diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..6965304a --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,35 @@ +Closes {LINK TO GH ISSUE} + + +## Goal + +A clear and concise description of the PR. + +Use this section for review hints, explanations or discussion points/todos. + + +## Changes + +- Summary of changes +- Reasoning +- Additional context + + +## Testing + +Discuss the performed tests. + + +## Docs + +Add any notes that help to document the feature/changes. Doesn't need to be your best writing, just a few words and/or code snippets. + + +## Checklist + + +- [ ] Documented what's new +- [ ] Added in-code documentation (wherever needed) +- [ ] Wrote tests for new components/features +- [ ] Ran the linter to ensure style guidelines were followed +- [ ] Created a demo diff --git a/.github/workflows/github-actions-demo.yml b/.github/workflows/github-actions-demo.yml new file mode 100644 index 00000000..b00f8e94 --- /dev/null +++ b/.github/workflows/github-actions-demo.yml @@ -0,0 +1,18 @@ +name: GitHub Actions Demo +run-name: ${{ github.actor }} is testing out GitHub Actions 🚀 +on: [push] +jobs: + Explore-GitHub-Actions: + runs-on: ubuntu-latest + steps: + - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event." + - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!" + - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}." + - name: Check out repository code + uses: actions/checkout@v5 + - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner." + - run: echo "🖥️ The workflow is now ready to test your code on the runner." + - name: List files in the repository + run: | + ls ${{ github.workspace }} + - run: echo "🍏 This job's status is ${{ job.status }}." diff --git a/.github/workflows/manual_actions.yml b/.github/workflows/manual_actions.yml new file mode 100644 index 00000000..cc16b045 --- /dev/null +++ b/.github/workflows/manual_actions.yml @@ -0,0 +1,21 @@ +on: + workflow_dispatch: + +jobs: + print-tag: + runs-on: ubuntu-latest + steps: + - name: Collect system information + run: | + echo "OS: ${{ runner.os }}" + echo "Runner name: ${{ runner.name }}" + echo "Runner architecture: ${{ runner.arch }}" + echo "OS Details" + uname -a + cat /etc/os-release + echo "1. CPU Information" + lscpu + echo "2. Memory Information" + free -h + echo "3. Disk Information" + df -h diff --git a/labs/images/lab_1_0.png b/labs/images/lab_1_0.png new file mode 100644 index 00000000..d1d0155d Binary files /dev/null and b/labs/images/lab_1_0.png differ diff --git a/labs/images/lab_1_1.png b/labs/images/lab_1_1.png new file mode 100644 index 00000000..49226491 Binary files /dev/null and b/labs/images/lab_1_1.png differ diff --git a/labs/images/lab_1_2.png b/labs/images/lab_1_2.png new file mode 100644 index 00000000..2a162b9f Binary files /dev/null and b/labs/images/lab_1_2.png differ diff --git a/labs/images/lab_8_0.png b/labs/images/lab_8_0.png new file mode 100644 index 00000000..8b008cbd Binary files /dev/null and b/labs/images/lab_8_0.png differ diff --git a/labs/images/lab_8_1.png b/labs/images/lab_8_1.png new file mode 100644 index 00000000..e875524f Binary files /dev/null and b/labs/images/lab_8_1.png differ diff --git a/labs/images/lab_8_2.png b/labs/images/lab_8_2.png new file mode 100644 index 00000000..27527091 Binary files /dev/null and b/labs/images/lab_8_2.png differ diff --git a/labs/images/lab_8_3.png b/labs/images/lab_8_3.png new file mode 100644 index 00000000..b3e6c7bd Binary files /dev/null and b/labs/images/lab_8_3.png differ diff --git a/labs/submission1.md b/labs/submission1.md new file mode 100644 index 00000000..a7048778 --- /dev/null +++ b/labs/submission1.md @@ -0,0 +1,28 @@ +# Report on Lab 1 + +## Task 1 — SSH Commit Signature Verification + +### 1.1 — Importance of Signed Commits + +Signed commits have the following advantages: + +* The authorship guarantee (a signed commit guarantees that it was created exactly by the person), +* Signing protects the code from unwanted changes via cryptography +* Rising the trust among authors and users + +### 1.2 — Evidence of Successful SSH Key Setup and Signed Commit + +![](../images/lab_1_0.png) +![](../images/lab_1_1.png) + +### 1.3 — Importance in DevOps Workflows + +* Trustworthy CI/CD pipeline +* Immutable history providing +* Compliance with rules of security in important spheres of development + +## Task 2 + +![](../images/lab_1_2.png) + +PR templates allow faster and standardized description of a contribution diff --git a/labs/submission2.md b/labs/submission2.md new file mode 100644 index 00000000..87bfbb90 --- /dev/null +++ b/labs/submission2.md @@ -0,0 +1,375 @@ +# Lab 2 — Version Control & Advanced Git + +## Task 1 — Git Object Model Exploration + +### Outputs + +* blob + ```bash + $ git cat-file -p 6e60bebec0724892a7c82c52183d0a7b467cb6bb + # 🚀 DevOps Introduction Course: Principles, Practices & Tooling + + [![Labs](https://img.shields.io/badge/Labs-80%25-blue)](#-lab-based-learning-experience) + [![Exam](https://img.shields.io/badge/Exam-20%25-orange)](#-evaluation-framework) + [![Hands-On](https://img.shields.io/badge/Focus-Hands--On%20Labs-success)](#-lab-based-learning-experience) + [![Duration](https://img.shields.io/badge/Duration-10%20Weeks-lightgrey)](#-course-roadmap) + + Welcome to the **DevOps Introduction Course**, where you will gain a **solid foundation in DevOps principles and practical skills**. + This course is designed to provide a comprehensive understanding of DevOps and its key components. + ... + + Source: lectures/lec1.md + + - 📍 Slide 1 – 🚀 What is DevOps? + - 📍 Slide 2 – 📜 A Brief History of DevOps + - 📍 Slide 3 – 🎯 Why DevOps? (Key Goals) + - 📍 Slide 4 – ⚖️ DevOps vs. Traditional IT + ... + + Source: lectures/lec2.md + + - 📍 Slide 1 – 🧭 What is a Version Control System (VCS)? + - 📍 Slide 2 – 🔎 Why We Need Version Control + - 📍 Slide 3 – 🕰️ A Short History of VCS (to Understand Today) + - 📍 Slide 4 – 🧭 Centralized vs Distributed VCS + ... + + Source: lectures/lec3.md + + - 📍 Slide 1 – 🌍 What is CI/CD? + - 📍 Slide 2 – 🕰️ Short History of CI/CD + - 📍 Slide 3 – 📈 Why CI/CD Matters + - 📍 Slide 4 – 🏗️ Core Principles of Continuous Integration + ... + + Source: lectures/lec4.md + + - 📍 Slide 1 – 🌐 Introduction to Networking in DevOps + - 📍 Slide 2 – 📡 OSI Model & TCP/IP Stack + - 📍 Slide 3 – 🔢 IP Addressing & Subnetting + - 📍 Slide 4 – 🌐 DNS (Domain Name System) + ... + + Source: lectures/lec5.md + + - 📍 Slide 1 – 🌟 Introduction to Virtualization - What & Why + - 📍 Slide 2 – 📚 History of Virtualization (1960s IBM Mainframes → Modern Cloud) + - 📍 Slide 3 – 💡 Core Concepts - Physical vs Virtual Resources + - 📍 Slide 4 – 🎯 Benefits of Virtualization (Cost, Efficiency, Flexibility) + ... + + Source: lectures/lec6.md + + - 📍 Slide 1 – 🐳 What are Containers? + - 📍 Slide 2 – 📜 History of Containers (1979 → 2024) + - 📍 Slide 3 – 💡 Why Containers Matter in DevOps + - 📍 Slide 4 – ⚖️ Containers vs Virtual Machines (VMs) + ... + + Source: lectures/lec7.md + + - 📍 Slide 1 – 🚀 What is GitOps? - The Modern Way to Operate + - 📍 Slide 2 – 📜 GitOps History - From FTP to Pull Requests + - 📍 Slide 3 – 🎯 GitOps Principles - The Four Golden Rules + - 📍 Slide 4 – ⚡ Push vs Pull Deployment Models - The Great Debate + ... + + Source: lectures/lec8.md + + - 📍 Slide 1 – 🛡️ What is SRE? - Engineering Approach to Operations + - 📍 Slide 2 – 📜 History of SRE - From Google's Need to Industry Standard + - 📍 Slide 3 – 🤝 SRE vs DevOps vs Platform Engineering - Clarifying the Roles + - 📍 Slide 4 – 🎨 SRE Principles - Reliability, Scalability, and Toil Reduction + ... + + Source: lectures/lec9.md + + - 📍 Slide 1 – 🛡️ What is DevSecOps? - Security as Code + - 📍 Slide 2 – 📜 History of DevSecOps - From Afterthought to Built-in + - 📍 Slide 3 – 🎯 Why DevSecOps Matters - The Security Crisis + - 📍 Slide 4 – 🔑 Core DevSecOps Principles - The Security Mindset + ... + Source: lectures/lec10.md + + - 📍 Slide 1 – ☁️ Cloud Computing Overview + - 📍 Slide 2 – 🖥️ Compute Services - VMs + - 📍 Slide 3 – 📦 Compute Services - Containers + - 📍 Slide 4 – ⚡ Compute Services - Serverless + ... + + --- + + ## 🗺️ DevOps Learning Journey + +
