DevOps for the Desperate: A Hands-On Survival Guide - EARLY ACCESS EDITION

✍ Scribed by Bradley Smith

Publisher: No Starch Press, Inc.
Year: 2022
Tongue: English
Leaves: 188
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

If you’re a software engineer, developer, or sys admin who needs to get up to speed with DevOps quickly, this book covers the basics you need to thrive in a modern application stack.

This book’s fast-paced, hands-on examples will provide the foundation you need to start performing common DevOps tasks. You’ll explore how to implement Infrastructure as Code (IaC) and configuration management (CM)—essential practices for designing secure and stable systems. You’ll take a tour of containerization and set up an automated continuous delivery (CI/CD) pipeline that builds, tests, and deploys code. You’ll dig into how to detect a system’s state and alert on it when things go sideways.

You’ll learn how to:

Create and provision an Ubuntu VM with Vagrant and Ansible
Manage users, groups, and password security
Set up public key and two-factor authentication over SSH
Automate and test a host-based firewall
Use Docker to containerize applications and Kubernetes for orchestration
Build a monitoring stack and troubleshoot problems and performance issues
DevOps for the Desperate is a practical, no-nonsense guide to get you up and running quickly in today’s full-stack infrastructure.

Author Bio
Bradley Smith has been a DevOps and software engineer for more than 20 years at many startups, local governments, and businesses of varying sizes. He’s solved countless technical challenges during his career, and he’s built and trained many DevOps, SRE, and software engineering teams. He graduated from the University of Massachusetts Lowell and now resides in Denver, Colorado.

Table of contents
PART I: INFRASTRUCTURE AS CODE, CONFIGURATION MANAGEMENT, SECURITY, AND ADMINISTRATION
Chapter 1: Setting Up a Virtual Machine
Chapter 2: Using Ansible to Manage Passwords, Users, and Groups
Chapter 3: Using Ansible to Configure SSH
Chapter 4: Controlling User Commands with sudo
Chapter 5: Automating and Testing a Host-Based Firewall
PART II: CONTAINERIZATION AND DEPLOYING MODERN APPLICATIONS
Chapter 6: Containerizing an Application with Docker
Chapter 7: Orchestrating with Kubernetes
Chapter 8: Deploying Code
PART III: OBSERVABILITY AND TROUBLESHOOTING
Chapter 9: Observability
Chapter 10: Troubleshooting Hosts

✦ Table of Contents

DevOps for the Desperate
About the Author
About the Technical Reviewer
Acknowledgments
Introduction
What Is the Current State of DevOps?
Who Should Read This Book?
How This Book Is Organized
Part I: Infrastructure as Code, Configuration Management, Security, and Administration
Part II: Containerization and Deploying Modern Applications
Part III: Observability and Troubleshooting
What You’ll Need
Downloading and Installing VirtualBox
Companion Repository
Editor
PART I: Infrastructure as Code, Configuration Management, Security, and Administration
Chapter 1: Setting Up a Virtual Machine
Why Use Code to Build Infrastructure?
Getting Started with Vagrant
Installation
Anatomy of a Vagrantfile
Basic Vagrant Commands
Getting Started with Ansible
Installation
Key Ansible Concepts
Ansible Playbook
Basic Ansible Commands
Creating an Ubuntu VM
Summary
Chapter 2: Using Ansible to Manage Passwords, Users, and Groups
Enforcing Complex Passwords
Installing libpam-pwquality
Configuring pam_pwquality to Enforce a Stricter Password Policy
Linux User Types
Getting Started with the Ansible User Module
Generating a Complex Password
Updating the VM
Summary
Linux Groups
Getting Started with the Ansible Group Module
Assigning a User to the Group
Creating Protected Resources
Testing User and Group Permissions
Chapter 3: Using Ansible to Configure SSH
Understanding and Activating Public Key Authentication
Generating a Public Key Pair
Using Ansible to Get Your Public Key on the VM
Adding Two-Factor Authentication
Installing Google Authenticator
Configuring Google Authenticator
Configuring PAM for Google Authenticator
Configuring the SSH Server
Restarting the SSH Server with a Handler
Provisioning the VM
Testing SSH Access
Summary
Chapter 4: Controlling User Commands with sudo
What Is sudo?
Planning a sudoers Security Policy
Installing the Greeting Web Application
Anatomy of a sudoers File
Creating the sudoers File
The sudoers Template
Provisioning the VM
Testing Permissions
Accessing the Web Application
Editing greeting.py to Test the sudoers Policy
Stopping and Starting with systemctl
Audit Logs
Summary
Chapter 5: Automating and Testing a Host-Based Firewall
Planning the Firewall Rules
Automating UFW Rules
Provisioning the VM
Testing the Firewall
Scanning Ports with Nmap
Firewall Logging
Rate Limiting
Summary
PART II: Containerization and Deploying Modern Applications
Chapter 6: Containerizing an Application with Docker
Docker from 30,000 Feet
Getting Started with Docker
Dockerfile Instructions
Container Images and Layers
Containers
Namespaces and Cgroups
Installing and Testing Docker
Installing the Docker Engine with Minikube
Installing the Docker Client and Setting Up Docker Environment Variables
Testing the Docker Client Connectivity
Containerizing a Sample Application
Dissecting the Example telnet-server Dockerfile
Building the Container Image
Verifying the Docker Image
Running the Container
Other Docker Client Commands
exec
rm
inspect
history
stats
Testing the Container
Connecting to the Telnet-Server
Getting Logs from the Container
Summary
Chapter 7: Orchestrating with Kubernetes
Kubernetes from 30,000 Feet
Kubernetes Workload Resources
Pods
ReplicaSet
Deployments
StatefulSets
Services
Volumes
Secrets
ConfigMaps
Namespaces
Deploying the Sample telnet-server Application
Interacting with Kubernetes
Reviewing the Manifests
Creating a Deployment and Services
Viewing the Deployment and Services
Testing the Deployment and Services
Accessing the Telnet Server
Troubleshooting Tips
Killing a Pod
Scaling
Logs
Summary
Chapter 8: Deploying Code
CI/CD in Modern Application Stacks
Setting Up Your Pipeline
Reviewing the skaffold.yaml File
Reviewing the Container Tests
Simulating a Development Pipeline
Making a Code Change
Testing the Code Change
Testing a Rollback
Other CI/CD Tooling
Summary
PART III: Observability and Troubleshooting
Chapter 9: Observability
Monitoring Overview
Monitoring the Sample Application
Installing the Monitoring Stack
Verifying the Installation
Metrics
Golden Signals
Adjusting the Monitoring Pattern
The telnet-server Dashboard
PromQL: A Primer
Alerts
Reviewing Golden Signal Alerts in Prometheus
Routing and Notifications
Summary
Chapter 10: Troubleshooting Hosts
Troubleshooting and Debugging: A Primer
Scenario: High Load Average
uptime
top
Next Steps
Scenario: High Memory Usage
free
vmstat
ps
Next Steps
Scenario: High iowait
iostat
iotop
Next Steps
Scenario: Hostname Resolution Failure
resolv.conf
resolvectl
dig
Next Steps
Scenario: Out of Disk Space
df
find
lsof
Next Steps
Scenario: Connection Refused
curl
ss
tcpdump
Next Steps
Searching Logs
Common Logs
Common journalctl Commands
Parsing Logs
Probing Processes
strace
Summary
Index

