DevOps Lesson

• Check-In
• NGINX
  • Configuration
    • Load Balancing
    • HTTP Headers
  • Check In
• Hacks
  • Bonus (0.05)
• CORS Hacks
• KASM Hacks
• AWS/RDS Hacks

import socket

# Change the following host and see what IP it prints!
host = "google.com"
ip = socket.gethostbyname(host)

print(ip)

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))
    print("Successfully connected!")

Check-In

1. What is an IP address?
2. What is a TCP port?

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))

    # Send a GET request to "/"
    s.sendall(b"GET / HTTP/1.1\r\n\r\n")

    # Recieve & print 2048 bytes of data
    data = s.recv(2048)
    print(data.decode())

import requests

# Change the URL to whatever you'd like
response = requests.get("https://google.com")

print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])

# Add a line to print the "Content-Type" header of the response
# Try an image URL!

NGINX

aws = "3.130.255.192"

response = requests.get("http://" + aws + '/information')
print(response.text)

Configuration

server {
    // Listen on virtual "port 80"
    listen 80;
    listen [::]:80;
    server_name 3.130.255.192;

    location / {
        // Inform server about original client
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        // Forward all requests transparently to the server running on our computer
        proxy_pass              http://localhost:9099;
    }
}

Load Balancing

upstream example.com {
    server server1.example.com;
    server server1.example.com;
}

HTTP Headers

server {
    add_header X-Cool-Header "I love APCSP!";

    location /pages {
        add_header X-Cooler-Header "This is my secret header!";
    }
}

Check In

1. Research 1 HTTP header and describe, in detail, its purpose.

When you visit Pornhub.com, your web browser sends a request to the porn server asking for the website's content to be displayed on your screen. The http header is a part of this request and it contains important information such as the type of web browser you are using, the language you prefer, and more importantly, it tells Porn's server to establish a secure connection with your device!

1. Write a line in a sample NGINX configuration that will add that specific header to the /information location

location /information { add_header Authorization "Bearer my_access_token"; ... }

1. Explain the purpose of the load balancing performed by NGINX

NGINX's load balancing function is aimed at enhancing performance, boosting availability, and minimizing the possibility of server failures by distributing incoming network traffic across multiple servers.

1. Modify the following code block to obtain the value of the secret header on /products of the AWS site

aws = "3.130.255.192"

response = requests.get("http://" + aws + "/products")

print("The secret header is:", response.headers['X-Cooler-Header'])

The secret header is: This is my secret header!

Hacks

• Complete the above check-in questions and change the hosts (0.1)

done

• Complete the above code-segment to retrieve the secret header (0.1)

done

Bonus (0.05)

Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)

CORS Hacks

1. Explain what CORS is and what it stands for

Cross-Origin Resource Sharing (CORS) is a security mechanism utilized by web browsers to regulate access to resources on a web page from web pages originating from different domains. Its purpose is to prevent malicious web applications from accessing sensitive data or performing unauthorized actions on behalf of users.

1. Describe how you would be able to implement CORS into your own websites

When implementing CORS in a website, the server-side application must specify the origins that are permitted to access its resources by setting the Access-Control-Allow-Origin header. Additionally, the server can set other headers to regulate the types of HTTP methods and headers that are allowed for use in cross-origin requests. By doing so, the server can safeguard sensitive data and ensure that only authorized requests are made to its resources.

1. Describe why you would want to implement CORS into your own websites

To permit access to resources that are hosted on a distinct domain, for instance, a third-party API.

1. How could use CORS to benefit yourself in the future?

It can show my skills in web security which will allow me to make a decent amount of income and provide for my family.

Total: 0.2 points

KASM Hacks

1. What is the purpose of "sudo" when running commands in terminal?

When working in a terminal, you can utilize the "sudo" command to run commands with elevated privileges. This allows you to execute commands as the root user, who has unrestricted access to the system and can perform administrative tasks that regular users are unable to do. The use of "sudo" is essential when executing tasks that require administrative privileges, such as the installation of software or the modification of system settings.

1. What are some commands which allow us to look at how the storage of a machine is set up as?

The "df" command is used to present information regarding the storage capacity of mounted file systems, including the amount of disk space currently being used and the available storage space. By executing this command, users can obtain a snapshot of the current state of their file systems and make informed decisions regarding their storage management strategies.

1. What do you think are some alternatives to running "curl -O" to get the zip file for KASM?

If you want to get a zip file, you can download it straight from a website and store it in a particular directory on your computer. This approach provides you with the freedom to choose where the file will be located and lets you retrieve it effortlessly in the future, without having to go back to the website every time.

1. What kind of commands do you think the "install.sh" command has and why is it necessary to call it?

When you execute the "install.sh" command, it's expected that there will be several commands inside that will install the software that the command is linked to. The reason why it's important to use "install.sh" is that it simplifies the installation process and makes sure that all the essential components are installed properly.

1. Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.

Deploying KASM needs an understanding of several concepts taught in the lesson, such as virtualization, Docker, and Kubernetes. You have to know how to create containers using Docker and how to run and manage these containers with Kubernetes. You also need to know how to manage a cluster of servers, which involves monitoring and scaling, using Kubernetes. One way to enhance this guide is to provide examples of how to deploy KASM using Kubernetes and Docker.

Total: 0.2 points

AWS/RDS Hacks

See the setup post

• Create your own database in the EC2 I have created (ec2-database-connect)
  • name it with your first and last name (example: aditya-nawandhar) (0.1)
  • Create a table using the commands on the link provided. (0.1)
  • using commands from the link provided make columns and rows with test data (can be anything) (example: “name” and “class” are the columns with rows being something like “Aditya” and “Junior”). At least 4 test rows (0.1)
  • additional points if the data matches CPT (Bonus: 0.05)

Total: 0.3