+ 🌳 View Skill Tree Structure + ... + ``` + +* tree + ```bash + $ git cat-file -p 9f87a5d504773c42a7ade47077dc2326f3b36364 + 040000 tree d717a24b35173244f4285884956c387c6f7bc816 .github + 100644 blob 6e60bebec0724892a7c82c52183d0a7b467cb6bb README.md + 040000 tree a1061247fd38ef2a568735939f86af7b1000f83c app + 040000 tree 6d6220700a2e7901129edcab8bd4bd35344a8e13 labs + 040000 tree d3fb3722b7a867a83efde73c57c49b5ab3e62c63 lectures + ``` + +* commit_hash + ```bash + $ git cat-file -p c6a700d + tree 9f87a5d504773c42a7ade47077dc2326f3b36364 + parent b268b8d54b2fd365c1b8be481f374b40451c31ac + author scrii 1770993534 +0300 + committer scrii 1770993534 +0300 + gpgsig -----BEGIN SSH SIGNATURE----- + U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgYpSu2zegQ/DflAE4oTqgeXd3G4 + oQIJb1OT2XYEVhzAEAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5 + AAAAQNdGGbFDOJ6Sw1jYb944bZLb1VIVlS3UgxI4LgsBQwJNMzv0fToGgdIP3yE39Sf8og + 19rf/5LhjA8JZ30ctVPwQ= + -----END SSH SIGNATURE----- + + Add test file + ``` + +### Contents + +* **blob**: Stores the contents of a file (the text of `README.md`) + +* **tree**: Represents a directory mapping filenames to the corresponding blobs or subtrees. + +* **commit**: A snapshot of the repository. + +### Git Repo Data Storage Analysis + +Git contains data as key-value pairs, where `blob` (binary large object) is a file content itself w/o metadata, `tree` contains the links to other `trees` and `blobs`, `commit` stores the metadata and the root `tree`. + +### Examples + +The examples are provided in the `ouputs` section. + + +## Task 2 — Reset and Reflog Recovery + +### The Commands I Ran +* Logs after commiting the test files: + + ```bash + $ git log + + commit df37f6800b0f7ae0675258c12d9335fcc0738aa0 (HEAD -> git-reset-practice) + Author: scrii + Date: Fri Feb 13 18:10:17 2026 +0300 + + Third commit + + commit 0ce8fb5b7c50e9a4fc4d1dca0c5cbf713baa6670 + Author: scrii + Date: Fri Feb 13 18:10:16 2026 +0300 + + Second commit + + commit fda3eba6afe2410a203791dd968d9f4b4a1f6e27 + Author: scrii + Date: Fri Feb 13 18:10:16 2026 +0300 + + First commit + + commit c6a700dc96143c840b3aa97c35c759cf3543f941 (feature/lab2) + Author: scrii + Date: Fri Feb 13 17:38:54 2026 +0300 + + Add test file + commit df37f6800b0f7ae0675258c12d9335fcc0738aa0 (HEAD -> git-reset-practice) + Author: scrii + Date: Fri Feb 13 18:10:17 2026 +0300 + ``` + +* Make soft reset + + ```bash + $ git reset --soft HEAD~1 + $ git log + + commit 0ce8fb5b7c50e9a4fc4d1dca0c5cbf713baa6670 (HEAD -> git-reset-practice) + Author: scrii + Date: Fri Feb 13 18:10:16 2026 +0300 + + Second commit + + commit fda3eba6afe2410a203791dd968d9f4b4a1f6e27 + Author: scrii + Date: Fri Feb 13 18:10:16 2026 +0300 + + First commit + + commit c6a700dc96143c840b3aa97c35c759cf3543f941 (feature/lab2) + Author: scrii + Date: Fri Feb 13 17:38:54 2026 +0300 + + Add test file + + commit b268b8d54b2fd365c1b8be481f374b40451c31ac (origin/feature/lab1, feature/lab1) + Author: scrii + Date: Fri Feb 6 17:58:24 2026 +0300 + ``` + The branch pointer moved to the parent commit `0ce8fb5`, `df37f68` is no longer reachable, but still exists. The index and the working tree are unchanged. + +* Make hard reset + + ```bash + $ git reset --hard HEAD~1 + $ git log + + commit fda3eba6afe2410a203791dd968d9f4b4a1f6e27 (HEAD -> git-reset-practice) + Author: scrii + Date: Fri Feb 13 18:10:16 2026 +0300 + + First commit + + commit c6a700dc96143c840b3aa97c35c759cf3543f941 (feature/lab2) + Author: scrii + Date: Fri Feb 13 17:38:54 2026 +0300 + + Add test file + + commit b268b8d54b2fd365c1b8be481f374b40451c31ac (origin/feature/lab1, feature/lab1) + Author: scrii + Date: Fri Feb 6 17:58:24 2026 +0300 + + docs: update + + commit 8bdffbe343a74bed3966c4baf2357432884232c1 + Author: scrii + Date: Fri Feb 6 17:53:27 2026 +0300 + ``` + The branch pointer moves to the parent of the current HEAD (`0ce8fb5` -> `fda3eba`). The index now matches the `First Commit`. The working tree is overwritten to the state of the `First Commit`. + + +* Looking for the made changes + ```bash + $ git reflog + + fda3eba (HEAD -> git-reset-practice) HEAD@{0}: reset: moving to HEAD~1 + 0ce8fb5 HEAD@{1}: reset: moving to HEAD~1 + df37f68 HEAD@{2}: commit: Third commit + 0ce8fb5 HEAD@{3}: commit: Second commit + fda3eba (HEAD -> git-reset-practice) HEAD@{4}: commit: First commit + c6a700d (feature/lab2) HEAD@{5}: checkout: moving from feature/lab2 to git-reset-practice + c6a700d (feature/lab2) HEAD@{6}: commit: Add test file + ... + ``` + +* Cancelling all the manipulations and returning to the `Third Commit` commit + + ```bash + $ git reset --hard df37f68 + HEAD is now at df37f68 Third commit + + $ git log + + commit df37f6800b0f7ae0675258c12d9335fcc0738aa0 (HEAD -> git-reset-practice) + Author: scrii + Date: Fri Feb 13 18:10:17 2026 +0300 + + Third commit + + commit 0ce8fb5b7c50e9a4fc4d1dca0c5cbf713baa6670 + Author: scrii + Date: Fri Feb 13 18:10:16 2026 +0300 + + Second commit + + commit fda3eba6afe2410a203791dd968d9f4b4a1f6e27 + Author: scrii + Date: Fri Feb 13 18:10:16 2026 +0300 + + First commit + + commit c6a700dc96143c840b3aa97c35c759cf3543f941 (feature/lab2) + Author: scrii + Date: Fri Feb 13 17:38:54 2026 +0300 + ``` + The branch pointer is moved to the `Third Commit`. The resets are cancelled, and the branch history is restored to its original state. The index now corresponds to the `Third Commit`. The working tree is overwritten: the files are restored to the content of the `Third Commit`. + + By looking on the changes of the HEAD position via `reflog`, the changes were cancelled by finding the desired commit (in this case the `Third Commit`). + + +## Task 3 — Visualize Commit History + +### The Graph And the Commit messages + +```bash +$ git log --oneline --graph --all +* fd69ee4 (side-branch) Side branch commit +| * 8f862fd (git-reset-practice) Side branch commit +| * df37f68 Third commit +| * 0ce8fb5 Second commit +| * fda3eba First commit +|/ +``` + +The graph shows the current branches history and their commits allowing to understand the current state of the development. + + +## Task 4 — Tagging Commits + +```bash +$ git log + +commit c6a700dc96143c840b3aa97c35c759cf3543f941 (HEAD -> feature/lab2, tag: v1.0.0) +Author: scrii +Date: Fri Feb 13 17:38:54 2026 +0300 + + Add test file +... +``` + +The tag name is `tag: v1.0.0`its associated is `c6a700`. +Tags identify the release points and used as CI/CD triggers allowing to provide the release notes. + + +## Task 5 — Git Switch vs Git Checkout vs Git Restore + +### Logs And Outputs + +```bash +$ git switch -c cmd-compare +Switched to a new branch 'cmd-compare' + +$ git status +On branch cmd-compare +Untracked files: + (use "git add ..." to include in what will be committed) + demo.txt + submission2.md + +$ git switch - +Switched to branch 'feature/lab2' + +$ git branch +* cmd-compare + feature/lab1 + feature/lab2 + git-reset-practice + main + side-branch + +``` + +Use for creating new branch and automatically switching: + +```bash +$ git switch -c +``` + +Use for showing the existing branches: +```bash +$ git branch +``` + +## Task 6 — GitHub Community Engagement + + This actions are useful to provide the feedback on authors works. Starring shows engagement of the users allowing to estimate the usability and usefulness of the repos. On the other hand, it is a sign for the authors that motivates them to contribute more on the starred projects. + diff --git a/labs/submission3.md b/labs/submission3.md new file mode 100644 index 00000000..b3b112f5 --- /dev/null +++ b/labs/submission3.md @@ -0,0 +1,137 @@ +# **Lab 3 — CI/CD with GitHub Actions & GitLab CI** + +## **Task 1 — First GitHub Actions Workflow** + +### **The Link to a Successful Run** + +[Link](https://github.com/scrii/DevOps-Intro/actions/runs/22230672784) + +### **Key Concepts** + +1. `Triggers`. These are events that run a workflow and declared at the `on` section. Examples: `push` — whenever a commit is pushed, `pull_request` — whenever a pull request is created/updated. + +2. `Jobs`. These are steps that are completed within a single `runner`. Defined at the `steps` section. + +3. `Runners`. These are machines that run workflow processes. Could be `self-hosted` or `github-hosted`. + +4. `Steps`. These are commands within a `job`. They are completed sequentially (in case of a single fail, the whole pipeline fails). + +### **Workflow Trigger** + +In this example, `push` was the trigger. + +### **Analysis of Workflow Execution Process** + +In this example, all the jobs were completed successfully. They were completed sequentially in 6 seconds. The descriptions of jobs processed steps can be seen by accessing the link. + + +## **Test 2 — Manual Trigger + System Information** + +### **Workflow Changes** + +The workflow taken from the GitHub guide was changed in a way that it is no longer requires inputs to run. Also a new job was assigned that prints the information about the properties. The exact changed workflow: + +```yml +on: + workflow_dispatch: + +jobs: + print-tag: + runs-on: ubuntu-latest + steps: + - name: Collect system information + run: | + echo "OS: ${{ runner.os }}" + echo "Runner name: ${{ runner.name }}" + echo "Runner architecture: ${{ runner.arch }}" + echo "OS Details" + uname -a + cat /etc/os-release + echo "1. CPU Information" + lscpu + echo "2. Memory Information" + free -h + echo "3. Disk Information" + df -h +``` + +### **The Gathered Information** + +```bash +OS: Linux +Runner name: GitHub Actions 1000000043 +Runner architecture: X64 +OS Details +Linux runnervmwffz4 6.11.0-1018-azure #18~24.04.1-Ubuntu SMP Sat Jun 28 04:46:03 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux +PRETTY_NAME="Ubuntu 24.04.3 LTS" +NAME="Ubuntu" +VERSION_ID="24.04" +VERSION="24.04.3 LTS (Noble Numbat)" +VERSION_CODENAME=noble +ID=ubuntu +ID_LIKE=debian +HOME_URL="https://www.ubuntu.com/" +SUPPORT_URL="https://help.ubuntu.com/" +BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" +PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" +UBUNTU_CODENAME=noble +LOGO=ubuntu-logo +1. CPU Information +Architecture: x86_64 +CPU op-mode(s): 32-bit, 64-bit +Address sizes: 48 bits physical, 48 bits virtual +Byte Order: Little Endian +CPU(s): 4 +On-line CPU(s) list: 0-3 +Vendor ID: AuthenticAMD +Model name: AMD EPYC 7763 64-Core Processor +CPU family: 25 +Model: 1 +Thread(s) per core: 2 +Core(s) per socket: 2 +Socket(s): 1 +Stepping: 1 +BogoMIPS: 4890.84 +Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl tsc_reliable nonstop_tsc cpuid extd_apicid aperfmperf tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw topoext vmmcall fsgsbase bmi1 avx2 smep bmi2 erms invpcid rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves user_shstk clzero xsaveerptr rdpru arat npt nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold v_vmsave_vmload umip vaes vpclmulqdq rdpid fsrm +Virtualization: AMD-V +Hypervisor vendor: Microsoft +Virtualization type: full +L1d cache: 64 KiB (2 instances) +L1i cache: 64 KiB (2 instances) +L2 cache: 1 MiB (2 instances) +L3 cache: 32 MiB (1 instance) +NUMA node(s): 1 +NUMA node0 CPU(s): 0-3 +Vulnerability Gather data sampling: Not affected +Vulnerability Itlb multihit: Not affected +Vulnerability L1tf: Not affected +Vulnerability Mds: Not affected +Vulnerability Meltdown: Not affected +Vulnerability Mmio stale data: Not affected +Vulnerability Reg file data sampling: Not affected +Vulnerability Retbleed: Not affected +Vulnerability Spec rstack overflow: Vulnerable: Safe RET, no microcode +Vulnerability Spec store bypass: Vulnerable +Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization +Vulnerability Spectre v2: Mitigation; Retpolines; STIBP disabled; RSB filling; PBRSB-eIBRS Not affected; BHI Not affected +Vulnerability Srbds: Not affected +Vulnerability Tsx async abort: Not affected +2. Memory Information + total used free shared buff/cache available +Mem: 15Gi 803Mi 13Gi 35Mi 1.8Gi 14Gi +Swap: 3.0Gi 0B 3.0Gi +3. Disk Information +Filesystem Size Used Avail Use% Mounted on +/dev/root 145G 53G 92G 37% / +tmpfs 7.9G 84K 7.9G 1% /dev/shm +tmpfs 3.2G 1.0M 3.2G 1% /run +tmpfs 5.0M 0 5.0M 0% /run/lock +efivarfs 128M 32K 128M 1% /sys/firmware/efi/efivars +/dev/sda16 881M 62M 758M 8% /boot +/dev/sda15 105M 6.2M 99M 6% /boot/efi +tmpfs 1.6G 12K 1.6G 1% /run/user/1001 +``` + +### Analysis of Runner Environment And Capabilities + +Runner on GitHub on Ubuntu 24.04 LTS, x86_64 architecture, 4 vCPUs (AMD EPYC), 16 GB RAM, 145 GB disk, Hyper-V virtualization. diff --git a/labs/submission4.md b/labs/submission4.md new file mode 100644 index 00000000..ddcfdd07 --- /dev/null +++ b/labs/submission4.md @@ -0,0 +1,705 @@ +# **Lab 4 — Operating Systems & Networking** + +## **Task 1 — Operating System Analysis** + +### Task 1.1 — Boot Performance Analysis + +1. System Boot Time Analysis + +```bash +maks@maks-VirtualBox:~$ systemd-analyze +Startup finished in 5.910s (kernel) + 30.210s (userspace) = 36.121s +graphical.target reached after 30.156s in userspace. + +maks@maks-VirtualBox:~$ systemd-analyze blame +22.512s plymouth-quit-wait.service + 8.084s fwupd-refresh.service + 2.408s apport.service + 2.379s NetworkManager.service + 2.239s snapd.seeded.service + 2.186s fwupd.service + 2.097s snapd.service + 2.034s dev-sda2.device + 1.759s dev-loop8.device + 1.404s gnome-remote-desktop.service + 1.216s systemd-tmpfiles-clean.service + 1.168s power-profiles-daemon.service + 1.145s polkit.service + 1.102s rsyslog.service + 1.095s accounts-daemon.service + 1.049s gpu-manager.service + 1.038s udisks2.service + 945ms dev-loop10.device + 939ms dev-loop1.device + 904ms dev-loop0.device + 898ms avahi-daemon.service + 894ms dev-loop7.device + 890ms apparmor.service + 830ms dbus.service + 830ms snapd.apparmor.service + 827ms dev-loop6.device + 825ms dev-loop5.device + 825ms dev-loop4.device + 824ms dev-loop2.device + 822ms dev-loop3.device + 707ms grub-common.service + 639ms systemd-udevd.service + 596ms ModemManager.service + 535ms systemd-resolved.service + 535ms user@1000.service + 521ms dev-loop9.device + 517ms upower.service + 499ms systemd-binfmt.service + 497ms systemd-modules-load.service + 496ms switcheroo-control.service + 495ms e2scrub_reap.service + 439ms systemd-udev-trigger.service + 375ms systemd-journal-flush.service + 363ms NetworkManager-wait-online.service + 336ms grub-initrd-fallback.service + 297ms systemd-timesyncd.service + 293ms gdm.service + 291ms systemd-tmpfiles-setup.service + 287ms systemd-logind.service + 281ms dev-loop11.device + 279ms systemd-oomd.service + 276ms systemd-hostnamed.service + 225ms update-notifier-download.service + 220ms keyboard-setup.service + 217ms systemd-journald.service + 217ms systemd-tmpfiles-setup-dev-early.service + 211ms snap-firefox-7766.mount + 211ms cups.service + 188ms plymouth-start.service + 186ms systemd-sysctl.service + 182ms wpa_supplicant.service + 181ms snap-firmware\x2dupdater-210.mount + 159ms sysstat.service + 156ms kerneloops.service + 155ms colord.service + 153ms snap-gnome\x2d42\x2d2204-247.mount + 141ms snap-snap\x2dstore-1270.mount + 134ms snap-snapd-25935.mount + 132ms snap-bare-5.mount + 130ms snap-snapd\x2ddesktop\x2dintegration-343.mount + 128ms snap-gtk\x2dcommon\x2dthemes-1535.mount + 118ms snap-core22-2292.mount + 115ms dev-hugepages.mount + 113ms dev-loop12.device + 112ms dev-mqueue.mount + 107ms sys-kernel-debug.mount + 106ms rtkit-daemon.service + 105ms snap-telegram\x2ddesktop-6899.mount + 103ms sys-kernel-tracing.mount + 98ms systemd-remount-fs.service + 92ms systemd-random-seed.service + 91ms swap.img.swap + 86ms proc-sys-fs-binfmt_misc.mount + 83ms sys-fs-fuse-connections.mount + 69ms kmod-static-nodes.service + 68ms modprobe@dm_mod.service + 66ms modprobe@configfs.service + 63ms modprobe@efi_pstore.service + 58ms plymouth-read-write.service + 58ms modprobe@drm.service + 55ms snap-mesa\x2d2404-1165.mount + 53ms console-setup.service + 50ms sys-kernel-config.mount + 42ms systemd-update-utmp.service + 40ms snapd.socket + 39ms systemd-user-sessions.service + 38ms snap-gnome\x2d46\x2d2404-153.mount + 35ms openvpn.service + 34ms modprobe@fuse.service + 32ms user-runtime-dir@1000.service + 32ms systemd-tmpfiles-setup-dev.service + 31ms alsa-restore.service + 30ms ufw.service + 29ms modprobe@loop.service + 28ms snap-core24-1349.mount + 28ms sysstat-collect.service + 27ms systemd-update-utmp-runlevel.service + 20ms setvtrgb.service +``` + +2. System Load Check + +```bash +maks@maks-VirtualBox:~$ uptime + 22:41:51 up 30 min, 1 user, load average: 1.19, 1.07, 1.00 + +maks@maks-VirtualBox:~$ w + 22:41:59 up 30 min, 1 user, load average: 1.08, 1.05, 1.00 +USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT +maks tty2 - 22:11 13:44 0.39s 0.34s /usr/libexec/gn +``` + +### Task 1.2 — Process Forensics + +1. Identify Resource-Intensive Processes + +```bash +maks@maks-VirtualBox:~$ ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head -n 6 + PID PPID CMD %MEM %CPU + 4132 1411 /snap/snap-store/1270/bin/s 13.1 15.9 + 6553 1184 /snap/telegram-desktop/6899 11.2 11.7 + 1411 1184 /usr/bin/gnome-shell 10.2 18.1 + 2578 1411 /snap/firefox/7766/usr/lib/ 10.1 21.4 + 7343 1411 /usr/bin/gnome-text-editor 8.4 19.2 + +maks@maks-VirtualBox:~$ ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head -n 6 + PID PPID CMD %MEM %CPU + 7571 7312 ps -eo pid,ppid,cmd,%mem,%c 0.1 100 + 2578 1411 /snap/firefox/7766/usr/lib/ 10.1 21.1 + 7343 1411 /usr/bin/gnome-text-editor 8.4 18.5 + 1411 1184 /usr/bin/gnome-shell 10.2 18.3 + 4132 1411 /snap/snap-store/1270/bin/s 13.1 15.6 + +wtmp begins Fri Feb 27 21:57:05 2026 +``` + +### **Task 1.3 — Service Dependencies** + +1. Map Service Relationships + +```bash +maks@maks-VirtualBox:~$ systemctl list-dependencies +default.target +● ├─accounts-daemon.service +● ├─gdm.service +● ├─gnome-remote-desktop.service +● ├─power-profiles-daemon.service +● ├─switcheroo-control.service +○ ├─systemd-update-utmp-runlevel.service +● ├─udisks2.service +● └─multi-user.target +○ ├─anacron.service +● ├─apport.service +● ├─avahi-daemon.service +● ├─console-setup.service +● ├─cron.service +● ├─cups-browsed.service +● ├─cups.path +● ├─cups.service +● ├─dbus.service +○ ├─dmesg.service +○ ├─e2scrub_reap.service +○ ├─grub-common.service +○ ├─grub-initrd-fallback.service +● ├─kerneloops.service +● ├─ModemManager.service +○ ├─networkd-dispatcher.service +● ├─NetworkManager.service +○ ├─open-vm-tools.service +● ├─openvpn.service +● ├─plymouth-quit-wait.service +○ ├─plymouth-quit.service +● ├─rsyslog.service +○ ├─run-vmblock\x2dfuse.mount +○ ├─secureboot-db.service +● ├─snap-bare-5.mount +● ├─snap-core22-2292.mount +● ├─snap-core24-1349.mount +● ├─snap-firefox-7766.mount +● ├─snap-firmware\x2dupdater-210.mount +● ├─snap-gnome\x2d42\x2d2204-247.mount +● ├─snap-gnome\x2d46\x2d2404-153.mount +● ├─snap-gtk\x2dcommon\x2dthemes-1535.mount +● ├─snap-mesa\x2d2404-1165.mount +● ├─snap-snap\x2dstore-1270.mount +● ├─snap-snapd-25935.mount +● ├─snap-snapd\x2ddesktop\x2dintegration-343.mount +● ├─snap-telegram\x2ddesktop-6899.mount +● ├─snapd.apparmor.service +○ ├─snapd.autoimport.service +○ ├─snapd.core-fixup.service +○ ├─snapd.recovery-chooser-trigger.service +● ├─snapd.seeded.service +● ├─snapd.service +○ ├─ssl-cert.service +○ ├─sssd.service +● ├─sysstat.service +● ├─systemd-ask-password-wall.path +● ├─systemd-logind.service +● ├─systemd-oomd.service +○ ├─systemd-update-utmp-runlevel.service +● ├─systemd-user-sessions.service +○ ├─thermald.service +○ ├─ua-reboot-cmds.service +○ ├─ubuntu-advantage.service +● ├─ufw.service +● ├─unattended-upgrades.service +● ├─whoopsie.path +● ├─wpa_supplicant.service +● ├─basic.target +● │ ├─-.mount +○ │ ├─tmp.mount +● │ ├─paths.target +○ │ │ ├─apport-autoreport.path +○ │ │ └─tpm-udev.path +● │ ├─slices.target +● │ │ ├─-.slice +● │ │ └─system.slice +● │ ├─sockets.target +○ │ │ ├─apport-forward.socket +● │ │ ├─avahi-daemon.socket +● │ │ ├─cups.socket +● │ │ ├─dbus.socket +● │ │ ├─snapd.socket +● │ │ ├─systemd-initctl.socket +● │ │ ├─systemd-journald-dev-log.socket +● │ │ ├─systemd-journald.socket +● │ │ ├─systemd-oomd.socket +○ │ │ ├─systemd-pcrextend.socket +● │ │ ├─systemd-sysext.socket +● │ │ ├─systemd-udevd-control.socket +● │ │ ├─systemd-udevd-kernel.socket +● │ │ └─uuidd.socket +● │ ├─sysinit.target +● │ │ ├─apparmor.service +● │ │ ├─dev-hugepages.mount +● │ │ ├─dev-mqueue.mount +● │ │ ├─keyboard-setup.service +● │ │ ├─kmod-static-nodes.service +○ │ │ ├─ldconfig.service +● │ │ ├─plymouth-read-write.service +● │ │ ├─plymouth-start.service +● │ │ ├─proc-sys-fs-binfmt_misc.automount +● │ │ ├─setvtrgb.service +● │ │ ├─sys-fs-fuse-connections.mount +● │ │ ├─sys-kernel-config.mount +● │ │ ├─sys-kernel-debug.mount +● │ │ ├─sys-kernel-tracing.mount +○ │ │ ├─systemd-ask-password-console.path +● │ │ ├─systemd-binfmt.service +○ │ │ ├─systemd-firstboot.service +○ │ │ ├─systemd-hwdb-update.service +○ │ │ ├─systemd-journal-catalog-update.service +● │ │ ├─systemd-journal-flush.service +● │ │ ├─systemd-journald.service +○ │ │ ├─systemd-machine-id-commit.service +● │ │ ├─systemd-modules-load.service +○ │ │ ├─systemd-pcrmachine.service +○ │ │ ├─systemd-pcrphase-sysinit.service +○ │ │ ├─systemd-pcrphase.service +○ │ │ ├─systemd-pstore.service +● │ │ ├─systemd-random-seed.service +○ │ │ ├─systemd-repart.service +● │ │ ├─systemd-resolved.service +● │ │ ├─systemd-sysctl.service +○ │ │ ├─systemd-sysusers.service +● │ │ ├─systemd-timesyncd.service +● │ │ ├─systemd-tmpfiles-setup-dev-early.service +● │ │ ├─systemd-tmpfiles-setup-dev.service +● │ │ ├─systemd-tmpfiles-setup.service +○ │ │ ├─systemd-tpm2-setup-early.service +○ │ │ ├─systemd-tpm2-setup.service +● │ │ ├─systemd-udev-trigger.service +● │ │ ├─systemd-udevd.service +○ │ │ ├─systemd-update-done.service +● │ │ ├─systemd-update-utmp.service +● │ │ ├─cryptsetup.target +● │ │ ├─integritysetup.target +● │ │ ├─local-fs.target +● │ │ │ ├─-.mount +○ │ │ │ ├─systemd-fsck-root.service +● │ │ │ └─systemd-remount-fs.service +● │ │ ├─swap.target +● │ │ │ └─swap.img.swap +● │ │ └─veritysetup.target +● │ └─timers.target +● │ ├─anacron.timer +○ │ ├─apport-autoreport.timer +● │ ├─apt-daily-upgrade.timer +● │ ├─apt-daily.timer +● │ ├─dpkg-db-backup.timer +● │ ├─e2scrub_all.timer +● │ ├─fstrim.timer +● │ ├─fwupd-refresh.timer +● │ ├─logrotate.timer +● │ ├─man-db.timer +● │ ├─motd-news.timer +○ │ ├─snapd.snap-repair.timer +● │ ├─systemd-tmpfiles-clean.timer +○ │ ├─ua-timer.timer +● │ ├─update-notifier-download.timer +● │ └─update-notifier-motd.timer +● ├─getty.target +○ │ ├─getty-static.service +○ │ └─getty@tty1.service +● └─remote-fs.target + +maks@maks-VirtualBox:~$ systemctl list-dependencies multi-user.target +multi-user.target +○ ├─anacron.service +● ├─apport.service +● ├─avahi-daemon.service +● ├─console-setup.service +● ├─cron.service +● ├─cups-browsed.service +● ├─cups.path +● ├─cups.service +● ├─dbus.service +○ ├─dmesg.service +○ ├─e2scrub_reap.service +○ ├─grub-common.service +○ ├─grub-initrd-fallback.service +● ├─kerneloops.service +● ├─ModemManager.service +○ ├─networkd-dispatcher.service +● ├─NetworkManager.service +○ ├─open-vm-tools.service +● ├─openvpn.service +● ├─plymouth-quit-wait.service +○ ├─plymouth-quit.service +● ├─rsyslog.service +○ ├─run-vmblock\x2dfuse.mount +○ ├─secureboot-db.service +● ├─snap-bare-5.mount +● ├─snap-core22-2292.mount +● ├─snap-core24-1349.mount +● ├─snap-firefox-7766.mount +● ├─snap-firmware\x2dupdater-210.mount +● ├─snap-gnome\x2d42\x2d2204-247.mount +● ├─snap-gnome\x2d46\x2d2404-153.mount +● ├─snap-gtk\x2dcommon\x2dthemes-1535.mount +● ├─snap-mesa\x2d2404-1165.mount +● ├─snap-snap\x2dstore-1270.mount +● ├─snap-snapd-25935.mount +● ├─snap-snapd\x2ddesktop\x2dintegration-343.mount +● ├─snap-telegram\x2ddesktop-6899.mount +● ├─snapd.apparmor.service +○ ├─snapd.autoimport.service +○ ├─snapd.core-fixup.service +○ ├─snapd.recovery-chooser-trigger.service +● ├─snapd.seeded.service +● ├─snapd.service +○ ├─ssl-cert.service +○ ├─sssd.service +● ├─sysstat.service +● ├─systemd-ask-password-wall.path +● ├─systemd-logind.service +● ├─systemd-oomd.service +○ ├─systemd-update-utmp-runlevel.service +● ├─systemd-user-sessions.service +○ ├─thermald.service +○ ├─ua-reboot-cmds.service +○ ├─ubuntu-advantage.service +● ├─ufw.service +● ├─unattended-upgrades.service +● ├─whoopsie.path +● ├─wpa_supplicant.service +● ├─basic.target +● │ ├─-.mount +○ │ ├─tmp.mount +● │ ├─paths.target +○ │ │ ├─apport-autoreport.path +○ │ │ └─tpm-udev.path +● │ ├─slices.target +● │ │ ├─-.slice +● │ │ └─system.slice +● │ ├─sockets.target +○ │ │ ├─apport-forward.socket +● │ │ ├─avahi-daemon.socket +● │ │ ├─cups.socket +● │ │ ├─dbus.socket +● │ │ ├─snapd.socket +● │ │ ├─systemd-initctl.socket +● │ │ ├─systemd-journald-dev-log.socket +● │ │ ├─systemd-journald.socket +● │ │ ├─systemd-oomd.socket +○ │ │ ├─systemd-pcrextend.socket +● │ │ ├─systemd-sysext.socket +● │ │ ├─systemd-udevd-control.socket +● │ │ ├─systemd-udevd-kernel.socket +● │ │ └─uuidd.socket +● │ ├─sysinit.target +● │ │ ├─apparmor.service +● │ │ ├─dev-hugepages.mount +● │ │ ├─dev-mqueue.mount +● │ │ ├─keyboard-setup.service +● │ │ ├─kmod-static-nodes.service +○ │ │ ├─ldconfig.service +● │ │ ├─plymouth-read-write.service +● │ │ ├─plymouth-start.service +● │ │ ├─proc-sys-fs-binfmt_misc.automount +● │ │ ├─setvtrgb.service +● │ │ ├─sys-fs-fuse-connections.mount +● │ │ ├─sys-kernel-config.mount +● │ │ ├─sys-kernel-debug.mount +● │ │ ├─sys-kernel-tracing.mount +○ │ │ ├─systemd-ask-password-console.path +● │ │ ├─systemd-binfmt.service +○ │ │ ├─systemd-firstboot.service +○ │ │ ├─systemd-hwdb-update.service +○ │ │ ├─systemd-journal-catalog-update.service +● │ │ ├─systemd-journal-flush.service +● │ │ ├─systemd-journald.service +○ │ │ ├─systemd-machine-id-commit.service +● │ │ ├─systemd-modules-load.service +○ │ │ ├─systemd-pcrmachine.service +○ │ │ ├─systemd-pcrphase-sysinit.service +○ │ │ ├─systemd-pcrphase.service +○ │ │ ├─systemd-pstore.service +● │ │ ├─systemd-random-seed.service +○ │ │ ├─systemd-repart.service +● │ │ ├─systemd-resolved.service +● │ │ ├─systemd-sysctl.service +○ │ │ ├─systemd-sysusers.service +● │ │ ├─systemd-timesyncd.service +● │ │ ├─systemd-tmpfiles-setup-dev-early.service +● │ │ ├─systemd-tmpfiles-setup-dev.service +● │ │ ├─systemd-tmpfiles-setup.service +○ │ │ ├─systemd-tpm2-setup-early.service +○ │ │ ├─systemd-tpm2-setup.service +● │ │ ├─systemd-udev-trigger.service +● │ │ ├─systemd-udevd.service +○ │ │ ├─systemd-update-done.service +● │ │ ├─systemd-update-utmp.service +● │ │ ├─cryptsetup.target +● │ │ ├─integritysetup.target +● │ │ ├─local-fs.target +● │ │ │ ├─-.mount +○ │ │ │ ├─systemd-fsck-root.service +● │ │ │ └─systemd-remount-fs.service +● │ │ ├─swap.target +● │ │ │ └─swap.img.swap +● │ │ └─veritysetup.target +● │ └─timers.target +● │ ├─anacron.timer +○ │ ├─apport-autoreport.timer +● │ ├─apt-daily-upgrade.timer +● │ ├─apt-daily.timer +● │ ├─dpkg-db-backup.timer +● │ ├─e2scrub_all.timer +● │ ├─fstrim.timer +● │ ├─fwupd-refresh.timer +● │ ├─logrotate.timer +● │ ├─man-db.timer +● │ ├─motd-news.timer +○ │ ├─snapd.snap-repair.timer +● │ ├─systemd-tmpfiles-clean.timer +○ │ ├─ua-timer.timer +● │ ├─update-notifier-download.timer +● │ └─update-notifier-motd.timer +● ├─getty.target +○ │ ├─getty-static.service +○ │ └─getty@tty1.service +● └─remote-fs.target +``` + +### **Task 1.4 — User Sessions** + +1. Audit Login Activity + +```bash +maks@maks-VirtualBox:~$ who -a + system boot 2026-02-27 23:09 +maks ? seat0 2026-02-27 23:09 ? 1300 (login screen) +maks + tty2 2026-02-27 23:09 00:06 1300 (tty2) + run-level 5 2026-02-27 23:09 + +maks@maks-VirtualBox:~$ last -n 5 +maks tty2 tty2 Fri Feb 27 23:09 still logged in +maks seat0 login screen Fri Feb 27 23:09 still logged in +reboot system boot 6.17.0-14-generi Fri Feb 27 23:09 still running +maks tty2 tty2 Fri Feb 27 22:12 - crash (00:57) +maks seat0 login screen Fri Feb 27 22:12 - crash (00:57) + +wtmp begins Fri Feb 27 21:57:05 2026 +``` + +### **Task 1.5 — Memory Analysis** + +1. Inspect Memory Allocation + +```bash +maks@maks-VirtualBox:~$ free -h + total used free shared buff/cache available +Mem: 3.8Gi 2.3Gi 143Mi 69Mi 1.7Gi 1.6Gi +Swap: 2.4Gi 262Mi 2.1Gi + +maks@maks-VirtualBox:~$ cat /proc/meminfo | grep -e MemTotal -e SwapTotal -e MemAvailable +MemTotal: 4007368 kB +MemAvailable: 1635252 kB +SwapTotal: 2510844 kB +``` + +### **Key Observations for Sections** + +1.1) The total load time is `36.1 s` + The slowest service: `plymouth-quit-wait.service` + According to the load average `(1.0-1.2 s)`, the system is not overloaded + +1.2) GUI applications consume a lot of resources + +1.3) `default.target` depends on graphical services and `multi-user.target` depends on a lot of network services + +1.4) I (the `maks` user) work have been working since 23:09 via `ttu2`, and the previous session that started at 22:12 have crashed + +1.5) RAM: `3.8 GiB` at total, consumed `2.3 GiB`. SWAP: `262 MiB` of `2.4 GiB` are used that is not critical for the swap memory. + +### **Top Memory-Consuming Process** + +The top memory-cosuming process is `/snap/snap-store/1270/bin/s` (`PID 4132`), consuming `13.1%` of total memory. + +### **Resource Utilization Patterns** + +Overall, resources are distributed unevenly: the main "heavyweights" are user applications, while background services (especially Snap) create a constant, but low, load. + + +## **Task 2 — Networking Analysis** + +### **Task 2.1 — Network Path Tracing** + +1. Traceroute Execution + +```bash +maks@maks-VirtualBox:~$ traceroute github.com +traceroute to github.com (140.82.121.4), 30 hops max, 60 byte packets + 1 _gateway (10.0.2.2) 12.388 ms 11.341 ms 0.569 ms + 2 * * * + 3 * * * + 4 * * * + 5 * * * + 6 * * * + 7 * * * + 8 * * * + 9 * * * +10 * * * +11 * * * +12 * * * +13 * * * +14 * * * +15 * * * +16 * * * +17 * * * +18 * * * +19 * * * +20 * * * +21 * * * +22 * * * +23 * * * +24 * * * +25 * * * +26 * * * +27 * * * +28 * * * +29 * * * +30 * * * +``` + +2. DNS Resolution Check + +```bash +maks@maks-VirtualBox:~$ dig github.com + +; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> github.com +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28016 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 65494 +;; QUESTION SECTION: +;github.com. IN A + +;; ANSWER SECTION: +github.com. 8 IN A 140.82.121.4 + +;; Query time: 0 msec +;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP) +;; WHEN: Fri Feb 27 22:47:03 MSK 2026 +;; MSG SIZE rcvd: 55 +``` + +### **Task 2.2 — Packet Capture** + +1. Capture DNS Traffic + +```bash +maks@maks-VirtualBox:~$ sudo timeout 10 tcpdump -c 5 -i any 'port 53' -nn + +tcpdump: data link type LINUX_SLL2 +tcpdump: verbose output suppressed, use -v[v]... for full protocol decode +listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes +23:48:05.204558 lo In IP 127.0.0.1.57384 > 127.0.0.53.53: 23671+ [1au] A? ipv4only.arpa. (42) +23:48:05.205809 lo In IP 127.0.0.1.57384 > 127.0.0.53.53: 27465+ [1au] AAAA? ipv4only.arpa. (42) +23:48:05.205932 lo In IP 127.0.0.53.53 > 127.0.0.1.57384: 23671 2/0/1 A 192.0.0.171, A 192.0.0.170 (74) +23:48:05.206813 enp0s3 Out IP 10.0.2.15.49689 > 192.168.0.1.53: 42295+ [1au] AAAA? ipv4only.arpa. (42) +23:48:05.214709 