Category Archives: CDI

2. AWS POC : WordPress[WP] infrastructure creation using a free tier account

With reference to my previous blog on:
1. AWS:How to create and activate a new account in AWS ?
https://vskumar.blog/2018/09/01/1-awshow-to-create-and-activate-a-new-account-in-aws/

I have made a scenario based “AWS services usage” blog in this content. Which can be considered as a Proof of Concept [POC] Project also.

If you are new for cloud technology, I have made a video cum blog for you to understand its initiation/evaluation concepts. This video is more useful for PMs/Cloud Architects/DevOps role based people.

For video Visit:

For the above video’s blog:

https://vskumarcloudblogs.wordpress.com/2016/11/30/how-to-initiate-a-cloud-transformation/

Now, let us move forward with this blog content.

In this AWS exercise, I have described/demonstrated on WordPress[WP] infrastructure creation using a free tier account.

At the end of this blog a micro level lab practiced steps are copied and a recorded video is there on my channel.

I would like to explain from architecture/design perspective through this blog, before you go to Lab steps.
After doing this exercise, simply and finally we can come into the following conclusions:

a) Creating a blogging infrastructure can be fully automated through AWS services.
b) Infrastructure can be created at any time on-demand without any up-front
commitment for how long we will use it in AWS.
c) We can pay for our infrastructure depending on how many hours we use it.
d) Infrastructure consists of several parts,
such as; i) virtual servers, ii) load balancers, and iii) databases.
e) Infrastructure can be deleted with one click without costing to us.

This process is powered by AWS automation. So it will not be billed to our free tier account after deletion!!.

First let us analyze on WP and its components.

How a WordPress infrastructure can be planned?

Assume we have a startup company, which publishes more white papers and  blogs.

Assuming; our startup company currently uses WordPress[WP]  to host over 500 blogs on our own servers.  The blogging infrastructure must be highly available, because customers don’t tolerate outages of any servers.  To evaluate whether a migration is possible through AWS services, we need to do the following three Activities planning and try out with AWS free-tier account:

A) Set up a highly available blogging infrastructure in AWS.
B) Estimate monthly costs of the infrastructure.

C) Finally, Delete our blogging infrastructure to save cost from free-tier account.

For our understanding on WP;

  • WordPress[WP] is written in PHP and uses a  MySQL database to store data.
  • Apache is used as the web server to serve the blog pages.
  • With this information in our mind, we map our requirements to AWS services  to test the infrastructure creation.

Now, let us analyze on “what are the AWS services required for our WP test infrastructure?”.

We need  the below AWS services to do this activity:
I. Elastic Load Balancing (ELB),
II. Elastic Compute Cloud (EC2),
III. Relational Database Service (RDS) for MySQL and
IV. Security groups.

Let us analyze what are the functions/benefits of  these AWS services.

I. Elastic Load Balancing (ELB):

AWS offers a load balancer as a service.
The Elastic Load Balancer (ELB) distributes traffic to a bunch of servers behind it in a cloud environment. It’s highly available by default.

Let us assume our startup company’s blogs are published globally. From many countries these can be accessed by the users. Assume there are lot of users access this content globally. Then in traditional method your load is not balanced without  having physical servers connected through VPNs/networks, etc. in different locations. Think about the Hardware/Software/maintenance/FMG cost for this traditional infrastructure. We can not think it being a startup company to spend much. No way!! Hence we need to depend on cloud service provider.

With AWS ELB, this can be balanced by distributing the blog users traffic to different virtual servers under cloud environment. To denote this distributed load balancing  architecture, I have collected a diagram  on;

WordPress infrastructure and Load Balancing through ELB AWS service.
Which is pasted here for your clarity on the ELB function.

