AWS

Testing

at No comments:

Linux

Linux RHCSA → RHCE Learning Tree

🌳 Linux RHCSA → RHCE Learning Tree

1. Linux Fundamentals
  • 1.1 What is Linux?
    • Linux = Kernel + GNU tools + Shell
    • Multi-user, multitasking OS
    • Open-source and community driven
  • 📘 Topic 1.2 – Linux vs Windows
    • Linux is free and open-source
    • Uses / (root) filesystem instead of C:\
    • Case-sensitive file paths
    • Text-based configuration files
    • Native remote access using SSH
  • 1.3 Linux Architecture
    • User → Shell → Kernel → Hardware
    • Kernel manages CPU, memory, devices
  • 1.4 Linux Security Basics
    • User & group permission model
    • No default administrator login
    • Strong isolation between users
  • 1.5 SELinux Introduction
    • Security-Enhanced Linux
    • Mandatory Access Control
    • Modes: Enforcing, Permissive, Disabled
    • getenforce command
  • 1.6 Package Management (RPM)
    • RPM = Red Hat Package Manager
    • Used in RHEL-based systems
    • rpm -qa to list packages
2. Bash & Shell
  • What is Bash
  • Shell Prompt (# / $)
  • Command Structure
  • Pipes ( | )
  • Command Chaining ( ; )
  • History & Shortcuts
  • Wildcards & Globbing
3. Accessing the System
  • TTY & PTS
  • GUI vs CLI
  • Switching Terminals
  • Login & Logout
  • SSH Basics
4. Linux File System Hierarchy
  • / , /boot , /root , /home
  • /bin , /sbin , /usr
  • /etc , /var , /dev
  • /opt , /tmp , /run
  • Absolute vs Relative Paths
5. File & Directory Management
  • pwd , cd
  • ls (all options)
  • touch
  • cp , mv
  • rm , rmdir
  • df , du
6. File Types & Links
  • Regular, Directory, Block, Character
  • Symbolic Links
  • Hard Links
  • Inodes
7. Users & Groups
  • Root vs Regular User
  • useradd, usermod, userdel
  • groupadd, groupdel
  • passwd, chage
  • /etc/passwd, /etc/shadow
8. Permissions & Security
  • chmod (numeric & symbolic)
  • chown, chgrp
  • umask
  • SELinux modes
  • Contexts & restorecon
9. Process Management
  • ps, top
  • kill, killall
  • nice, renice
  • jobs, fg, bg
10. Boot & Services
  • Boot Process
  • GRUB
  • systemctl
  • Targets
  • Root Password Recovery
11. Networking
  • IP Addressing
  • nmcli
  • ip a / ip r
  • hostnamectl
  • SSH Server
12. Storage Management
  • Partitions
  • File Systems (ext4, xfs)
  • mount, umount
  • /etc/fstab
  • Swap
  • LVM (PV, VG, LV)
13. Archiving & Transfer
  • tar
  • gzip / gunzip
  • zip / unzip
  • scp
  • rsync
14. Logs & Monitoring
  • /var/log
  • journalctl
  • log rotation
🚀 RHCE (EX294) – Automation with Ansible
  • Ansible Architecture
  • Inventory
  • Playbooks
  • Modules
  • Variables & Facts
  • Loops & Conditionals
  • Roles & Collections
  • Jinja2 Templates
  • Ansible Vault
  • Automating Services, Users, Storage
📘 Topic 1.3 – Linux Architecture
  • User interacts with Shell (Bash)
  • Shell sends commands to Kernel
  • Kernel communicates with hardware
📘 Topic 1.4 – Linux Security Basics
  • User and group permission model
  • SELinux provides mandatory access control
  • No default administrator login
📘 Topic 1.5 – SELinux Introduction
  • Security-Enhanced Linux (SELinux)
  • Developed by NSA
  • Modes: Enforcing, Permissive, Disabled
  • getenforce command to check mode
📘 Topic 1.6 – Package Management (RPM)
  • RPM = Red Hat Package Manager
  • Used in RHEL-based distributions
  • rpm -qa lists installed packages
RHCSA (EX200) → RHCE (EX294) | Tree-style Linux Learning
at No comments:

Router

🧭 Introduction to Routers: The Heart of Networking

A router is an internetworking device that connects multiple logical networks. It operates at Layer 3 (Network Layer) of the OSI model and determines the best path for data packets. In a LAN, a router usually acts as the Default Gateway, enabling internal devices to reach external networks like the internet.

⚙️ Router Hardware Components & Memory Types

  • Console Port (RJ45–RS232): Used for direct configuration using a terminal.
  • RAM: Temporarily holds the running configuration.
  • NVRAM: Stores the startup configuration persistently.
  • Flash Memory: Stores the IOS (Internetwork Operating System).

