Symbols
24-bit subnet 211
/etc/exports file 258
/etc/fstab file 184
/etc/skel
default configuration files, distributing with 43, 44
A
access log 289
Active Directory (AD) 32
additional storage volumes
adduser command
administrator access
Advanced Package Tool (APT) 68
Amazon Lightsail 410
Amazon Machine Image (AMI) 444, 447
Amazon Web Services (AWS) 410, 461
certification 458
documentation 458
EC2 instances, running only when needed 456
experimenting and learning 458
online training and labs 457
Ubuntu Server instance, creating 432-443
unneeded EC2 instances, stopping or terminating 457
Ansible
combining, with Terraform for full deployment solution 481-483
need for 315
Ansible’s pull method
Apache
additional modules, installing 291-293
application log files
Application Logs 516
apt
Debian packages, managing with 68-71
A Record 290
arguments 88
configuring, to ps command 137-141
attack surface 486
Auto Scaling
used, for scaling Ubuntu EC2 deployments automatically 446, 447
AWS account
user security, implementing 421-427
AWS Billing Dashboard
billing alert, adding 456
billing information, viewing 455
unneeded backups, removing 456
AWS Certified Cloud Practitioner 458
AWS Certified Sysops Administrator 458
AWS EC2 instance
Ubuntu, deploying as 428
AWS Management Console 417
B
backported 81
backup plan
Bash 115
Berkeley Internet Name Daemon (BIND) package
external DNS, setting up with 237, 238
bootable flash drive
partitioning layout, planning 11, 12
bootable recovery media
Bourne Again Shell 115
broadcast address 230
C
Caching Name Server 237
Canonical Livepatch service
reference link 494
used, for automatically installing patches 494
Canonical Name (CNAME) record 242
Certificate Signing Request (CSR) 297
Classless Inter-Domain Routing (CIDR notation) 229
client servers
cloning
used, for simplifying virtual machine creation 354-356
cloud computing
Cloud Deployment
automating 462
CloudFormation 463
CloudFront 428
cloud infrastructure
versus on-premises infrastructure 410
command line
used, for managing Virtual Machine (VM) 356, 357
command-line tricks
commands
Common Vulnerabilities and Exposures (CVEs) 490
responding to 490
config file
used, for simplifying SSH connections 223-225
configuration management
container 360
deploying, via Kubernetes cluster 402-408
using 360
containerd 394
container orchestration 380, 381
Container Runtime 394
Content Delivery Network (CDN) 428
contents
control groups (cgroups) 361
cron
used, for scheduling tasks 151-153
cron job 330
cross-platform 463
curdate 130
D
daemons 148
database server
preparations, for setting up 265-267
Debian 64
versus Snap packages 65
default configuration files
distributing, with /etc/skel 43, 44
defective RAM
device, selecting for server
laptop 4
physical desktop 4
physical servers 3
Raspberry Pi 5
Virtual Machine (VM) 5
Virtual Private Server (VPS) 5
df command
DHCP reservation 209
DigitalOcean 410
directories
permissions, setting on 56
Disaster Recovery 462
disasters
Disk Operating System (DOS) 178
disks
decrypting, with Linux Unified Key Setup (LUKS) 507, 508
encrypting, with Linux Unified Key Setup (LUKS) 507, 508
disk usage
viewing 155
DNS server
external DNS, setting up with bind 237, 238
internal DNS, setting up 239-243
Docker
Docker containers
Dockerfiles
Docker image creation, automating with 371, 372
Docker Hub 362
reference link 363
Docker image creation
automating, with Dockerfiles 371, 372
document root 286
Domain Name System (DNS) 213
Dynamic Host Control Protocol (DHCP) 15
Dynamic Host Control Protocol (DHCP) server 228
setting up, for IP addresses 231-236
E
EC2 instance deployment
EC2 instances
running, only when needed 456
