DevOps Lesson

• Check-In
• Slide Questions
• NGINX
  • Configuration
    • Load Balancing
    • HTTP Headers
  • Check In
• Hacks
  • Bonus (0.05)
• CORS Hacks
• KASM Hacks

import socket

# Change the following host and see what IP it prints!
host = "google.com"
ip = socket.gethostbyname(host)

print(ip)

142.250.177.46

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))
    print("Successfully connected!")

Successfully connected!

Check-In

1. What is an IP address? An IP address is a internet protocol that is used for communication between different computers.
2. What is a TCP port? A safe way to send your information over the internet.

Slide Questions

1. What does DNS stand for?

• DNS stands for domain name system

1. What is the purpose of DNS?

• Change the domain ip (123.131431) to something my legible. ex. youtube.com.

1. How does DNS work?

• Your computer sends a message for another machine so that you can get the ip address of the site you are trying to reach. This then gets returned to your browser which is used to get to you desired site.

1. What is a DNS resolver?

• A DNS resolver is helps find the associated ip address and its domain name. First step in above process.

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.connect((ip, 80))

    # Send a GET request to "/"
    s.sendall(b"GET / HTTP/1.1\r\n\r\n")

    # Recieve & print 2048 bytes of data
    data = s.recv(2048)
    print(data.decode())

HTTP/1.1 200 OK
Date: Wed, 26 Apr 2023 21:12:57 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-AvacLuiljQRD8aOz26kGXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2023-04-26-21; expires=Fri, 26-May-2023 21:12:57 GMT; path=/; domain=.google.com; Secure
Set-Cookie: AEC=AUEFqZcmBPz8p95b_zUD4nhCJuxtmb5-jQf0j9KdAKUyOkGPqHiiGLI8HBU; expires=Mon, 23-Oct-2023 21:12:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
Set-Cookie: NID=511=uEIzR15tffh27S5bSdUchp3NyJOX9q05Ddr0kcgX1CguG3dYTPXONloOggsTrR6Co9lQnzKki_0SbBUqkqFHPQZpxRmRJyqFq6NEUGCb9p-ieAEF8NGPrXEKxMgeZcL3xDYsJjL8fA1yRCdWPiQgpFV3tL3DJLy0w4EvfFtk4Q4; expires=Thu, 26-Oct-2023 21:12:57 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked

58a2
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content="Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for." name="description"><meta content="noodp" name="robots"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="AvacLuiljQRD8aOz26kGXg">(function(){window.google={kEI:'2ZNJZMDFB92MwbkPj6aq2AE',kEXPI:'0,1359409,6058,207,4804,2316,383,246,5,1129120,1197753,648,380090,16114,19397,9287,22430,1362,283,12029,17587,4998,13228,1838,2009,38444,885,1987,2891,3926,4422,3406,606,60690,15324,432,3,1590,1,16916,2652,4,1528,2304,29062,13065,11443,2215,2980,1457,16786,5803,2554,4094,7596,1,42154,2

import requests

# Change the URL to whatever you'd like
response = requests.get("https://google.com")

print("Status code:", response.status_code)
print("Headers:", response.headers)
print("Response text:", response.text[:100])

# Add a line to print the "Content-Type" header of the response
# Try an image URL!

Status code: 200
Headers: {'Date': 'Wed, 26 Apr 2023 21:16:45 GMT', 'Expires': '-1', 'Cache-Control': 'private, max-age=0', 'Content-Type': 'text/html; charset=ISO-8859-1', 'Content-Security-Policy-Report-Only': "object-src 'none';base-uri 'self';script-src 'nonce-HHi4C62UuYe-_jM_7uCVWg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp", 'P3P': 'CP="This is not a P3P policy! See g.co/p3phelp for more info."', 'Content-Encoding': 'gzip', 'Server': 'gws', 'X-XSS-Protection': '0', 'X-Frame-Options': 'SAMEORIGIN', 'Set-Cookie': '1P_JAR=2023-04-26-21; expires=Fri, 26-May-2023 21:16:45 GMT; path=/; domain=.google.com; Secure, AEC=AUEFqZdh2mJd_c5AmtJ3PZ4HeMXlKIjvZ3ybSC0672uW6zqIuRjhS4sFVlg; expires=Mon, 23-Oct-2023 21:16:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax, NID=511=QWnAdzPPuf6JXmOcZprrN0syi8Z8-zBExQS0d3JHFfLiFMxEvDI2XLMuX43pDeUxWh-ZhCsDS2vjdulqosg2zTKe2qMh-CzIdDiLB4_RWepPAWeceRMadJDtlvwso7r3wDjHXD4DgZbjonuYXUL6_sGkIDzyQZdHyGuzhQI2D9c; expires=Thu, 26-Oct-2023 21:16:45 GMT; path=/; domain=.google.com; HttpOnly', 'Alt-Svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000', 'Transfer-Encoding': 'chunked'}
Response text: <!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta content