WP-Infra-ELB-load Distribution.png

II. Elastic Compute Cloud (EC2):

It is A virtual server which is provided by the Elastic Compute Cloud (EC2) service of AWS. We will use a Linux server with an optimized distribution called Amazon Linux to install Apache, PHP, and WordPress during our exercise. Please note; we are not limited to Amazon Linux only; we can also choose Ubuntu, Debian, Red Hat, or Windows. Virtual servers can fail at any time, so we need at least two of them for contingency planning. The load balancer will distribute the traffic between them. The beauty of AWS service in case of a server failure is; the load balancer will stop sending traffic to the failed server, and the remaining [contingency] server will need to handle all the requests until the failed server is replaced. Let us not worry on this communication! You will be intimated the status through alerts.

A sample architecture diagram is pasted here FYI with two EC2 instances.

EC2-two instance-ELB-Scenario.png

III. Relational Database Service (RDS) for MySQL:

WordPress relies on the popular MySQL database. AWS provides MySQL as a Relational Database Service (RDS). We can choose the database size (like; storage, CPU, RAM), and RDS takes care of the rest (backups, updates). RDS can also provide a highly available MySQL database by replication. In traditional [non-cloud] model we had the similar setup. It occurs huge costing. By using AWS cloud services this can be easily maintained with minor costing only.

On this context; from the below diagram we can see the MYSQL features from AWS services offering.

AWS-MYSQL-RDS-features

V. Security groups:

In every application architecture we need to have the security features in place. Either these can be embed in the applications or through security tools it can be applied. So the entire architecture is protected that way.

But in cloud services many providers provide these services differently with their services offering.

The Security groups are a fundamental service of AWS to control network traffic like a firewall in traditional systems. Security groups can be attached to a lot of services like ELB, EC2, and RDS. For example; with security groups, we can configure our load balancer as below:

It only accepts requests on port 80 from the internet. Web servers only accept connections on port 80 from the load balancer. And MySQL only accepts connections on port 3306 from the web servers. If we want to log in to our web servers via SSH, we must also open port 22. Similar ways the architecture setup can be configured.

FYI, I have considered a diagram from AWS docs; which denotes a typical AWS multi-tier approach security services with a Firewall:

AWS-Security mulit-tier aproach.png

As shown in the above diagram, A security group acts as a virtual firewall for our instance to control inbound and outbound traffic. When we launch an instance in a Virtual Private Cloud[VPC], we can assign the instance to up to five security groups. It means in any VPC  AWS provides five different security groups.

So, now what is our start company plan for security?:

Let us assume our startup company’s blogging infrastructure consists of two load-balanced web servers running a) WordPress and b) a MySQL database server.

The following tasks are performed automatically in the background through AWS:

  1. Creating an ELB.
  2. Creating a RDS MySQL database.
  3. Creating and attaching security groups.
  4. Creating two web servers.
  5. Creating two EC2 virtual servers.
  6. Installing Apache and PHP via yum.
  7. Install php, php-mysql, mysql, httpd.
  8. Downloading and extracting the latest version of WordPress from http://wordpress.org/latest.tar.gz   
  9. Configuring WordPress to use the created RDS MySQL database 
  10. Starting Apache. 

Before going to the above steps, I would like to show the below diagram for your understanding on “The setup of WP hosting on AWS”. You can download it through the URL given and see it as an image file for your understanding.

AWS-WP-Hosting setup

Now, let us recap our beginning conclusions for this blog. We need to do the below activities till end of the exercise.

  1. Creating a blogging infrastructure.

  2. Analyzing costs of a blogging infrastructure.

  3. Exploring a blogging infrastructure.

  4. Shutting down a blogging infrastructure.

  5. Deleting infrastructure from AWS Account.

1. What actions we need to consider for Creating blogging infrastructure in AWS?: To create the blogging infrastructure we need the below steps to follow on AWS console.

Note: Please note time to time the screen flows [micro level steps] might change on AWS, but the process should be the same to understand on creation of this WP infra.

  1. Open the AWS Management Console at https://console.aws.amazon.com.
  2. Click Services in the navigation bar, and click the Cloud-Formation service.
  3. Click on Create Stack to start the four-step wizard.

Now we will see what are these 4 steps wizard process it contains.

I. Creating a blogging infrastructure: Step 1 of 4

You need to name your infrastructure. Enter “wordpress” as the Name. For Source option, select and  Specify an Amazon S3 Template URL as shown in the screen [lab exercise screen]. Copy this URL and save somewhere in a text file for future reference/usage. About this process, during lab demo you will understand clearly.

