DevOps Bootcamp - Cloud and IaaS Basics
Source: My personal notes from DevOps course by TechWorld with Nana
Introduction to Cloud & Infrastructure as a Service (IaaS)
Section titled “Introduction to Cloud & Infrastructure as a Service (IaaS)”-
Later in course, we’ll set up Nexus Artifact Repository, Jenkins Build Automation, and Deploy apps on server
-
Use case for IaaS: an application needs to run somewhere and use Jenkins on a server, can buy servers (on premise) or delegate infrastructure and its management to a business (IaaS)
-
IaaS service provider examples: AWS, Google Cloud, DigitalOcean, Microsoft Azure
Set Server on DigitalOcean
Section titled “Set Server on DigitalOcean”- Example: Use DigitalOcean for a server due to reduce complexity /
power compared to AWS
- Need DigitalOcean account, create Droplet
- Create Ubuntu Server
- Steps will be similar for other IaaS providers
- Choose location close to you
- Choose
- OS type: Ubuntu Linux
- Sizing
- Authentication: SSH, password
- Users
- Create/reuse a public SSH key
- Example: reuse existing public key
cat ~/.ssh/id_rsa.pub
- Example: reuse existing public key
- Most defaults should work ok
- When server is up, connect using SSH port 22 using server IP/DNS
- e.g. =ssh username@1.1.1.1
- Using SSH key, login will be automatic without password
- DigitalOcean login: by default, can use root for first time
- e.g. =ssh username@1.1.1.1
- Server security: configure a server firewall to only allow access on
specific ports
- DigitalOcean: Droplet > Firewall, Create
- Inbound rule: Set type SSH, TCP, 22, All sources or range
- Outbound: default allow all
- Apply to Droplet(s)
- DigitalOcean: Droplet > Firewall, Create
-
Server Work after SSH
Terminal window # As rootapt update## JRE 8 for Nexus laterapt install openjdk-8-jre-headless
Deploy and Run Application Artifact on Server
Section titled “Deploy and Run Application Artifact on Server”Using https://gitlab.com/twn-devops-bootcamp/latest/05-cloud/java-react-example, build a JAR file and run it
# On local machinegit clone https://gitlab.com/twn-devops-bootcamp/latest/05-cloud/java-react-examplecd java-react-examplegradle build
# Copy to remote server using secure copy## Set user name and directory as neededscp build/libs/java-react-example.jar username@1.1.1.1:/username
# On remote server# See file in username's homejava -jar java-react-example.jar## or run in backgroundjava -jar java-react-example.jar &# Observe application start and look for port
# Check app runningps aux | grep java
# Check ports with active connections## Install netstat if needednetstat -lpnt- Using port, add to firewall a new inbound rule, for example: Custom type, TCP, 7071, All sources
- Visit application at <server ip>:port
Create and configure a Linux user on a cloud server
Section titled “Create and configure a Linux user on a cloud server”Best practice is:
- Create a user for running an application and only give privileges it needs to run the application
- Create individual user accounts for people using the server
# Create users, set password, nameadduser user1
# Add user to sudo groupusermod -aG sudo user1
# Log in as a the user from other accountssu user1# Notice root uses # in prompt, users use $
# Configure SSH key for user1## Get local using cat ~/.ssh/id_rsa.pubmkdir .sshsudo vim .ssh/authorized_keys# Paste the public key into the authorized_keys file and save## From local, you can now ssh using the ssh user1@1.1.1.1