enp0s3 In IP 192.168.0.1.53 > 10.0.2.15.49689: 42295 0/1/1 (99) +5 packets captured +10 packets received by filter +0 packets dropped by kernel +``` + +### **Task 2.3 — Reverse DNS** + +1. PTR Lookups + +```bash +maks@maks-VirtualBox:~$ dig -x 8.8.4.4 + +; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> -x 8.8.4.4 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50999 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 65494 +;; QUESTION SECTION: +;4.4.8.8.in-addr.arpa. IN PTR + +;; ANSWER SECTION: +4.4.8.8.in-addr.arpa. 5965 IN PTR dns.google. + +;; Query time: 39 msec +;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP) +;; WHEN: Fri Feb 27 22:48:24 MSK 2026 +;; MSG SIZE rcvd: 73 +``` + +```bash +maks@maks-VirtualBox:~$ dig -x 1.1.2.2 + +; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> -x 1.1.2.2 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59579 +;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 65494 +;; QUESTION SECTION: +;2.2.1.1.in-addr.arpa. IN PTR + +;; AUTHORITY SECTION: +1.in-addr.arpa. 765 IN SOA ns.apnic.net. read-txt-record-of-zone-first-dns-admin.apnic.net. 23597 7200 1800 604800 3600 + +;; Query time: 2136 msec +;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP) +;; WHEN: Fri Feb 27 22:48:41 MSK 2026 +;; MSG SIZE rcvd: 137 +``` + +### **Insights on Network Paths** + +The traceroute to `github.com` shows only the first hop with low latency, while all subsequent nodes are unresponsive. + +### **Analysis of DNS Query/Response Patterns** + +The reverse request for `8.8.4.4` took `39 ms` (successful response), for `1.1.2.2` - `2136 ms` (NXDOMAIN response), which reflects delays in accessing authoritative servers. DNS traffic on port 53 was not captured by tcpdump. + +### **Comparison of Reverse Lookup Results** + +1) 8.8.4.4: successful PTR resolution -> dns.google + +2) 1.1.2.2: response: NXDOMAIN (record missing). This is expected for an address without a reverse zone. The response time is significantly longer due to the root zone queries (1.in-addr.arpa) + +### **DNS Query Example** + +```bash +23:48:05.204558 lo In IP 127.0.0.1.57384 > 127.0.0.53.53: 23671+ [1au] A? ipv4only.arpa. (42) +``` diff --git a/labs/submission5.md b/labs/submission5.md new file mode 100644 index 00000000..6f7e74f1 --- /dev/null +++ b/labs/submission5.md @@ -0,0 +1,158 @@ +# **Lab 5 — Virtualization & System Analysis** + +## **Task 1 — VirtualBox Installation** + +* Host Operating System — `Windows 11 Pro 23H2` +* VirtualBox version number — `7.2.6 r172322 (Qt6.8.0 on windows)` +* During the installation there were not any issues arise + +## **Task 2 — Ubuntu VM and System Analysis** + +1. VM configuration specifications + +* RAM: `4096 MB` +* Storage: `15 GB` +* CPU: `6 cores` + +2. System Information + +* Command `lscpu` +```bash +maks@maks-VirtualBox:~$ lscpu +Architecture: x86_64 + CPU op-mode(s): 32-bit, 64-bit + Address sizes: 48 bits physical, 48 bits virtual + Byte Order: Little Endian +CPU(s): 6 + On-line CPU(s) list: 0-5 +Vendor ID: AuthenticAMD + Model name: AMD Ryzen 5 5500U with Radeon Graphics + CPU family: 23 + Model: 104 + Thread(s) per core: 1 + Core(s) per socket: 6 + Socket(s): 1 + Stepping: 1 + BogoMIPS: 4191.98 + Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pg + e mca cmov pat pse36 clflush mmx fxsr sse sse2 ht s + yscall nx mmxext fxsr_opt rdtscp lm constant_tsc re + p_good nopl xtopology nonstop_tsc cpuid extd_apicid + tsc_known_freq pni pclmulqdq ssse3 fma cx16 sse4_1 + sse4_2 movbe popcnt aes xsave avx f16c rdrand hype + rvisor lahf_lm cmp_legacy cr8_legacy abm sse4a misa + lignsse 3dnowprefetch ssbd vmmcall fsgsbase bmi1 av + x2 bmi2 rdseed adx clflushopt sha_ni arat +Virtualization features: + Hypervisor vendor: KVM + Virtualization type: full +NUMA: + NUMA node(s): 1 + NUMA node0 CPU(s): 0-5 +Vulnerabilities: + Gather data sampling: Not affected + Ghostwrite: Not affected + Indirect target selection: Not affected + Itlb multihit: Not affected + L1tf: Not affected + Mds: Not affected + Meltdown: Not affected + Mmio stale data: Not affected + Old microcode: Not affected + Reg file data sampling: Not affected + Retbleed: Mitigation; untrained return thunk; SMT disabled + Spec rstack overflow: Mitigation; SMT disabled + Spec store bypass: Not affected + Spectre v1: Mitigation; usercopy/swapgs barriers and __user poi + nter sanitization + Spectre v2: Mitigation; Retpolines; STIBP disabled; RSB filling + ; PBRSB-eIBRS Not affected; BHI Not affected + Srbds: Not affected + Tsa: Not affected + Tsx async abort: Not affected + Vmscape: Not affected +``` + +* Command `free -h` + +```bash +maks@maks-VirtualBox:~$ free -h + total used free shared buff/cache available +Mem: 3.8Gi 1.4Gi 496Mi 36Mi 2.2Gi 2.4Gi +Swap: 2.4Gi 0B 2.4Gi +``` + +* Command `ip addr` + +```bash +maks@maks-VirtualBox:~$ ip addr +1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host noprefixroute + valid_lft forever preferred_lft forever +2: enp0s3: mtu 1500 qdisc fq_codel state UP group default qlen 1000 + link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff + inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3 + valid_lft 85965sec preferred_lft 85965sec + inet6 fd17:.../64 scope global temporary dynamic + valid_lft 86193sec preferred_lft 14193sec + inet6 fd17:.../64 scope global dynamic mngtmpaddr + valid_lft 86193sec preferred_lft 14193sec + inet6 fe80::.../64 scope link + valid_lft forever preferred_lft forever +``` + +* Command `df -h` + +```bash +maks@maks-VirtualBox:~$ df -h +Filesystem Size Used Avail Use% Mounted on +tmpfs 392M 1.9M 390M 1% /run +/dev/sda2 15G 11G 3.9G 73% / +tmpfs 2.0G 0 2.0G 0% /dev/shm +tmpfs 5.0M 8.0K 5.0M 1% /run/lock +tmpfs 392M 120K 392M 1% /run/user/1000 +/dev/sr0 51M 51M 0 100% /media/maks/VBox_GAs_7.2.6 +``` + +* Command `lsb_release -a` + +```bash +maks@maks-VirtualBox:~$ lsb_release -a +No LSB modules are available. +Distributor ID: Ubuntu +Description: Ubuntu 24.04.4 LTS +Release: 24.04 +Codename: noble +``` + +* Command `hostnamectl` + +```bash +maks@maks-VirtualBox:~$ hostnamectl + Static hostname: maks-VirtualBox + Icon name: computer-vm + Chassis: vm 🖴 + Machine ID: 7cd69a4861404b6697ace20e26ac3766 + Boot ID: d6b3271faf694453983de6a5f68b7e42 + Virtualization: oracle +Operating System: Ubuntu 24.04.4 LTS + Kernel: Linux 6.17.0-14-generic + Architecture: x86-64 + Hardware Vendor: innotek GmbH + Hardware Model: VirtualBox +Firmware Version: VirtualBox + Firmware Date: Fri 2006-12-01 + Firmware Age: 19y 3month 4d +``` + +* Command `systemd-detect-virt` + +```bash +maks@maks-VirtualBox:~$ systemd-detect-virt +oracle +``` + +All of the tools used were useful, since the required information was obtained directly from terminal diff --git a/labs/submission6.md b/labs/submission6.md new file mode 100644 index 00000000..bc6993b9 --- /dev/null +++ b/labs/submission6.md @@ -0,0 +1,316 @@ +# **Lab 6 — Container Fundamentals with Docker** + +## **Task 1 — Container Lifecycle & Image Management** + +### **Output of `docker ps -a` and `docker images`** + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker ps -a +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +e48052e309b9 citusdata/citus:13.0 "docker-entrypoint.s…" 3 days ago Exited (0) 5 minutes ago citus +3614efb64c4a hortonworks/sandbox-proxy:1.0 "nginx -g 'daemon of…" 7 weeks ago Exited (0) 7 weeks ago hungry_herschel +b3c0a917be54 hortonworks/sandbox-hdp:2.6.5 "/usr/sbin/init" 7 weeks ago Exited (137) 7 weeks ago recursing_bouman +``` + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker images ubuntu + i Info → U In Use +IMAGE ID DISK USAGE CONTENT SIZE EXTRA +ubuntu:latest d1e2e92c075e 119MB 31.7MB +``` + + +### **Image size and layer count** + +* Image size is `119 MB`, it was known via `docker images ubuntu` + +* The layer count is `1`, it was known via `docker inspect ubuntu:latest`: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker inspect ubuntu:latest +[ + { + "Id": "sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9", + "RepoTags": [ + "ubuntu:latest" + ], + "RepoDigests": [ + "ubuntu@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9" + ], + "Created": "2026-02-10T16:49:57.226767398Z", + "Config": { + "Env": [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + ], + "Cmd": [ + "/bin/bash" + ], + "Labels": { + "org.opencontainers.image.ref.name": "ubuntu", + "org.opencontainers.image.version": "24.04" + } + }, + "Architecture": "amd64", + "Os": "linux", + "Size": 29737017, + "RootFS": { + "Type": "layers", + "Layers": [ + "sha256:efafae78d70c98626c521c246827389128e7d7ea442db31bc433934647f0c791" + ] + }, + "Metadata": { + "LastTagTime": "2026-03-11T19:55:19.500893175Z" + }, + "Descriptor": { + "mediaType": "application/vnd.oci.image.index.v1+json", + "digest": "sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9", + "size": 6688 + } + } +] +``` + +* According to the `ls -lh ubuntu_image.tar` output, the tar size is `31 MB`. The image size is `119 MB` + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ ls -lh ubuntu_image.tar +-rw-r--r-- 1 Maksim 197121 31M Mar 11 22:45 ubuntu_image.tar +``` + +* Error message from the first removal attempt: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker rmi ubuntu:latest +Error response from daemon: conflict: unable to delete ubuntu:latest (must be forced) - container aa3f046032c8 is using its referenced image d1e2e92c075e +``` + +* Analysis of the error: since the container that is created from this image exists, the image itself can not be removed. The image provides all necessary layers for the container. Such deletion can cause problems with launching the container again. + +* The contents of the `tar` file is the information that is needed to recreate the image with the corresponding history. It contains all its layers, a configuration file, and a file containing information about the layers order. + + +## **Task 2 — Custom Image Creation & Analysis** + +* Output of original Nginx welcome page + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ curl http://localhost + + + +Welcome to nginx! + + + +

Welcome to nginx!

+

If you see this page, nginx is successfully installed and working. +Further configuration is required for the web server, reverse proxy, +API gateway, load balancer, content cache, or other features.

+ +

For online documentation and support please refer to +nginx.org.
+To engage with the community please visit +community.nginx.org.
+For enterprise grade support, professional services, additional +security features and capabilities please refer to +f5.com/nginx.

+ +

Thank you for using nginx.

+ + +``` + +* Custom HTML content and verification via curl + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker cp index.html nginx_container:/usr/share/nginx/html/ +Successfully copied 2.05kB to nginx_container:/usr/share/nginx/html/ + +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ curl http://localhost + + +The best + + +

website

+ + +``` + +* Output of `docker diff my_website_container` + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker diff my_website_container +C /run +C /run/nginx.pid +C /etc +C /etc/nginx +C /etc/nginx/conf.d +C /etc/nginx/conf.d/default.conf +``` + +* The output of `docker diff my_website_container` shows that service files and directories have changed in the container (`nginx.pid` was added in `/run`), and configuration files were modified in `/etc/nginx` + +* `docker commit` is convinient for experiments, but is is not reproducible and hard to maintain. On the other hand, `Dockerfile` is reproducible and automated, allowing to reach transparent maintaining. However, builds can be slower. + +## **Task 3 — Container Networking & Service Discovery** + +* The `docker exec container1 ping -c 3 container2` output + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker exec container1 ping -c 3 container2 +PING container2 (172.19.0.3): 56 data bytes +64 bytes from 172.19.0.3: seq=0 ttl=64 time=2.186 ms +64 bytes from 172.19.0.3: seq=1 ttl=64 time=0.176 ms +64 bytes from 172.19.0.3: seq=2 ttl=64 time=0.286 ms + +--- container2 ping statistics --- +3 packets transmitted, 3 packets received, 0% packet loss +round-trip min/avg/max = 0.176/0.882/2.186 ms +``` + +* Network inspection output + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker network inspect lab_network +[ + { + "Name": "lab_network", + "Id": "e28756edf59f219db65cff4a04b9589dceeded181982043157737aa8cc3f0378", + "Created": "2026-03-13T20:28:02.450402551Z", + "Scope": "local", + "Driver": "bridge", + "EnableIPv4": true, + "EnableIPv6": false, + "IPAM": { + "Driver": "default", + "Options": {}, + "Config": [ + { + "Subnet": "172.19.0.0/16", + "IPRange": "", + "Gateway": "172.19.0.1" + } + ] + }, + "Internal": false, + "Attachable": false, + "Ingress": false, + "ConfigFrom": { + "Network": "" + }, + "ConfigOnly": false, + "Options": { + "com.docker.network.enable_ipv4": "true", + "com.docker.network.enable_ipv6": "false" + }, + "Labels": {}, + "Containers": { + "0c18c337d3fa30df48352e74a9a66a76f788390c2cb173578abb460d87b93b5f": { + "Name": "container1", + "EndpointID": "6b808f7c523eaed9456984b536caa1d76c4484a352f02c8bd59cafc24fa32228", + "MacAddress": "56:7a:45:47:17:9c", + "IPv4Address": "172.19.0.2/16", + "IPv6Address": "" + }, + "5da9063a8034f18f3ddadb11cc618d4a9ccdf19af3e7d0cd4fa90334a7aea92f": { + "Name": "container2", + "EndpointID": "d85e601d7d50cd27c6300fbee1fd16f68c5edc2c2923d94fa36b4c5b0d9a134b", + "MacAddress": "4e:03:ff:80:4a:61", + "IPv4Address": "172.19.0.3/16", + "IPv6Address": "" + } + }, + "Status": { + "IPAM": { + "Subnets": { + "172.19.0.0/16": { + "IPsInUse": 5, + "DynamicIPsAvailable": 65531 + } + } + } + } + } +] +``` +* DNS resolution output + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker exec container1 nslookup container2 +Server: 127.0.0.11 +Address: 127.0.0.11:53 + +Non-authoritative answer: + +Non-authoritative answer: +Name: container2 +Address: 172.19.0.3 +``` + +* Analysis: Docker runs an DNS server inside each container, containers are forwarded to it while accessing each other by name. The server provides the corresponding IP addressed + +* Comparison: containers can ping each other by name without unnecessary communications. Also, user-defined networks allow to disconnect containers during runtime. + + +## **Task 4 — Data Persistence with Volumes** + +* Custom HTML content + +```html +

Persistent Data

+``` + +* Curl output + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker stop web && docker rm web +web +web + +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker run -d -p 80:80 -v app_data:/usr/share/nginx/html --name web_new nginx +de84c5e1080c64cb5dbb7763d779bc933fa103e2221eed3fb1c01eea4fb1ea3d + +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ curl http://localhost +

Persistent Data