II. Creating a blogging infrastructure: Step 2 of 4

Click Next to set the KeyName to “vskumarkey” [example only, you can give any name], for Step 2 of 4. Click Next to create a tag for our infrastructure into next screen. These steps can be seen clearly in lab practices steps.

III. Creating a blogging infrastructure: Step 3 of 4

A tag consists of a key-value pair and can be used to add information to all parts of our infrastructure. We can use tags to differentiate between testing and production resources, add the cost center to easily track costs in our organization [if any], or mark resources that belong to a certain application if we host multiple applications in the same AWS account.

In this example, we will use a tag to mark all of our resources that belong to the “wordpress system”. This will help us later to easily find our infrastructure. Use “system” as the key and “wordpress” as the value.  Click Next. Finally, we will see a confirmation page for Step 4 of 4. For clarity look into lab steps.

IV. Creating a blogging infrastructure: Step 4 of 4

In the Estimate Cost row, click Cost. This will open a new browser tab in the background. Keep this browser open only. We will come back to this screen later. Switch back to the original browser tab and click Create. We can see next Review screen in the next page.

Now, our infrastructure will be created. This Review screen shows that wordpress is in the state of CREATE_IN_PROGRESS. It takes 15-20 mts to complete this process.

Now, please take a look at the result by refreshing the page. Select the “WordPress” row, where Status should be CREATE_COMPLETE. If the status is still CREATE_IN_PROGRESS, be patient until the status becomes CREATE_COMPLETE.

Switch to the Outputs tab [below part of the screen], which is the Blogging infrastructure result. There we can find the URL to our “wordpress system”; click it to visit the system.

What is AWS Automation here?:

As we have discussed in the beginning of this blog, one of the key concepts of AWS is automation. We can automate everything. In the background, our blogging infrastructure was created based on a blueprint with its automation. So the above mentioned [10] tasks have been performed in the background by AWS cloud formation service. You can see the beauty of this automation during lab demonstration.

Blogging infrastructure result:

Now we’ve created our blogging infrastructure, let us take a  look at it. Our infrastructure consists of the following as we discussed in this blog:

  • Web servers
  • Load balancer
  • MySQL database

Now; we will  use the resource groups feature of the Management Console to get an overview.

Exploring the created WP Blogging  infrastructure

Now let us understand;

What is Resource Group in AWS?:

  1. A resource group is a collection of AWS resources.
  2. Resource is an abstract term for something in AWS like an EC2 server, a security group, or a RDS database.
  3. Resources can be tagged with key-value pairs. In such case; let us note we can have more than one key-value pairs.
  4. Resource groups specify what tags are needed for a resource to belong to the group.
  5. Furthermore, a resource group specifies the region(s) where the resource should reside in. It means globally these resource groups can be deployed for its functioning. 
  6. We can use resource groups to group resources if we run multiple systems in the same AWS account. This way we are sharing the resources among the projects or app architectures.
  7. Let us note that we have tagged the blogging infrastructure with the key “system” and the value “wordpress”.
  8. As an example; from now on, we will use this notation for key-value pairs: (system:wordpress). We’ll use that tag to create a resource group for our WordPress infrastructure.  For further clarity please look into the lab steps/video.

Now let us understand;

How to create  a resource group in AWS?:

    1. In the AWS part of the top navigation bar, click Create a Resource Group.
    2. Set Group Name to “wordpress” or whatever you like.
    3. Add the tag system with the value wordpress.
    4. Select the region N. Virginia [for example]. [I have used my existing account]
    5. Save the resource group.
    6. It will take you to next screen shown in next page. Follow the below steps.

How to see the Blogging infrastructure web servers via resource groups details?:

  1. Select Instances under EC2 on the left to see the web servers.
  2. By clicking the arrow icon in the Go column, you can easily jump to the details of a single web server. 
  3. Now, You are  looking at the details of your web server, which is also called an EC2 instance.

