Linux

[Date]

[nom de la société]
Introduction :
Puppet provides various resource types that you can manage to configure and
maintain systems. Each resource type represents a specific aspect of the
system's configuration. Here's a description of some common resource types in
Puppet and the operations you can apply to them:
1. **File Resource (`file`)**:
- Description: Manages files and directories on the system.
- Operations: Create, delete, ensure existence, set permissions, manage
content, and create symbolic links.
2. **Package Resource (`package`)**:
- Description: Manages software packages on the system.
- Operations: Install, uninstall, ensure version, upgrade, and pin to specific
versions.
3. **Service Resource (`service`)**:
- Description: Manages system services (e.g., daemons).
- Operations: Start, stop, restart, enable, disable, and ensure the service is
running.
4. **User Resource (`user`)**:
- Description: Manages user accounts.
- Operations: Create, delete, set passwords, manage home directories, and
manage user groups.
5. **Group Resource (`group`)**:
- Description: Manages user groups.
- Operations: Create, delete, manage group members.
6. **Exec Resource (`exec`)**:
- Description: Runs arbitrary commands or scripts.
- Operations: Execute commands, scripts, and specify conditions for
execution.
7. **Package Repo Resource (`yumrepo` or `aptrepo`)**:
- Description: Manages package repositories.
- Operations: Add, remove, enable, disable repositories.
8. **Cron Resource (`cron`)**:
- Description: Manages cron jobs (scheduled tasks).
- Operations: Create, delete, and manage cron jobs.
9. **Host Resource (`host`)**:
- Description: Manages entries in the system's host file.
- Operations: Add, delete, and modify host entries.
10. **Firewall Resource (`firewall`)**:
- Description: Manages firewall rules.
- Operations: Create, delete, and modify firewall rules.
11. **Custom Types and Providers**:
- Description: Puppet allows you to create custom resource types and
providers for managing specialized configurations. These can be highly
customized to your specific needs.
12. **Notify Resource (`notify`)**:
- Description: A debugging resource used for sending messages to the Puppet
log.
- Operations: Display messages in the log for debugging purposes.
13. **Augeas Resource (`augeas`)**:
- Description: Manages configuration files using the Augeas configuration
tool.
- Operations: Modify and validate configuration file entries.
14. **Mount Resource (`mount`)**:
- Description: Manages mounted file systems.
- Operations: Mount, unmount, and manage mounted file systems.
15. **Scheduled Task Resource (`scheduled_task`)** (Windows only):
- Description: Manages scheduled tasks on Windows systems.
- Operations: Create, delete, and manage scheduled tasks.

Hello Puppet 4-2022:

create a puppet script hellopuppet.pp in the directory

/var/save/puppet_helloThe script when executed should write "Hello
Puppet".without quotes to a file : /var/save/puppet_hello/hellopuppet.txt

# Ensure the directory /var/save/puppet_hello exists

file { '/var/save/puppet_hello':
ensure => 'directory',
}
# Create a file /var/save/puppet_hello/hellopuppet.txt with content "Hello
Puppet"
file { '/var/save/puppet_hello/hellopuppet.txt':
ensure => 'file',
content => 'Hello Puppet',
}

Exercise 1: Create a Directory and File

Write a Puppet manifest that creates a directory at /var/example/ and a file

named data.txt inside that directory with the content "Puppet is fun!"
Solution:
**Exercise 2: Manage a Service**
Write a Puppet manifest that ensures the Apache web server service is
installed and running on your system. If it's not installed, Puppet should install
it.
Solution:
**Exercise 3: User Management**
Write a Puppet manifest that creates a user named "puppetuser" with the
home directory `/home/puppetuser`.

Solution :

Write a Puppet manifest that sets the permissions of a file at

`/etc/myconfig.conf` to be readable and writable only by the owner, and not
accessible by others.
Solution:
**Exercise 7: Install and Configure MySQL**

Write a Puppet manifest that installs the MySQL server package, starts the
MySQL service, and sets the root password to "mysecretpassword".
Solution not complete:

Docker :HackerShop Deployment:

you are working on fronted deployment of the "hackerShop"
software .Complate the file stub
"/home/ubunto/1234-docker-hackers/script.sh" with one or more steps that
do the following "
 run a docker container with binding of exposed port "80" to the same
host port and
 is named "hackershop-fronted" has an "nginx" image at "1.20" tag as the
source . runs in interactive backgound mode .
 runs without pseudo-TTY allocation.">
  the complete solutin will be evaluated in a new , clean environnement
any changes made manually will be lost only changes to the "script.sh"
file will be carried to the new environnemnt . the result of ' sudo solve "
invoked from the question directory should solve the task

solution:
The problem here is that the port 80 was already in used by the Apache2 server
so therefore the containers can’t us the same port this is why I changed the
port number from 80 to 81 :

Exercice Docker: Frontend Deployment Cleanup:

explain me this exercice "when you finished work on
frontend deployment updat process, you decided to
make a cleanup process from redundant docker images
and containers left after switching the application stack .
complete the file script.sh with this steps –
 eliminate the docker container named "frontend"
 eliminate all the docker images referenced to the
"httpd" dockerhub repository
solution :

#!/bin/bash

# Step 1: Eliminate the Docker Container Named "frontend"

docker stop frontend # Stop the container named "frontend"
docker rm frontend # Remove the container named "frontend"

# Step 2: Eliminate All Docker Images Referenced to the "httpd"

DockerHub Repository
docker rmi $(docker images | grep "httpd" | awk '{print $3}')
Kuburnetes : Secrets

a web application built on kubernetes must be deployed.