+ +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp (feature/lab5) +$ docker volume inspect app_data +[ + { + "CreatedAt": "2026-03-13T20:38:02Z", + "Driver": "local", + "Labels": null, + "Mountpoint": "/var/lib/docker/volumes/app_data/_data", + "Name": "app_data", + "Options": null, + "Scope": "local" + } +] +``` + +* Mount point: /var/lib/docker/volumes/app_data/_data + +* Analysis: after deleting a container, its data is lost. + +* Comparison: container storage is for a temporary storage that is created while launcing a container. Boind mounts are useful for live updates. Volumes are used for production. \ No newline at end of file diff --git a/labs/submission7.md b/labs/submission7.md new file mode 100644 index 00000000..ac7d03df --- /dev/null +++ b/labs/submission7.md @@ -0,0 +1,145 @@ +# **Lab 7 — GitOps Fundamentals** + +## **Task 1 — Git State Reconciliation** + +* Initial `desired-state.txt` content: + +``` +version: 1.0 +app: myapp +replicas: 3 +``` + +* Initial `current-state.txt` content: + +``` +version: 1.0 +app: myapp +replicas: 3 +``` + +* Output of drift detection and reconciliation: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp/lab7 (feature/lab7) +$ ./reconcile.sh +Fri Mar 20 23:14:08 RTZST 2026 - ⚠️ DRIFT DETECTED! +Reconciling current state with desired state... +Fri Mar 20 23:14:08 RTZST 2026 - ✅ Reconciliation complete +``` + +* State after reconciliation: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp/lab7 (feature/lab7) +$ cat current-state.txt +version: 1.0 +app: myapp +replicas: 3 +``` + +* Output from continuous reconciliation loop: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp/lab7 (feature/lab7) +$ while true; do echo "--- $(date) ---"; ./reconcile.sh; sleep 5; done +--- Fri Mar 20 23:18:38 RTZST 2026 --- +Fri Mar 20 23:18:38 RTZST 2026 - ✅ States synchronized +--- Fri Mar 20 23:18:44 RTZST 2026 --- +Fri Mar 20 23:18:44 RTZST 2026 - ✅ States synchronized +--- Fri Mar 20 23:18:49 RTZST 2026 --- +Fri Mar 20 23:18:49 RTZST 2026 - ⚠️ DRIFT DETECTED! +Reconciling current state with desired state... +Fri Mar 20 23:18:49 RTZST 2026 - ✅ Reconciliation complete +--- Fri Mar 20 23:18:54 RTZST 2026 --- +Fri Mar 20 23:18:54 RTZST 2026 - ✅ States synchronized +``` + +* Analysis of the GitOps reconciliation loop: + +The `reconciliation loop` is a process that compares the desired state of a file with the current state. If a difference detected, the desired state is automatically applied. Any unwanted changes that do not comply with `Git` are tracked and then restored. + +* Advantages of declarative configuration over imperative commands in production: + +A declarative configuration guarantees versioning, automize the drift preventing, and guarantees the environments consistency that is critical for the production. + +## **Task 2 — GitOps Health Monitoring** + +* Contents of `healthcheck.sh` script: + +```bash +#!/bin/bash +# healthcheck.sh - Monitor GitOps sync health + +DESIRED_MD5=$(md5sum desired-state.txt | awk '{print $1}') +CURRENT_MD5=$(md5sum current-state.txt | awk '{print $1}') + +if [ "$DESIRED_MD5" != "$CURRENT_MD5" ]; then + echo "$(date) - ❌ CRITICAL: State mismatch detected!" | tee -a health.log + echo " Desired MD5: $DESIRED_MD5" | tee -a health.log + echo " Current MD5: $CURRENT_MD5" | tee -a health.log +else + echo "$(date) - ✅ OK: States synchronized" | tee -a health.log +fi +``` + +* The `OK` status output: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp/lab7 (feature/lab7) +$ ./healthcheck.sh +Fri Mar 20 23:37:23 RTZST 2026 - ✅ OK: States synchronized +``` + +* The `CRITICAL` status output: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp/lab7 (feature/lab7) +$ cat health.log +Fri Mar 20 23:33:14 RTZST 2026 - ❌ CRITICAL: State mismatch detected! + Desired MD5: + Current MD5: bcd10397f65a22721ef45971e55dba28 +Fri Mar 20 23:37:23 RTZST 2026 - ✅ OK: States synchronized +``` + +* Complete `health.log` file: + +```bash +Fri Mar 20 23:32:52 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:33:14 RTZST 2026 - ❌ CRITICAL: State mismatch detected! + Desired MD5: + Current MD5: bcd10397f65a22721ef45971e55dba28 +Fri Mar 20 23:37:23 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:38:32 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:38:35 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:38:38 RTZST 2026 - ✅ OK: States synchronized +``` + +* Output from `monitor.sh`: + +```bash +Maksim@DESKTOP-JTHSL99 MINGW64 ~/Desktop/DO/DevOps-Intro/labs/temp/lab7 (feature/lab7) +$ ./monitor.sh +Starting GitOps monitoring... +\n--- Check #1 --- +Fri Mar 20 23:38:32 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:38:32 RTZST 2026 - ✅ States synchronized +\n--- Check #2 --- +Fri Mar 20 23:38:35 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:38:35 RTZST 2026 - ✅ States synchronized +\n--- Check #3 --- +Fri Mar 20 23:38:38 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:38:38 RTZST 2026 - ✅ States synchronized +\n--- Check #4 --- +Fri Mar 20 23:38:42 RTZST 2026 - ✅ OK: States synchronized +Fri Mar 20 23:38:42 RTZST 2026 - ✅ States synchronized +... +``` + +* Analysis of checksums: + +Hash functions are constructed to provide a unique hash value for a file. If some change is added, the checksum is completely different from the original file checksum. Therefore, it is a fast way of detecting the differences of file contents. + +* Comparison with GitOps tools: + +The implementation is a simplified model of how ArgoCD tracks and displays synchronization state in GitOps processes. diff --git a/labs/submission8.md b/labs/submission8.md new file mode 100644 index 00000000..6b647042 --- /dev/null +++ b/labs/submission8.md @@ -0,0 +1,82 @@ +# **Lab 8 — Site Reliability Engineering (SRE)** + +## **Task 1 — Key Metrics for SRE and System Analysis** + +### **Top 3 most consuming applications for CPU, memory, and I/O usage** + +* **CPU**: `/usr/bin/gnom-shell` + +* **Memory**: `/usr/bin/gnom-shell` + +* **I/O**: `—` + +### **Command outputs** + +```bash +htop +``` +![](images/lab_8_0.png) + +```bash +iostat -x 1 5 + +avg-cpu: %user %nice %system %iowait %steal %idle + 1.41 0.00 4.23 0.18 0.00 94.18 + +Device r/s rkB/s rrqm/s %rrqm r_await rareq-sz w/s wkB/s wrqm/s %wrqm w_await wareq-sz d/s dkB/s drqm/s %drqm d_await dareq-sz f/s f_await aqu-sz %util +loop0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop10 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop11 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop12 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop13 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop14 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop15 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop16 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop2 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop3 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop4 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop5 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop6 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop7 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop8 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +loop9 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +sda 0.00 0.00 0.00 0.00 0.00 0.00 53.00 260.00 2.00 3.64 1.98 4.91 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.10 2.10 +sr0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 +``` + +### **Analysis** + +CPU is idle most of the time, while disk I/O is very low. My disk usage space is almost used (`11gb` out of `15gb`), where the primary consumer is `/var`. + +### **Reflection** + +For example, we can use `sudo snap clean` to delete older versions and cached files. On the other hand, no CPU or I/O bottlenecks need to be optimized. + + +## **Task 2 — Practical Website Monitoring Setup** + +### **Website URL you chose to monitor** + +`https://vk.com/` + +### **Configuration** + +![](images/lab_8_1.png) + +### **Successful check results** + +![](images/lab_8_3.png) + +### **Alert settings** + +![](images/lab_8_2.png) + +### **Analysis** + +The checks are performed each `30s` to provide continuous monitoring the website state. And when a check was failed `1 time`, the notification is sent to my email address in order to react directy. + +### **Reflection** + +Such monitoring of failures provides developers the ability to track the state of the website and perform fast actions to prevent the bad sequences for a business (as losing money, for example). + diff --git a/labs/test.txt b/labs/test.txt new file mode 100644 index 00000000..2eec599a --- /dev/null +++ b/labs/test.txt @@ -0,0 +1 @@ +Test content