In this assignment we'll focus on Configuration Management tooling using best practices in the field.
- A free GCP account
Not all applications and use cases fit in Kubernetes well: often, a monolith application is preferred, which may run best on virtualised hardware. In these cases, prior to or during CI/CD processes we must preconfigure these machines. One of the ways to do this is by using Configuration Management tooling, such as Ansible, Chef, Puppet, SaltStack. To successfully complete this assignment,
- Using a Configuration Management tool of choice, configure a GCP instance as a publicly accessible web server
- Continue the process by securing this instance using Configuration Management, to your best knowledge. Some of the things you can configure are:
- Firewall rules
- SSH Server
- SELinux, AppArmor or similar
- Fail2Ban
- External logging and monitoring
- It's not always easy or fast to test changes in a Cloud. Configure a
Vagrantfileto provision a local Virtual Machine or Docker image with your configuration management code.
- Web server is accessible from public Internet
- Web server can be configured from scratch entirely using the manifests provided
- Web server changes can be tested locally using Vagrant
- URL to the configured web server
- Configuration manifests
- Discuss your choice of tooling and the reasoning for it
- Automation for the instance configuration on code changes
- Configure
packerto create a base preconfigured image that will work as soon as it's booted on an instance