Details of web servers running the blogging infrastructure:

  1. On this screen the interesting/important details are as below:
  • Instance type: It tells us about how powerful your instance is.
  • Public IP address: The IP address that is  reachable over the internet. You can use that IP address to connect to the server via SSH.
  • Security groups: If you click on View Rules, you’ll see the active firewall rules like the one that enabled port 22 from all sources (0.0.0.0/0).
  • AMI ID: Let us recollect that we used the Amazon Linux operating system (OS). If you click the AMI ID, you will  see the version number of the OS, among others.  

We also need to know the utilization of webservers, like how we used to monitor in live [for production boxes].

Looking for webserver utilization and metrics in AWS:

2. In the screen; Select the Monitoring tab to see how your web server is utilized.

3. This will become part of our job: really knowing how the infrastructure is doing.

4. AWS collects some metrics and shows them in the Monitoring section. If the CPU is utilized more than 80%, you should add a third server to prevent page load times from increasing.

Now let us understand on;

How to check the Blogging infrastructure load balancer via resource groups?:

  1. We can find the load balancer by selecting Load Balancers under EC2 on the left to the page.
  2. By clicking the arrow icon in the Go column, you can easily jump to the details of the load balancer.
  3. Now, we are looking at the details of your load balancer.
  4. Here; the most interesting part is, “How the load balancer forwards traffic to the web servers?“.
  5. The blogging infrastructure runs on port 80, which is the default HTTP port.
  6. The load balancer accepts only HTTP connections to forward to one of the web servers that also listen on port 80.
  7. The load balancer performs a health check on the virtual servers attached.
  8. Both virtual servers are working as expected, so the load balancer routes traffic to them.    

How to check the MySQL server ?:

Details of the MySQL database which stores data for the blogging infrastructure

  1. Now; let’s look at the MySQL database. You can find the database in a resource group named wordpress.
  2. Select DB Instances under RDS at left.
  3. By clicking the arrow icon in the Go column, you can easily jump to the details of the database.
  4. Now the details of our MySQL database are shown in the screen.
  5. The benefit of using RDS is that we no longer need to worry about backups because AWS performs them automatically.
  6. Updates are performed by AWS in a custom maintenance window. Keep in mind that you can choose the right database size in terms of storage, CPU, and RAM, depending on your needs.
  7. AWS offers many different instance classes, from 1 core with 1 GB RAM up to 32 cores with 244 GB RAM.

Note: I would like to emphasize to compare the traditional [non-cloud] approach. We were using scheduler to backup the DB periodically. Some times we used to shutdown the live systems to take the backups. So, from AWS RDS services we do not need interruption to the business to take backup, RDS takes care everything. We can save the role of sysadmin/DBA while using the AWS services. This way the resources efforts and business services down time are saved.

As we planned three activities for this whole exercise as on now; we have completed the activity of “A) Set up a highly available blogging infrastructure in AWS.”

Now, we are going to work on; “B) Estimate monthly costs of the infrastructure.”

  1. As the  part of this exercise is’ cost estimation also need to be done.
  2. To analyze the cost of our blogging infrastructure, we will  use the AWS Simple Monthly Calculator.
  3. Recollect that we clicked the Cost link in the previous section to open a new browser tab.
  4. Now, switch to that browser tab, and you will see a screen as shown in the below  chart.
  5. To Estimate of our Monthly Bill, and expand the Amazon EC2 Service and Amazon RDS Service rows.

Now, Let us see and understand the below chart.

Blogging infrastructure cost calculation

Now it’s time to evaluate costs. We can see on How much does it cost?

  1. In this example, our infrastructure will cost is around $60 per month.
  2. Let us keep in mind that this is only an estimate.
  3. We are billed based on the actual usage till the end of the month.
  4. Everything is on-demand and usually billed by hours of usage or by gigabytes of usage.
  5. But what influences the usage for this infrastructure?

Let us analyze different situations and identify the costing parameters as below:

Traffic processed by the load balancer: Let us assume; Expect the costs to go down in during festival/vacation season like;  “December and the summer”. When the people are on vacation and not looking at our blogs.