stopping or terminating 457
Elastic Block Store (EBS) 415
Elastic Compute Cloud (EC2) 415
Elastic Container Service (ECS) 362
Elastic Kubernetes Service (EKS) 416
Elastic Load Balancer (ELB) 415
Error Correction Code (ECC) 4
error log 289
Etcher 8
export 255
export root 255
F
Fail2ban 498
files
editing, with Nano text editors 99, 100
editing, with Vim text editors 99, 100
permissions, setting on 56
sharing, with Windows users via Samba 249-254
transferring, with rsync 258-261
transferring, with Secure Copy (SCP) 261-263
file server considerations 247, 248
filesystem cache 162
Filesystem Hierarchy Standard (FHS) 90, 182
firewall 505
Fish 116
Flannel 400
for loop 128
G
gateway 243
Git
utilizing, for configuration management 533-538
Git commit 536
Git repository
Google Cloud Platform (GCP) 410
grants 273
Graphical User Interface (GUI) 100, 139, 341
groups
purpose 32
GUID Partition Table (GPT) 178
H
hard links
hardware enablement (HWE) 81
hash bang 125
Homebrew
installation link 384
utilizing 384
hostname
htop
used, for viewing resource usage 168-171
I
IAM role
setting up, for Session Manager 428-432
Identity and Access Management (IAM) 415
if statement 126
infinite loop 128
Infrastructure as Code (IaC) 314, 463
inodes 111
Input/Output (IO) 526
installation media
Integrated Development Environment (IDE) 104
internet gateway
Internet Service Provider (ISP) 237
inventory file 315
IP addresses
DHCP server, setting up for 231-236
J
jobs
K
Kernel-based Virtual Machine (KVM) 338, 362
Keyboard, Video, and Mouse (KVM) 4
ksh 116
kubeadm package 397
Kube Control (kubectl) 392
kubectl package 397
kubelet package 398
Kubernetes cluster
containers, deploying via 402-408
packages 397
Kubernetes (K8s) 381
testing, by preparing lab environment 381-383
L
lab environment
preparing, for Kubernetes testing 381-383
laptop 4
launch template
options 447
LearnLinuxTV 213
Lightweight Directory Access Protocol (LDAP) 32
Linode 410
Linux
MicroK8s, installing on 383, 384
Linux Containers (LXC) 361
Linux package management 63-65
Linux signals 146
Linux Unified Key Setup (LUKS)
used, for decrypting disks 507
used, for encrypting disks 507
live media
concept 540
Logical Volume Manager (LVM) 173, 267
benefits 174
logical volumes, formatting 195-197
volumes, removing 197
logical volumes
loopback addresses 203
LXD 361
versus Docker 361
LXD containers
M
macOS
MicroK8s, installing on 384-386
MariaDB
best practices, for secure database servers 502-504
Master Boot Record (MBR) 178
memory
usage, monitoring 161
MicroK8s
installing, on Windows 386-389
utilizing 383
Microsoft Azure 410
misbehaving processes
Multi-Factor Authentication (MFA) 422
myvar 128
N
Nano text editors
used, for editing files 99, 100
NCurses Disk Usage 159
network
services, setting up 227
Network Time Protocol (NTP) 133
Nextcloud
NFS 247
NFS shares
NGINX
NodePort Service 406
non-Graphical User Interface (non-GUI) 67
Non-Volatile Memory Express (NVMe) 176
O
object storage 415
on-premises infrastructure
versus cloud infrastructure 410
OpenSSH 495
commands, issuing with 217-219
working with 215
OpsWorks 464
orphaned apt packages
Out of Memory (OOM) Killer 163
output variable 478
P
package maintainer 64
packages
additional repositories, adding 75-77
repositories, managing 75
partitioning 11
tips 12
partitions
passphrase, of OpenSSH key
modifying 223
passwords
expiration information, setting 50, 51
managing 49
policies 49
user accounts, unlocking 49, 50
patches
installing, automatically with Canonical Livepatch service 494
Perl 37
permissions
ownership of objects, modifying 60, 61
setting, on files and directories 56
Personal Package Archive (PPA)
physical desktop 4
physical servers 3
playbook 323
Pluggable Authentication Module (PAM) 51
Pod Network 398
principle of least privilege 489, 532
print working directory 86
private key
generating 220
privileged commands
processes, on Linux system
Process ID (PID) 137
PS1 prompt 202
ps command 136
arguments, configuring to 137-141
running processes, viewing with 136, 137
public key
copying, to remote server 221, 222
generating 220
pull method 315
Q
Quick Emulator (QEMU) 338
R
Raspberry Pi 5
Red Hat 64
Redundant Array of Independent Disks (RAID) 176
region
resources
issues, troubleshooting 524-527
Return on Investment (ROI) 411
root cause analysis
Route 53 415
RPM packages 65
rsync
used, for transferring files 258-261
backup script, writing 129-131
running processes
viewing, with ps command 136, 137
S
Samba 247
files sharing, with Windows users via 249-254
scope
scripts
secondary database server
Secure Copy (SCP)
used, for transferring files 261-263
secure database servers
MariaDB, best practices 502-504
Secure Sockets Layer (SSL) 293
security groups 416
managing, with Terraform 476-479
security updates
Serial Advanced Technology Attachment (SATA) 184
server
device, selecting 3
Server Message Block (SMB) 248
Services for NFS 248
Session Manager
shebang 125
shell script 37
Simple Storage Service (S3) 415
versus Debian packages 65
software
installing 68
removing 68
SSH agent
utilizing 222
SSH connections
simplifying, with config file 223-225
SSH key management
OpenSSH key passphrase, changing 223
private key, generating 220
public key, copying to remote server 221, 222
public key, generating 220, 221
SSH agent, utilizing 222
working with 219
SSH passphrase
modifying 223
Stable Release Updates (SRUs) 64
standard error (stderr) 124
standard input (stdin) 108, 124
standard output (stdout) 108, 124
Start of Authority (SOA) line 240
static IP addresses
storage devices
storage volume
streams 108
subnets 229
sub-shell 130
subtree checking 255
sudo
administrator access, configuring with 53-55
locking down 509
using, to run privileged commands 33, 34
swap
swap file 12
swap partition 12
symbolic
symbolic link (symlink) 112
system logs
system processes
T
Tab Completion 119
teletypewriter 138
used, for combining Ansible with full deployment solution 481-483
used, for managing security groups 476-479
Terraform destroy 479
Terraform plan 474
Time to Live (TTL) 240
Transport Layer Security (TLS) 285
used, for securing Apache 293-299
U
Ubuntu
deploying, as AWS EC2 instance 428
installing, on Raspberry Pi 25-28
Ubuntu AMIs
Ubuntu CVE tracker
reference link 490
Ubuntu EC2 deployments
scaling, automatically with Auto Scaling 446, 447
Ubuntu One account
URL 494
Ubuntu Server
instance, creating in AWS 432-443
ufw command
reference link 506
Uncomplicated Firewall (UFW) 505
Uninterruptible Power Supply (UPS) 4
units 148
Universally Unique Identifier (UUID) 184
Universal Naming Convention (UNC) 253
universal packages 66
unix_socket authentication 268
useradd command
use root
users
creating 34
purpose 32
V
Vim
Vim text editors
used, for editing files 99, 100
VirtualBox 5
download link 5
virtual host 286
virtualization 359
virtual machine creation
simplifying, with cloning 354-356
Virtual Machine Manager 341
virtual machine network
virtual machine server
Virtual Machine (VM) 5, 319, 514, 337
managing, via command line 356, 357
weaknesses 359
Virtual MFA device 423
Virtual Private Cloud (VPC) 415
Virtual Private Server (VPS) 5, 45, 267, 290, 410
VM Template 354
Voice over IP (VoIP) 228
vulnerability chain 487
W
web server deployment
Windows
MicroK8s, installing on 386-389
Windows users
files sharing, via Samba 249-254
Z
zombie process 146
Zsh 116
3.17.152.183