DevSecOps Notes

1. Configure Authentication using Kerberos Protocol a) Understanding Kerberos Authentication Protocol What is Kerberos Protocol? - Kerberos is a network authentication protocol created by MIT -It uses symmetric-key cryptography to authenticate users to network services so the passwords are never actually sent over the network. -The authentication mechanism will be done through Tickets. -The KDC Server (Key Distribution Center) will be responsible for giving the users that Tickets, so it is an SSO System. -It has its own Database to store passwords of all users. -It does not store user information (Shell, home Directory ...etc.) like LDAP, Kerberos Provides Authentication Process. - Realm :   *The Administrative Domain and it is written as Upper-Case like (example.com) - Principle :   *An Entry in the authentication DB of Kerberos like (nfs/nfs.example.com) - KDC (Key Distribution Center):   *KDC Server has 3 Components:     **1. DB: to host ...

 1. Understand and use Essential Tools a) Access a shell prompt and issue commands with correct syntax b) Use input-output redirection (>,>>,},2>,etc.) -the stdin device is the keyboard -the sdout device is the screen -the stderr device is reserved for error outputs -the most common use of output redirection is collect the output of a command into a file for example , ls -la > listing will store the output of ls -la in a file named listing - you can also append data to a file . That is done by using >> . For example, echo "This is a test." >> /var/log/messages will just add the end of the messages file. c) Use grep and regular expressions to analyze text d) Access remote systems using ssh e) Log in and switch users in multiuser targets f) Archive, compress, unpack, and uncompress files using tar, star, gzip, and bzip2 g) Create and edit text files h) Create, delete, copy, and move files and directories i) Create hard and so...

https://blog.armory.io/multi-cloud-deployments-with-spinnaker/ https://www.spinnaker.io/guides/tutorials/codelabs/hello-deployment/

https://engineering.linkedin.com/distributed-systems/log-what-every-software-engineer-should-know-about-real-time-datas-unifying

1) Pint point most paintfull parts of the platform (3-5 of them) . Focus on fixing them - in fast way, not the perfect way. 2) Trust of our users -SLOs - revelant! -Clear contract (beetwen your users and you) -RFOs -Self-learning - create platform for feadback

sudo apt-get install stress stress --cpu 2 --timeout 300 # stressing cpu for 300 sec