Storage needed for the database: If our startup company increases the number of blogs, the database will grow, so the cost of storage will increase this way.

Number of web servers needed: A single web server is billed by hours of usage. If two web servers are not enough to handle all the traffic during the day, we may need a third server.  By default we need to keep in our AWS/EC2 setup. In that case, we will consume more hours of virtual servers.

Now we had a clear overview of the blogging infrastructure creation and its cost estimation/Analysis. Similar way you will be able to do for your AWS migration projects also.

Now; with reference to  the 3rd  step, it is time to shut down the infrastructure and complete our AWS migration evaluation exercise.

Let us recap our planned 3rd activity;

C) Finally, Delete our blogging infrastructure to save cost from free-tier account.

Now, go to the CloudFormation service in the Management Console and do the following:

  1. Select the WordPress row.
  2. Click Delete Stack, as shown in top of the screen.
  3. After you confirm the deletion of the infrastructure, it takes few minutes for AWS to delete all of the infrastructure’s dependencies.
  4. Please note; this is an efficient way to manage our infrastructure.
  5. Just as the infrastructure’s creation was automated, its deletion is also completely automated.
  6. You can create and delete infrastructure on-demand whenever you would like, and you only pay for infrastructure when you create and run it.  

<===== I copied the relevant lab practiced steps for your easy use ======>

These steps were used as on dated: 9th Sept 2018 on my free-tier account for student purpose.
The AWS might change its Screens flow or UI part time to time.
Hence from the above blog narration some detailed steps are given in the below lab practice steps for your easy use/practice.

1. Sign-in to your AWS console account from URL:
https://aws.amazon.com/

2. Login to the account.
3. Click on Services.
4. Please note we need to use Cloudformation service of AWS in this exercise.
Hence click on Cloudformation.
5. You will be shown the screen to create a new stack. Click on it. Note as mentioned in my blog it has 4 step process.
6. Now, select a sample template. Choose WordPress blog. It creates/shows the S3 template url.
7. Copy the S3 Template URL into a file for future usage.
8. Now, click on Next to go to next screen.
9. Under Specify Details columns, mention the details.
10. Please note my Infra name I want to give “wordpress”.
11. It has the predefined DB “wordpressdb”, I will keep it.
12. I can give DB Passwords, as required in the entry boxes/columns.
13. Dbuser “vskumarwp”. It has instance type t2.small.
14. Now, as you are aware we need to have the local SSH keys which we have created earlier. I have some keys I have selected one. [If you are new for this account, create the SSH keys…]
15. I need to give the range of IPs to be used for our wp servers.
I want to use 192.168.116.9/15.
16. Now, need to click on next…
Please note the above steps are required for you….

17. Let me give System as “worpress” and key as “system” as mentioned in my blog.
18. I want to skip ARN value in this exercise, due to as I mentioned in blog I would like to follow. I will not have any ARN, Hence monitoring is not mandated for me in this exercise. Then press “Next”.

19. Now, we will see the review screen as mentioned in Blog. On reveiw screen press Create button.
20. We are in creation process screen as mentioned in Blog.
CREATE COMPLETE IS DONE NOW.

21. Now let me click on my instance vskumarwp.

22. Now, go to the top navaigation bar and select the resource groups.
23. Select create resource group. You will get a new screen which has some entries and selections. Give tag key as “worpress” and press create group.
24. Next screen it shows wordpress as the resource group name.

25. Now, go to EC2 instance from the left side shown.
Now, you can see in bottom of the screen as mentioned in the blog.

26. I can see ELB by clicking on ELB option in the left panel.
Please note I have not given the ARN. Hence the Monitoring option is not selected.
Due to it might charge me.

27. You can see the cloud watch options through monitoring button in the below part of the screen.

28. Please note the security groups are attached by default.

29. Please note if I want to use this EC2 instance which is prepared for WP, I need to launch in AWS services live.
Which is going to be billed. Hence I will stop at this point.

30. The FINAL step is to delete the Instance of WP. I will go to cloudformation option.
Then it displays the current instance. I will select it and go to actions and select the DELETE STACK Option.
It prompts for ‘YES/NO’, Select Yes. It can take some time to perform deletion.