Complete the file stub "/home/ubuntu/894-kubernetes-
secrets/script.sh" with one or more steps that do the following .
part 1:
create a new generic secret "application" with the key "
checksum" and the value from the host's environment variable
"application_checksum" in the " hacker-company" namespace
Solution:

#!/bin/bash
# Ensure you are connected to the correct Kubernetes cluster and
namespace.
kubectl config use-context hacker-company
# Create the secret
kubectl create secret generic application \
--namespace hacker-company \
--from-literal=checksum="$application_checksum"
 Part2:
create a new generic secret "deployment" with the key "ssh_key" and the value
from the host's ssh private key "/id_rsa.pub", in the "hacker-company"
namespace.
Solution:

#!/bin/bash
# Ensure you are connected to the correct Kubernetes cluster and
namespace.
kubectl config use-context hacker-company
# Read the SSH private key from the file
ssh_key_value=$(cat /id_rsa)
Or we can use :
# Create the secret
kubectl create secret generic deployment \

#!/bin/bash
# Ensure you are connected to the correct Kubernetes cluster and
namespace.
kubectl config use-context hacker-company
# Create the secret
kubectl create secret generic deployment \
--namespace hacker-company \
--from-file=ssh_key=/id_rsa.pub

Kubernetes: Resources Limits:

Deploying Nginx with CPU and Memory Limits in Kubernetes in yml file:
a web application built on kubernetes must be deployed.complete the file stup
"definition.yml" with one or more steps that do the following :
 deploy a new "nginx" image (from Dockerhub) on the latest tag as
"frontend" pod, in the "hacker-company" namespace.
 -assign the CPU core limit "1" and a limit of " 50" MB of memory to the
"frontend" pod
Solution:
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend
namespace: hacker-company
spec:
replicas: 1
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
spec:
containers:
- name: nginx
image: nginx:latest
resources:
limits:
Kubernetes: Deployment Replication

Deploying Redis Web Application in Kubernetes with Replication:

a web application built on kubernetes must be deployed.complete the file stub

"script.sh" with one or more steps that do the following -create a new
namespace "hackerècompany"
 - deploy a new "redis" image from (dockerHub) on the "buster" tag as
"web-application" deployment in the "hacker-company" namespace.
- increase the pods number of the "web-application" deployment to 3
replicas

#!/bin/bash

# Step 1: Create a new namespace "hacker-company"

kubectl create namespace hacker-company

# Step 2: Deploy a new "redis" image from DockerHub on the "buster" tag as
"web-application" deployment
kubectl create deployment web-application --image=redis:buster --
namespace=hacker-company

10 StatefulSet:Update Strategy Change

there is an existng namespace called "hacker-company" that contains the
stateful set "builder" .Complete the file stub "script.sh" with one or more steps
that do the following.
-tell the controller of the stateful set "builder" to switch an update strategy to
the "RollingUpdate" with an unlimited number of pods that can be unvailable
during the update process.
 #!/bin/bash

# Switch the StatefulSet "builder" to RollingUpdate with unlimited unavailability

kubectl patch statefulset builder -n hacker-company --type='json' -p='[{"op":
"replace", "path": "/spec/updateStrategy/type", "value": "RollingUpdate"}]'

or not sure :
#!/bin/bash

# Switch the StatefulSet "builder" to RollingUpdate with an unlimited number

of pods that can be unavailable during the update process
kubectl patch statefulset builder -n hacker-company --type='json' -p='[{"op":
"replace", "path": "/spec/updateStrategy/type", "value": "RollingUpdate"},
{"op": "replace", "path":
"/spec/updateStrategy/rollingUpdate/maxUnavailable", "value": "0"}]'

Git :Initial commit

using the existing git repository /home/ununto/1334-git-initial-commit -set up

a git username at the repository level (not globally) set ot to "hacker
Developer" -set up a git email address at the repository level(not globally) set it
ti "hacker Developer" set up a fgit email address at the repository level (not
globally) set it "[email protected]" - commit all available
files in "/home/ubunto/1235-git-initial-commit" directory to the git repository
with the message"initial implementation" -push all to the remote origin
Solution:
cd /home/ununto/1334-git-initial-commit
git config user.name "hacker Developer"

git config user.email "[email protected]"

git add .
git commit -m "initial implementation"

git push origin master

Terraform :Docker :
we need to deploy a web application using terraform . complete a fole stub
"/home/ubunto/docker/main.tf" using HCL with one or more steps that do the
following :
initialize the provider plugin "kreuzwerker/docker", at version "2.11.0"
using a "docker_container" resource, create a new docker container from an
"nginx" image on "latest" tag, with the container name "web" and a published
port " 80"
solution:
version 1:
# Initialize the Terraform configuration
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
version = "2.11.0"
}
}
}
# Define the Docker image resource
resource "docker_image" "nginx" {
name = "nginx:latest"
}
# Define the Docker container resource
resource "docker_container" "web" {
image = docker_image.nginx.image_id
name = "web"
ports {
internal = 80 (required the port of the container)
external = 8080 (optional the port for your local machine)
# Initialize the Terraform configuration
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
version = "2.11.0"
}
}
}
# Configure the Docker provider
provider "docker" {}

# Define the Docker

To execute the file container
: resource
resource "docker_container" "web" {
name = "web"

Initialize Terraform:
terraform init
Plan the Deployment
terraform plan
Apply the configuration:
terraform apply
remove settings: