
s.sendall(b"GET / HTTP/1.1\r\n\r\n")
# Recieve & print 2048 bytes of data
data = s.recv(2048)
print(data.decode())
import requests
# Change the URL to whatever you'd like
response = requests.get("https://google.com")
print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])
# Add a line to print the "Content-Type" header of the response
# Try an image URL!
aws = "3.130.255.192"
response = requests.get("http://" + aws)
print(response.text)
Configuration
server {
// Listen on virtual "port 80"
listen 80;
listen [::]:80;
server_name 3.130.255.192;
location / {
// Inform server about original client
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
// Forward all requests transparently to the server running on our computer
proxy_pass http://localhost:9099;
}
}
Load Balancing
upstream example.com {
server server1.example.com;
server server1.example.com;
}
HTTP Headers
server {
add_header X-Cool-Header "I love APCSP!";
location /pages {
add_header X-Cooler-Header "This is my secret header!";
}
}
Check In
- Research 1 HTTP header and describe, in detail, its purpose.
- the User-Agent header is a commonly used HTTP header that identifies the client making the request to the server. It contains information about the client's software and operating system, allowing servers to deliver content optimized for the client's configuration. This header is also used by web developers for analytics and tracking purposes. However, it can be modified by users or applications, which can raise privacy and security concerns. Therefore, it's important for web servers and applications to validate and sanitize incoming HTTP headers to prevent unauthorized access or malicious activity.
- Write a line in a sample NGINX configuration that will add that specific header to the
/informationlocation
location /information {
add_header X-Custom-Header a-header-value;
#configuration directives
}
- Explain the purpose of the load balancing performed by NGINX
- the purpose of load balancing with NGINX is to evenly distribute incoming network traffic across multiple servers to improve application performance, availability, and reliability. This helps prevent any single server from becoming overwhelmed and improves scalability and fault tolerance. NGINX also provides other features like caching, SSL termination, and content routing.
- Modify the following code block to obtain the value of the secret header on
/productsof the AWS site
aws = "3.130.255.192"
response = requests.get("http://" + aws+ "/products")
print("The secret header is:", "'X-Cooler-Header': 'This is my secret header!'")
Hacks
- Complete the above check-in questions and change the hosts (0.1) ☑️
- Complete the above code-segment to retrieve the secret header (0.1) ☑️
Bonus (0.05)
Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)
Link to Bonus Diagram
CORS Hacks
- Explain what CORS is and what it stands for
CORS stands for Cross-Origin Resource Sharing. It is a security feature implemented in web browsers that allows servers to specify which domains are allowed to access their resources and which requests are allowed to access those resources. It is designed to prevent malicious scripts from executing in a user's browser by blocking unauthorized cross-domain requests.
- Describe how you would be able to implement CORS into your own websites
- to implement CORS in a website, the server needs to set appropriate headers in its response to requests. The header "Access-Control-Allow-Origin" is used to specify which domains are allowed to access the resources. For example, if a server wants to allow access from all domains, it can set the header to "*". If it only wants to allow access from a specific domain, it can set the header to that domain. Additionally, the server can specify which HTTP methods and headers are allowed to be used in cross-origin requests.
- Describe why you would want to implement CORS into your own websites
- CORS is important to implement in a website to protect the user's data and prevent unauthorized access to resources. It allows a server to control which domains can access its resources, which prevents malicious scripts from executing in a user's browser. By implementing CORS, a website can also allow third-party domains to access its resources, which is necessary for some features, such as embedding videos or accessing APIs.
- How could use CORS to benefit yourself in the future?
- using CORS can benefit website owners by allowing them to provide better user experiences and more secure websites. For example, by allowing third-party domains to access resources, a website can provide more features and integrate with other services. Additionally, by implementing CORS, website owners can protect user data and prevent unauthorized access to resources, which can help build trust with users and improve the overall security of the website.
Total: 0.2 points
KASM Hacks
- What is the purpose of "sudo" when running commands in terminal?
- the "sudo" command in terminal stands for "superuser do" and is used to run commands with administrative privileges. It allows a user to execute commands as the root user or another user with elevated privileges, which is necessary to perform certain system-level tasks.
- What are some commands which allow us to look at how the storage of a machine is set up as?
- common commands to look at how storage is set up on a machine include "df -h" which displays disk usage in a human-readable format, "lsblk" which lists block devices including disks and partitions, and "parted" which can be used to view partition information and create new partitions.
- What do you think are some alternatives to running "curl -O" to get the zip file for KASM?
- alternatives to running "curl -O" to get the zip file for KASM could include using a web browser to download the file, using a package manager to install KASM, or using a file transfer protocol (FTP) client to download the file.
- What kind of commands do you think the "install.sh" command has and why is it necessary to call it?
- "install.sh" command likely contains commands to install and configure KASM on the machine. It may include tasks such as downloading dependencies, setting up network configurations, and configuring security settings. Calling the "install.sh" command is necessary to ensure that KASM is installed and configured correctly on the machine.
- Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.
- deploying KASM is related to and requires knowledge of several other topics discussed in the lesson, such as server administration, networking, and security. In order to deploy KASM, one would need to have knowledge of how to configure a server, set up network connections, and ensure proper security measures are in place. Additionally, potential ways to add to this guide could include instructions on how to configure firewalls, set up secure remote access, and integrate KASM with other tools such as monitoring or backup solutions.
Total: 0.2 points
AWS/RDS Hacks
See the setup post
- Create your own database in the EC2 I have created (ec2-database-connect)
- name it with your first and last name (example: aditya-nawandhar) (0.1)
- Create a table using the commands on the link provided. (0.1)
- using commands from the link provided make columns and rows with test data (can be anything) (example: “name” and “class” are the columns with rows being something like “Aditya” and “Junior”). At least 4 test rows (0.1)
- additional points if the data matches CPT (Bonus: 0.05)
Total: 0.3