31. Once it is deleted it will comeback to the Stack creation screen.
Please note I have checked it, there are no existing instances in my current account.
We can see it as terminated instance.

32. So, this way we can create infra and delete it very easily.

33. So, let us have a final conclusion, section from blog.

34. Please call me if you need any coaching for AWS course….
THANKS FOR WATCHING MY VIDEOS/BLOGS ……..

 

Watch the below video on this blog Narration:

https://www.facebook.com/watch/?v=254567748762273

 

For the above steps a 40 mts videos has been made and hosted  on my channel. Please look into it also.

================= End of Lab practice ===============================>

 

Now, after doing all the above steps we can compare our conclusions mentioned in the beginning of this blog. I copied the same for your cross check!!

a) Creating a blogging infrastructure can be fully automated through AWS services.
b) Infrastructure can be created at any time on-demand without any up-front
commitment for how long we will use it in AWS.
c) We can pay for our infrastructure depending on how many hours we use it.
d) Infrastructure consists of several parts,
such as; virtual servers, load balancers, and databases.
e) Infrastructure can be deleted with one click without costing to us.
This process is powered by AWS automation. So it will not be billed to our free tier account after deletion.

I assume now, you are a fearless user of AWS to create the infrastructure through your free-tier account and delete and maintain the account without a cost to your CC/Account.

If you are interested to learn Virtualization with Vagrant visit:

1. Vagrant/Virtual Box:How to create Virtual Machine[VM] on Windows 10?:

Note to the reader of this blog:

If you are not a student of my class, and looking for it please contact me by mail with your LinkedIn identity. And send a connection request with a message on your need. You can use the below contacts. Please note; I teach globally.

Vcard-Shanthi Kumar V-v3

This blog is created as an video  also. There are series of videos made till end of the lab session. At the end,  the lab practices are also recorded for your use with your free AWS account.

 

 

 

 

3. AWS: How to create S3 Bucket and share object URL ?

In this blog, I would like to demonstrate the lab session on:

a) Creating a Bucket on S3.

b) Uploading an Object.

c) Sharing the object URL.

d) Testing the object URL for its display in  Different Laptop.

The attached video has the lab demonstration.

You can watch and give your message.

 

AWS-SAA-Course

How a DevOps Architect role is different from A Cloud Architect ?

Many people might feel the Cloud Architect and DevOps Architect can play dual roles. As per my observation yes, many small and medium level organizations are utilizing the IT Professionals in the same manner. I wrote a blog for these roles segregation with their main Activities. I felt this might help to some of the practitioners.

With reference to my previous blog on Cloud Architect role comparison with DevOps, there were questions on DevOps architect role comparison.

https://vskumar.blog/2018/11/21/how-a-cloud-architect-is-different-from-devops-role/

Basically, A DevOps architect need to work on:

  1. Identifying the Sprint cycles for different projects.
  2. Identifying the different environments needs including the different test levels requirements.
  3. Plan/design the environment specifications to build Infrastructure As A Code [IAC] and guide the DevOps Engineers.
  4. At the same time he/she need to collaborate with the Cloud Architect to seek the permissions/approvals to utilize the cloud environment on these environmental requirements/setup.
  5. Both these architects need to measure the cost of this Infrastructure to estimate and get approval from the management.
  6. The DevOps Architect is also responsible to plan for different production deployments. He/She need to work together with the Cloud Architect to establish this setup.
  7. In the current trend the containerization is accelerating with Cloud technology. Both these architects need to keep working on these areas to reduce the Virtual Machines cost by replacing with containers. At the same time these two people need to think on converting the applications into Microservices slowly with the Agile methods. This will have easy maintenance in future and also the further cost can be reduced in view of infrastructure and the man power. And their guidelines need to submit to management as a proposal. These two people are also responsible to upgrade their teams skills on the new trends in Cloud technology.
  8. If you ask me the question who are the team members for these roles;
  9. DevOps Engineers will report to DevOps Architect.
  10. Cloud/system engineer reports to Cloud Architect.