💡 Understanding Router Modes

Prompt Mode
Router>User Mode (limited access)
Router#Privilege Mode (full access) — use enable or en to enter
Router(config)#Global Configuration Mode

Other Modes

  • User Mode: Basic access, can’t make changes.
  • Setup Mode: Assists with initial configuration.
  • ROMmon Mode: Recovery environment used for:
    • IOS recovery
    • Password reset
    • Flash issues
    Access via: Ctrl + Pause/Break (real device) or Ctrl + C (Cisco Packet Tracer)

🧩 Types of Routers

1. Based on Platform

  • Hardware Routers: Cisco, Juniper, D-Link, HP, etc.
  • Software Routers: Microsoft Server, Linux Server

2. Based on Modularity

  • Fixed (Non-Modular) Routers: Non-upgradable, ports fixed to motherboard.
  • Modular Routers: Allow for interface upgrades using LAN/WAN cards via available slots.
at No comments:

EC2

EC2: Elastic Compute Cloud

  • AWS Budget Setup
    • Root User: Billing and Cost Management > Account > Billing and Payments > IAM user and role access to Billing information: ✅ Activate IAM Access > Update
    • IAM User:
      • Billing and Cost Management > Bills > Charges by service
      • Billing and Cost Management > Free Tier
      • Billing and Cost Management > Budgets > Create Budget
      • Choose budget type: Use a template (Simplified)
      • Template: Zero Spend Budget
      • Budget Name: My zero-spend budget
      • Email Recipients: mohammedimransharif@proton.me
      • Create Budget

EC2: Elastic Compute Cloud

  • EC2 Basics
    • Amazon EC2:
      • EC2 = Elastic Compute Cloud = Infrastructure as a Service
      • Capabilities:
        • Renting virtual machines (EC2)
        • Storing data on virtual drives (EBS)
        • Distributing load across machines (ELB)
        • Scaling services with Auto Scaling Groups (ASG)
    • EC2 Sizing & Configuration Options:
      • Operating System (OS): Linux, Windows, or macOS
      • CPU: Compute power and number of cores
      • RAM: Memory allocation
      • Storage Options:
        • Network-attached: EBS and EFS
        • Local hardware: EC2 Instance Store
      • Network: Speed, public IP address
      • Security: Firewall rules via security groups
      • Bootstrap script: EC2 User Data
    • EC2 User Data:
      • You can bootstrap instances using EC2 User Data scripts.
      • Bootstrapping: Running commands at first launch
      • Runs only once on initial startup
      • Automates boot-time tasks like:
        • Installing updates
        • Installing software
        • Downloading files
        • Custom initialization
      • Runs as the root user
    • EC2 Instance Types:
Instance vCPU Mem (GiB) Storage Network Performance EBS Bandwidth
t2.micro 1 1 EBS-Only Low to Moderate
t2.xlarge 4 16 EBS-Only Moderate
c5d.4xlarge 16 32 1 × 400 NVMe SSD Up to 10 Gbps 4750
r5.16xlarge 64 512 EBS-Only 20 Gbps 13600
m5.8xlarge 32 128 EBS-Only 10 Gbps 6800

Hands-On: Create an EC2 Instance with User Data for a Simple Website

  • Launch an EC2 Instance running Linux
    • We'll create our first virtual server using the AWS Console.
    • This helps us understand the parameters involved in launching an instance.
    • We'll automate setup using EC2 User Data for web server configuration.
    • We'll also learn how to start, stop, and terminate the instance.
  • Steps:
    • EC2 > Instances > Launch an instance
    • Name: My First Instance
    • Key Pair: Create New > Name: EC2 tutorial > Download
    • Network Settings: ✅ Allow HTTP traffic from the internet
    • User Data (bootstrap script):
    #!/bin/bash
# use this for your user data (script from top to bottom)
# install httpd (Linux 2 version)
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Hello World from $(hostname -f)</h1>" > /var/www/html/index.html
    • Click Launch Instance
    • Go to: EC2 > Instances > ✅ Select your instance
    • View Public IPv4 address > Open in browser using http://
    • Note: Public IP changes on reboot; Private IP remains constant.

