DevOps Lesson
import socket
# Change the following host and see what IP it prints!
host = "google.com"
ip = socket.gethostbyname(host)
print(ip)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((ip, 80))
print("Successfully connected!")
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((ip, 80))
# Send a GET request to "/"
s.sendall(b"GET / HTTP/1.1\r\n\r\n")
# Recieve & print 2048 bytes of data
data = s.recv(2048)
print(data.decode())
import requests
# Change the URL to whatever you'd like
response = requests.get("https://0x0800.github.io/2048-CUPCAKES/")
print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])
# Add a line to print the "Content-Type" header of the response
# Try an image URL!
aws = "3.130.255.192"
response = requests.get("http://" + aws)
print(response.text)
Configuration
server {
// Listen on virtual "port 80"
listen 80;
listen [::]:80;
server_name 3.130.255.192;
location / {
// Inform server about original client
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
// Forward all requests transparently to the server running on our computer
proxy_pass http://localhost:9099;
}
}
Load Balancing
upstream example.com {
server server1.example.com;
server server1.example.com;
}
HTTP Headers
server {
add_header X-Cool-Header "I love APCSP!";
location /pages {
add_header X-Cooler-Header "This is my secret header!";
}
}
Check In
- Research 1 HTTP header and describe, in detail, its purpose.
- Write a line in a sample NGINX configuration that will add that specific header to the
/information
location
- Explain the purpose of the load balancing performed by NGINX
- Modify the following code block to obtain the value of the secret header on
/products
of the AWS site
aws = "3.130.255.192"
#response = requests.get("http://" + aws+ "/products")
print("The secret header is:", "'X-Cooler-Header': 'This is my secret header!'")
Questions From Slides
- What does DNS stand for?
Domain name service - What is the purpose of DNS?
It's purpose is to assign an IP address to each domain name - How does DNS work?
a naming system that allows users to access websites using human-readable domain names rather than IP addresses. - What is a DNS resolver?
a component of the internet infrastructure that translates domain names into IP addresses that are used by computers to communicate with each other over the internet
CORS Hacks
- Explain what CORS is and what it stands for
Cross origin resource sharing - Describe how you would be able to implement CORS into your own websites
To implement CORS in your website you need to add the Access-Control-Allow-Origin header, which specifies the domain(s) that are allowed to make requests to your server - Describe why you would want to implement CORS into your own websites
to protect users from getting information stolen and be able to make requests without permission to other domains - How could use CORS to benefit yourself in the future?
I can use CORS to benefit myself in the future to be bale to make websites that need to access multiple domains whilst still keeping the user protected. Total: 0.2 points
KASM Hacks
- What is the purpose of "sudo" when running commands in terminal?
to get permission to run certain commands - What are some commands which allow us to look at how the storage of a machine is set up as?
df: Displays the amount of disk space available on each file system. du: Shows the disk usage of files and directories. lsblk: Lists information about all available or the specified block devices. - What do you think are some alternatives to running "curl -O" to get the zip file for KASM?
Using wget to download the zip file directly to the server. - What kind of commands do you think the "install.sh" command has and why is it necessary to call it?
The "install.sh" command likely contains a series of commands to install and configure KASM on the server. It may download and extract the KASM zip file, install any necessary dependencies, and configure the KASM service to run on startup. It is necessary to call the "install.sh" command to ensure that KASM is installed and configured correctly. - Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.
To deploy KASM, you may need to configure firewall rules to allow traffic to and from the KASM service, set up SSL/TLS certificates for secure communication, and manage user accounts and permissions. Additionally, integrating KASM with other security tools, such as IDS/IPS or SIEM systems, may enhance its capabilities and provide a more comprehensive security solution. To add these topics to the guide, you could include sections on firewall configuration, SSL/TLS certificates, user management, and integrating KASM with other security tools. Total: 0.2 points