📜 SIMILAR VOLUMES

DevOps for the Desperate: A Hands-On Sur

📁 DevOps for the Desperate: A Hands-On Survival Guide

✍ Bradley Smith 📂 Library 📅 2022 🏛 No Starch Press 🌐 English

DevOps for the Desperate is a hands-on, no-nonsense guide for those who land in a DevOps environment and need to get up and running quickly. This book introduces fundamental concepts software developers need to know to flourish in a modern DevOps environment including infrastructure as code, conf

Devops For The Desperate: A Hands-On Sur

📁 Devops For The Desperate: A Hands-On Survival Guide

✍ Bradley Smith 📂 Library 📅 2022 🏛 No Starch Press 🌐 English

This book introduces fundamental concepts software developers need to know to flourish in a modern DevOps environment including infrastructure as code, configuration management, security, containerization and orchestration, monitoring and alerting, and troubleshooting. Readers will follow alon

How Cybersecurity Really Works: A Hands-

📁 How Cybersecurity Really Works: A Hands-On Guide for Total Beginners - EARLY ACCESS

✍ Sam Grubb 📂 Library 📅 2021 🏛 No Starch Press 🌐 English

Cybersecurity for Beginners is an engaging introduction to the field of cybersecurity. You'll learn how attackers operate, as well as how to defend yourself and organizations against online attacks. You don’t need a technical background to understand core cybersecurity concepts and

The Hands-on Guide for Junior Doctors,3r

📁 The Hands-on Guide for Junior Doctors,3rd Edition(Hands-on Guides)

✍ Anna Donald, Mike Stein 📂 Library 📅 2006 🌐 English

Part of the Blackwell foundation programme collectionThe Hands-on Guide for Junior Doctors is a practical book for junior doctors and medical students making the transition from medical school to life on the wards. It contains new material to reflect the changes in PRHO training and the development

DevOps for the Desperate

📁 DevOps for the Desperate

✍ Bradley Smith 📂 Library 📅 2022 🏛 No Starch Press 🌐 English

If you’re a software engineer, developer, or sys admin who needs to get up to speed with DevOps quickly, this book covers the basics you need to thrive in a modern application stack. This book’s fast-paced, hands-on examples will provide the foundation you need to start performing common DevOps t

The Project Approach for All Learners: A

📁 The Project Approach for All Learners: A Hands-On Guide for Inclusive Early Childhood Classrooms

✍ Sallee Beneke; Michaelene M. Ostrosky; Lilian G. Katz; Susan A. Fowler 📂 Library 📅 2018 🏛 Brookes Publishing 🌐 English

Includes a complete package of training and implementation materials! A proven and popular teaching method, the Project Approach engages the natural curiosity of children through in-depth investigations of topics that capture their interest. Now there's a guidebook that helps you use this child-cent