NGINX

aws = "3.130.255.192"

response = requests.get("http://" + aws)
print(response.text)

<!doctype html>
<html>
<head>
<title>Cool site</title>
<meta name="description" content="cool site for apcsp">
</head>
<body>
Hello, this is my cool site. Check out my products:
<a href="/products">Products!!</a>
</body>
</html>

Configuration

server {
    // Listen on virtual "port 80"
    listen 80;
    listen [::]:80;
    server_name 3.130.255.192;

    location / {
        // Inform server about original client
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        // Forward all requests transparently to the server running on our computer
        proxy_pass              http://localhost:9099;
    }
}

Load Balancing

upstream example.com {
    server server1.example.com;
    server server1.example.com;
}

HTTP Headers

server {
    add_header X-Cool-Header "I love APCSP!";

    location /pages {
        add_header X-Cooler-Header "This is my secret header!";
    }
}

Check In

1. Research 1 HTTP header and describe, in detail, its purpose.

• Content type tells what type of data is going to be used.

1. Write a line in a sample NGINX configuration that will add that specific header to the /information location

   location/information {add_header secret header}

2. Explain the purpose of the load balancing performed by NGINX

• Distrubute traffic so that it is not going to have too much traffic all in one place.

1. Modify the following code block to obtain the value of the secret header on /products of the AWS site

aws = "3.130.255.192"

response = requests.get("http://" + aws+ "/products")

print("The secret header is:", "...")

---------------------------------------------------------------------------
NameError                                 Traceback (most recent call last)
/Users/lukavandenboomen/vscode/Project-1/_notebooks/2023-04-26-devops-lesson.ipynb Cell 10 in <cell line: 3>()
      <a href='vscode-notebook-cell:/Users/lukavandenboomen/vscode/Project-1/_notebooks/2023-04-26-devops-lesson.ipynb#X12sZmlsZQ%3D%3D?line=0'>1</a> aws = "3.130.255.192"
----> <a href='vscode-notebook-cell:/Users/lukavandenboomen/vscode/Project-1/_notebooks/2023-04-26-devops-lesson.ipynb#X12sZmlsZQ%3D%3D?line=2'>3</a> response = requests.get("http://" + aws+ "/products")
      <a href='vscode-notebook-cell:/Users/lukavandenboomen/vscode/Project-1/_notebooks/2023-04-26-devops-lesson.ipynb#X12sZmlsZQ%3D%3D?line=4'>5</a> print("The secret header is:", "...")

NameError: name 'requests' is not defined

Hacks

• Complete the above check-in questions and change the hosts (0.1)
• Complete the above code-segment to retrieve the secret header (0.1)

Bonus (0.05)

Create a diagram showing the layers of abstraction that allow us to use HTTP (IP, TCP, etc.)

CORS Hacks

1. Explain what CORS is and what it stands for. Cross origin resource sharing. It is used for security so that it stops cross origin requests.
2. Describe how you would be able to implement CORS into your own websites. You need to control who can access your stuff.
3. Describe why you would want to implement CORS into your own websites. security reasons.
4. How could use CORS to benefit yourself in the future? I can make my own project more secure.

Total: 0.2 points

KASM Hacks

1. What is the purpose of "sudo" when running commands in terminal? Allows you to run things as administrator. Basically more things you can do.
2. What are some commands which allow us to look at how the storage of a machine is set up as? lsblk to see what storage devices you have.
3. What do you think are some alternatives to running "curl -O" to get the zip file for KASM? wget. like we use daily.
4. What kind of commands do you think the "install.sh" command has and why is it necessary to call it? The install.sh command installs what you want onto your system. It is import to call it this because it would allow you to easily recognize what it is doing.
5. Explain in at least 3-4 sentences how deploying KASM is related to/requires other topics talked about in the lesson and/or potential ways to add things mentioned in the lesson to this guide. Deploying KASM needs you to know how to set up your netowk system so that data can be transmitted. you also need to know how to use firewalls so that there is more safety. and need to know how to use kasm with other stuff.

Total: 0.2 points

Total: 0.3