So these architects need to manage their teams well in view of their skills augmentation and the tasks rolling as per the DevOps Speed/Velocity concepts.

What kind of IT Professionals can be converted into DevOps Architect ?

Basically, the DevOps activities are related to more on Practices and Culture. If your background is related to the below areas in the past, your profile might suit to convert by learning the above mentioned skills.

  • You might have worked on Deployment areas
  • Worked in release management
  • Worked in Development processes implementation areas.
  • You should be savvy in implementing the Agile/Scrum/Lean practices.
  • You should have worked as a Servant leadership role also. [Even as a Scrum master]. In many cases this role is responsible to mentor the teams on different practices implementation by gearing up the teams to follow DevOps Velocity.
  • You should have worked in Identifying the retrospective issues very well and implemented the improvements in different Sprint cycles.
  • He/she should be savvy in learning new technology and transform the knowledge to the teams well. This knowledge should be very simple on the tools features related areas and how they can utilize them in their setup ? How they can reduce the efforts and cost to the company with a ROI Demonstration. They need to prove it to management with a POC.
  • This person is responsible to show some ROI as Cloud Architect does it on DevOps New practices implementation.
  • The DevOps Architect reports to the DevOps Practices head or CIO or CTO. Where as the Cloud Architect reports to CIO or CTO. Depends on the size of the organization, there can be Chief Cloud architect also, where all the Cloud architects report to this position.

https://vskumar.blog/2019/02/14/what-will-be-the-size-of-cloud-market-in-it-by-2022/

Note:

The DevOps Architect need not put his fingers into low level command scripts. It is the responsibility of the DevOps Engineers.

Hope this blog clarifies for many people.

AWS-SAA-Course

 

 

 

 

 

Advt-course3rd page.png
Folks! Greetings!

Are you interested to transform into new technology ?

An IT employee need to learn DevOps and also one cloud technology practice which is mandatory to understand the current DevOps work culture to get accommodated into a project.
Visit for my course exercises/sample videos/blogs on youtube channel and the blog site mentioned in VCard.
I get many new users regularly  to use these content from different countries.
That itself denotes they are highly competitive techie stuff.
During the course you will be given cloud infra machine(s) [they will be your property] into your laptop for future self practice for interviews, R&D, etc.
The critical  topics will have supporting blogs/videos!! along with the pdf material.
In a corporate style training cos you will be given access [upto certain period] only to their cloud setup.
These are the USPs can be compared with other courses!
Please come with joining confirmation/determination.
For classroom sessions it will be in Vijayanagar, Bangalore, India.
Both online and classroom are available for weekend [global flexible timings] and weekdays to facilitate employees.
Corporate companies are welcome to avail it to save cost of your suppliers!!
You can join from any country for online course.
For contacts please go through vCard. Please send E-mail on your willingness.
Looking forward for your learning call/e-mail!
Look into this video also:
Vcard-Shanthi Kumar V-v3
Visit For Aws Lab demo:
WATCH STUDENT FEEDBACK ON AWS:

 

1. AWS:How to create and activate a new account in AWS ?

AWS Account-creation scrn

How to create and activate a new account in AWS ?:

In this blog, you will see the required steps for creating and activating your new AWS account. Once have the activated account, you can start your other lab practices as I discuss in the class timely.

The following are the main 4 steps process we need to follow:

STEP1: Creating your account. It consists of 2 steps: a) Providing a valid e-mail address and choosing a password. b) Providing your contact information and setting your preferences.

STEP2: Add a payment method Please note; you need to have a valid CC to give its details. Amazon verifies its transaction also with a tiny charge and with a credit back. If by mistaken given wrong data please note; your account registration process will not be activated. You will be intimated by mail. This way Amazon is authenticating/authorizing us for AWS usage.

STEP3: Verify your phone number. You need to Provide a phone number where you can be reached in next few minutes, while creating your account.

STEP4: Choose the AWS Support plans. Time to time the AWS plans will be published. You need to choose the plan from the currently available plans for your needs. The relevant URL is given in the detailed steps section in this blog.

