Group Four Lesson- DevOps
import socket
# Change the following host and see what IP it prints!
host = "safari.com"
ip = socket.gethostbyname(host)
print(ip)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((ip, 80))
print("Successfully connected!")
Check-In
- What is an IP address?
An IP address is an address that is assigned to a device or network that is used for locating and sending data across the internet.
- What is a TCP port?
A TCP port is Transmission control protocol in which uses ports to identify and transfer information between programs over a network.
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((ip, 80))
# Send a GET request to "/"
s.sendall(b"GET / HTTP/1.1\r\n\r\n")
# Recieve & print 2048 bytes of data
data = s.recv(2048)
print(data.decode())
import requests
# Change the URL to whatever you'd like
response = requests.get("https://www.google.com/url?sa=i&url=https%3A%2F%2Fstock.adobe.com%2Fsearch%3Fk%3D%2522smiley%2Bface%2522&psig=AOvVaw3JtGcsd7f8VfaHeSnF_LJD&ust=1682711751215000&source=images&cd=vfe&ved=0CBAQjRxqFwoTCPDZpv7ryv4CFQAAAAAdAAAAABAE")
print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])
print("Content-Type header:", response.headers.get("Content-Type"))
# Add a line to print the "Content-Type" header of the response
# Try an image URL! I did a smiley face image.
aws = "3.130.255.192"
response = requests.get("http://" + aws)
print(response.text)
Configuration
server {
// Listen on virtual "port 80"
listen 80;
listen [::]:80;
server_name 3.130.255.192;
location / {
// Inform server about original client
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
// Forward all requests transparently to the server running on our computer
proxy_pass http://localhost:9099;
}
}
Load Balancing
upstream example.com {
server server1.example.com;
server server1.example.com;
}
HTTP Headers
server {
add_header X-Cool-Header "I love APCSP!";
location /pages {
add_header X-Cooler-Header "This is my secret header!";
}
}
Check In
- Research 1 HTTP header and describe, in detail, its purpose.
The header of an iPhone user on Safari:
GET /index.html HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive
This header is the header of an iPhone user on Safari requesting for an example website. The first line specifies the HTTP method being used (ex."GET"), the the wanted information ("/index.html"), and the HTTP version being used ("HTTP/1.1" NOT 1.0 which is older). The next two lines provide the host name of the server being accessed, the user-agent string identifying the browser and operating system (in this case Safari), and the accepted content types and encodings. The client will receive "/index.html" from the server at www.example.com.
- Write a line in a sample NGINX configuration that will add that specific header to the
/informationlocation
location /information { add_header User-Agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"; }
- Explain the purpose of the load balancing performed by NGINX
Load balancing performed by NGINX helps to distribute large amounts of incoming traffic across multiple servers to help with efficiency and reliability. One server may not be able to handle a lot of traffic from a specific website. Distributing the traffic to multiple servers prevents overloading and helps with response times.
- Modify the following code block to obtain the value of the secret header on
/productsof the AWS site
aws = "3.130.255.192"
response = requests.get("http://" + aws+ "/products")
secret_header = response.headers.get("X-Cooler-Header") # I got this name from above
print("The secret header is:", secret_header)
CORS Hacks
- Explain what CORS is and what it stands for
CORS stands for Cross-Origin Resource Sharing, and is responsible for adding security to vulnerable websites and online services by preventing access to certain domains without permission. This helps to avoid hackers or other people from accessing private information from a website or performing malicious acts on behalf of a user.
- Describe how you would be able to implement CORS into your own websites
In order to implement CORS into my own website, I can add new headers that restrict the origins of requests such as: 'Access-Control-Allow-Origin', '*'. I can also allow the methods of get, post, etc. to be used (you can pick and choose). The 'Access-Control-Allow-Headers' header would allow for requests to be made with listed headers so that CORS does not reject them.
- Describe why you would want to implement CORS into your own websites
CORS helps ensure that your resources are only accessible to trusted domains and reduce the risk of web-based attacks. CORS acts as a wall for hackers and people with malicious intentions, and checks for secure and trusted domains before allowing requests (get, post, etc.).
- How could use CORS to benefit yourself in the future?
I could use CORS in future websites to help protect my users from getting their content stolen. In the future, I hope to have users log in with more information and I want them to feel safe having more important information stored on the website. CORS will help with the security of my users.
Total: 0.2 points
KASM Hacks
- What is the purpose of "sudo" when running commands in terminal?
Sudo allows users who are not root-level to perform root-level commands. Sudo verifies a user's identity and gives them access to perform commands that were previously restricted.
- What are some commands which allow us to look at how the storage of a machine is set up as?
Some commands which allow us to look at how the storage of a machine is set up as are "df -h" and "du", which display the amount of used versus available disk space on a file system and estimates the disk space used by files and directories. These commands will help a user determine how much storage is on their device, how much they have used, and how much they have left.
- What do you think are some alternatives to running "curl -O" to get the zip file for KASM?
Some alternatives to running "curl -O" tp get the zip file for KASM include using wget to wget the file or going directly to the KASM website and downloading the file there.
- What kind of commands do you think the "install.sh" command has and why is it necessary to call it?
The "install.sh" command likely contains a series of commands to install and configure software on a system. It is necessary to call it to make sure all installations of software are installed the same way, allowing for easier updating and compatibility between software.
- Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.
Deploying KASM involves using Docker, as mentioned in the lesson above. A user still needs to manage containers and know how to add security measures such as CORS. They also need to configure networking and security settings to ensure that the containers are accessible and secure. It would be helpful for this lesson to guide to compare and contrast deployment with KASM versus without. I liked how KASM helps decrease the digital divide by allowing chromebook users to access VScode and other useful programs.
Total: 0.2 points
AWS/RDS Hacks
DELETED from hacks