DevOps Lesson

• Check-In
• NGINX
  • Configuration
    • Load Balancing
    • HTTP Headers
  • Check In
• Hacks
  • Bonus (0.05)
• CORS Hacks
• KASM Hacks
• AWS/RDS Hacks

import socket

# Change the following host and see what IP it prints!
host = "nhl.com"
ip = socket.gethostbyname(host)

print(ip)

104.18.16.236

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))
    print("Successfully connected!")

Successfully connected!

Check-In

1. What is an IP address?
   • An IP (Internet Protocol) address is a numerical label assigned to every device connected to a computer network that uses the Internet Protocol for communication. It serves as a unique identifier for the device and allows it to communicate with other devices on the network.
2. What is a TCP port?
   • In computer networking, a TCP (Transmission Control Protocol) port is a virtual communication endpoint that enables two devices to establish a connection and exchange data over the internet or a network.

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))

    # Send a GET request to "/"
    s.sendall(b"GET / HTTP/1.1\r\n\r\n")

    # Recieve & print 2048 bytes of data
    data = s.recv(2048)
    print(data.decode())

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 26 Apr 2023 21:11:39 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>cloudflare</center>
</body>
</html>

import requests

# Change the URL to whatever you'd like
response = requests.get("https://google.com")

print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])
print("Content-Type:", response.headers)

# Add a line to print the "Content-Type" header of the response
# Try an image URL!

Status code: 200
Headers: {'Date': 'Mon, 01 May 2023 23:25:18 GMT', 'Expires': '-1', 'Cache-Control': 'private, max-age=0', 'Content-Type': 'text/html; charset=ISO-8859-1', 'Content-Security-Policy-Report-Only': "object-src 'none';base-uri 'self';script-src 'nonce-nAhoSf__B8UEP4o5zvXvUQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp", 'P3P': 'CP="This is not a P3P policy! See g.co/p3phelp for more info."', 'Content-Encoding': 'gzip', 'Server': 'gws', 'X-XSS-Protection': '0', 'X-Frame-Options': 'SAMEORIGIN', 'Set-Cookie': '1P_JAR=2023-05-01-23; expires=Wed, 31-May-2023 23:25:18 GMT; path=/; domain=.google.com; Secure, AEC=AUEFqZcPV8PBkY3-_kBvEwpsN_Nd7MBlasWSoLVGQ75R98YE5sktmseyQQ; expires=Sat, 28-Oct-2023 23:25:18 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax, NID=511=qGpyL2fm-WlSfhJ8OQ590LsERmI6UQr_CL8_Gf7uJM_PsTbmE-qGmCV3vIbwcZGxd1YlsPSPQvLuqke7dvl-nUQSEfRBX5o0fuyRzz8ZOQ6isVbkPdG_FW95P9JnU8TLRD_AE9VJfX03SBpW0E-vvdiFPLbfpoHciEWqOEKrsHM; expires=Tue, 31-Oct-2023 23:25:18 GMT; path=/; domain=.google.com; HttpOnly', 'Alt-Svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000', 'Transfer-Encoding': 'chunked'}
Response text: <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content
Content-Type: {'Date': 'Mon, 01 May 2023 23:25:18 GMT', 'Expires': '-1', 'Cache-Control': 'private, max-age=0', 'Content-Type': 'text/html; charset=ISO-8859-1', 'Content-Security-Policy-Report-Only': "object-src 'none';base-uri 'self';script-src 'nonce-nAhoSf__B8UEP4o5zvXvUQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp", 'P3P': 'CP="This is not a P3P policy! See g.co/p3phelp for more info."', 'Content-Encoding': 'gzip', 'Server': 'gws', 'X-XSS-Protection': '0', 'X-Frame-Options': 'SAMEORIGIN', 'Set-Cookie': '1P_JAR=2023-05-01-23; expires=Wed, 31-May-2023 23:25:18 GMT; path=/; domain=.google.com; Secure, AEC=AUEFqZcPV8PBkY3-_kBvEwpsN_Nd7MBlasWSoLVGQ75R98YE5sktmseyQQ; expires=Sat, 28-Oct-2023 23:25:18 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax, NID=511=qGpyL2fm-WlSfhJ8OQ590LsERmI6UQr_CL8_Gf7uJM_PsTbmE-qGmCV3vIbwcZGxd1YlsPSPQvLuqke7dvl-nUQSEfRBX5o0fuyRzz8ZOQ6isVbkPdG_FW95P9JnU8TLRD_AE9VJfX03SBpW0E-vvdiFPLbfpoHciEWqOEKrsHM; expires=Tue, 31-Oct-2023 23:25:18 GMT; path=/; domain=.google.com; HttpOnly', 'Alt-Svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000', 'Transfer-Encoding': 'chunked'}

NGINX

aws = "3.130.255.192"

response = requests.get("http://" + aws)
print(response.text)

<!doctype html>
<html>
<head>
<title>Cool site</title>
<meta name="description" content="cool site for apcsp">
</head>
<body>
Hello, this is my cool site. Check out my products:
<a href="/products">Products!!</a>
</body>
</html>

Configuration

server {
    // Listen on virtual "port 80"
    listen 80;
    listen [::]:80;
    server_name 3.130.255.192;

    location / {
        // Inform server about original client
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        // Forward all requests transparently to the server running on our computer
        proxy_pass              http://localhost:9099;
    }
}

Load Balancing

upstream example.com {
    server server1.example.com;
    server server1.example.com;
}

HTTP Headers

server {
    add_header X-Cool-Header "I love APCSP!";

    location /pages {
        add_header X-Cooler-Header "This is my secret header!";
    }
}

Check In

1. Research 1 HTTP header and describe, in detail, its purpose.
2. Write a line in a sample NGINX configuration that will add that specific header to the /information location
3. Explain the purpose of the load balancing performed by NGINX
4. Modify the following code block to obtain the value of the secret header on /products of the AWS site import requests

aws = "3.130.255.192"

response = requests.get("http://" + aws+ "/products")

secret_header = response.headers.get("X-Secret-Header")

print("The secret header is:", secret_header)

aws = "3.130.255.192"

response = requests.get("http://" + aws+ "/products")

print("The secret header is:", "...")

Hacks

• Complete the above check-in questions and change the hosts (0.1)
• Complete the above code-segment to retrieve the secret header (0.1)

Bonus (0.05)

Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)

CORS Hacks

1. Explain what CORS is and what it stands for
2. Describe how you would be able to implement CORS into your own websites
3. Describe why you would want to implement CORS into your own websites
4. How could use CORS to benefit yourself in the future?

Total: 0.2 points

KASM Hacks

1. What is the purpose of "sudo" when running commands in terminal?
2. What are some commands which allow us to look at how the storage of a machine is set up as?
3. What do you think are some alternatives to running "curl -O" to get the zip file for KASM?
4. What kind of commands do you think the "install.sh" command has and why is it necessary to call it?
5. Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide.

Total: 0.2 points

AWS/RDS Hacks

See the setup post

• Create your own database in the EC2 I have created (ec2-database-connect)
  • name it with your first and last name (example: aditya-nawandhar) (0.1)
  • Create a table using the commands on the link provided. (0.1)
  • using commands from the link provided make columns and rows with test data (can be anything) (example: “name” and “class” are the columns with rows being something like “Aditya” and “Junior”). At least 4 test rows (0.1)
  • additional points if the data matches CPT (Bonus: 0.05)

Total: 0.3