EC2 Instance Types Basics

  • Overview: Choose EC2 instances optimized for different use cases.
    Ref: aws.amazon.com/ec2/instance-types
  • General Purpose
    • Great for diverse workloads such as web servers or code repositories.
    • Balanced compute, memory, and networking resources.
    • t2.micro is commonly used in tutorials and free-tier setups.
  • Compute Optimized
    • Ideal for compute-intensive tasks that require high-performance processors:
      • Batch processing workloads
      • Media transcoding
      • High-performance web servers
      • High-performance computing (HPC)
      • Scientific modeling & machine learning
      • Dedicated gaming servers
    • Example: C8g
  • Memory Optimized
    • Best for workloads that process large datasets in memory.
    • Use cases:
      • Relational/non-relational databases
      • Distributed cache stores
      • In-memory BI databases
      • Real-time big data processing
    • Examples: R7g, R7i, R7iz
  • Accelerated Computing – Uses hardware accelerators like GPUs for ML, AI, and graphics workloads.
  • Storage Optimized
    • Optimized for high, sequential read/write access to local storage.
    • Use cases:
      • OLTP systems
      • Relational & NoSQL databases
      • In-memory cache (e.g., Redis)
      • Data warehousing applications
      • Distributed file systems
    • Example: i8g
  • Instance Features – Naming convention:
    • m: instance class
    • 5: generation
    • 2xlarge: size within the class
  • To compare instances across families and specs, visit ec2instances.info

Security Groups & Classic Ports Overview

  • Introduction to Security Groups
    • Fundamental component of AWS network security
    • Control how traffic is allowed into/out of EC2 instances
    • Contain only allow rules
    • Rules can reference IP addresses or other security groups
  • Security Groups – Deeper Dive
    • Act as a virtual firewall at the EC2 level
    • Regulate:
      • Port access
      • IP ranges (IPv4 and IPv6)
      • Inbound traffic (external → instance)
      • Outbound traffic (instance → external)
  • Security Groups – Good to Know
    • Can be attached to multiple instances
    • Scoped to a region/VPC pair
    • If traffic is blocked, the EC2 instance won't detect it
    • Best practice: Use a separate security group for SSH
    • If the app times out → likely security group issue
    • If the app gives “connection refused” → app issue or not running
    • All inbound traffic is blocked by default
    • All outbound traffic is allowed by default
  • Common Ports
    • 22 – SSH (Linux login)
    • 21 – FTP (upload files)
    • 22 – SFTP (secure file upload)
    • 80 – HTTP (unsecured websites)
    • 443 – HTTPS (secured websites)
    • 3389 – RDP (Windows login)
  • Security Groups – Hands-On
    • Go to: EC2 > Network & Security > Security Groups
    • Select security group > Configure Inbound/Outbound rules
    • Add, remove, or modify rules as needed
  • SSH Overview
at No comments:

AWS

What is Cloud Computing?

The Five Characteristics of Cloud Computing

  • On-demand Self Service
  • Broad Network Access
  • Multi-tenancy and Resource Pooling
  • Rapid Elasticity and Scalability
  • Measured Service

Types of Cloud Computing

  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Software as a Service (SaaS)

IAM: Identity and Access Management

at No comments:

IAM: Identity and Access Management

IAM: Identity and Access Management

  • IAM: Permissions
    • Users or groups can be assigned JSON documents called Policies.
    • These policies define the permissions of the users.
    • In AWS, apply the Least Privilege Principle.
  • IAM: Password Policy
    • Multi-Factor Authentication (MFA)
  • How can users access AWS?
    • Three options:
      • AWS Management Console
      • AWS Command Line Interface (CLI)
      • AWS Software Developer Kit (SDK)
    • Access keys are generated via the AWS Console.
    • Users manage their own Access Keys:
      • Access Key ID = username
      • Secret Access Key = password
    • IAM > Users > stephane > Security Credentials > Access Keys > Create Access Key
  • AWS CloudShell
  • IAM Roles
    • IAM > Roles > Create Role
    • Trusted Entity: AWS Service ✅
    • Use Case: EC2 ✅
    • Add Permissions: IAMReadOnlyAccess ✅
    • Role Name: DemoRoleForEC2
  • IAM Security Tools
    • IAM Credentials Report (account-level):
      IAM > Credential Report > Download .csv file
    • IAM Access Advisor (user-level):
      IAM > Users > Last Accessed
  • IAM Best Practices
    • Don’t use the root account except for AWS account setup
    • One physical user = One AWS user
    • Assign users to groups and assign permissions to groups
    • Create a strong password policy
    • Use and enforce Multi-Factor Authentication (MFA)
    • Create and use Roles for giving permissions to AWS services
    • Use Access Keys for Programmatic Access (CLI / SDK)
    • Audit permissions using IAM Credentials Report & IAM Access Advisor
  • Shared Responsibility Model for IAM
  • IAM Section – Summary
    • Users: mapped to a physical user; has a password for AWS Console
    • Groups: contains users only
    • Policies: JSON document that outlines permissions for users or groups
    • Roles: for EC2 instances or AWS services
    • Security: MFA + Password Policy
    • AWS CLI: manage your AWS services using the command-line
    • AWS SDK: manage AWS services using a programming language
    • Access Keys: access AWS using CLI or SDK
    • Audit: IAM Credential Reports & IAM Access Advisor
at No comments:
Subscribe to: Comments (Atom)