As a consolidated process, we can understand from the below flow chart. Which is from the collection of AWS process charts.

AWS Account-creation flowchart

Note:

I am not copying the screens due to privacy.

Detailed steps

STEP1: Detailed steps for Creating your account.

a). You need to go to Amazon Web Services home page URL: https://aws.amazon.com/

b). Now, Choose Sign Up. Click on Create an AWS account. You can see new page with Create an AWS account. You need to enter the required details. E-mail id, Pwd, AWS Account name [you can give any name for this]. And choose continue to go to next page. Please note; The above steps are valid for the new users of AWS. If you enter your email address entered incorrectly, you might not be able to access your account or change your password in the future. So you need to be careful on your data entry part. Let us assume; if you’ve signed in to AWS recently, it might say Sign In to the Console. So you need to login into your existing Account.

c). Now in the current page, choose Professional or personal. These two areas will give equal services. Depends on your need You can choose one of the options.

d). From the above options choosed, type the requested company or personal information entries. Note; At this point, You need to go through the AWS Customer Agreement to know their policies and procedures to follow while operating.

e). Finally, you choose Create Account and Continue options in the bottom.

f). Please note; at this point you will receive an e-mail to confirm that your account is created. Now, you can sign in to your new account using the valid email address and valid password you have supplied earlier.

Please note; we have done the Step1 only, the activation process is not yet completed to use the AWS services. Still we need to follow 3 more steps.

STEP2: Add a payment method- Detailed steps:

At this point; On the Payment Information page,

a) Choose the payment method as per the payment gateway standards which is displayed.

b) Type the requested information associated with your payment method. Please make sure the address for your payment method is the same as the address you provided for your account. Note; If your billing address is different; then choose Use a new address, type the billing address for your payment method.

c) Now, choose Secure Submit.

STEP3: Verify your phone number.

Please keep a valid and handy phone number at this point.

a) On this Phone Verification page, type a phone number where can use to accept incoming phone calls.

b) Enter the code displayed in the captcha. When you’re ready to receive a call, choose Call me now option.

c) In a few moments, an automated system will call you to your given phone number. Even it might have SMS feature also, if you are outside North America region.

d) Type the provided PIN on your phone’s keypad of the AWS screen. e) After the process is complete, choose Continue.

STEP4: Choose the AWS Support plans.

a) At this point please visit the below URL: https://aws.amazon.com/premiumsupport/features/

You can select the AWS support plans from the given list.

b) After your selection of a Support plan, a confirmation page denotes that your account is being activated.

c) Please note; Accounts are usually activated within a few minutes, but the process might take up to 24 hours. This process includes the validation of Bank/CC account given there.

d) Hence keep looking for a mail on this subject from Amazon to start your AWS services usage.

Assuming everything went well, and your AWS account is activated now.  Congratulations!

We can look into next lab with reference to the class session.

2. AWS: WordPress[WP] infrastructure creation using a free tier account

https://wordpress.com/post/vskumar.blog/2884

 

If you are interested to learn Virtualization with Vagrant visit:

1. Vagrant/Virtual Box:How to create Virtual Machine[VM] on Windows 10?:

 

Note:

If you are not a student of my class, and looking for it please contact me by mail with your LinkedIn identity. And send a connection request with a message on your need. You can use the below contacts. Please note; I teach globally.

 

Vcard-Shanthi Kumar V-v3

27.DevOps:Working with SSH for Ansible usage

ssh

Working with SSH for Ansible usage:
With reference to my blog on Ansible installation on Ubuntu VM,  https://vskumar.blog/2018/05/08/23-devops-how-to-install-ansible-on-ubuntu-linux-vm/

in this blog, I have demonstrated on playing around with ssh among three
ubuntu Vmware Virtual machines.

To use Ansible exercises we need to follow the below pre-requisites with ssh operations.

Pre-requisites for Ansible usage:
https://help.ubuntu.com/community/SSH/OpenSSH/Keys

SSH Keys for Ansible VMs usage:
Before using Ansible we need to make sure the SSH is installed in the
VMs.
I would like to give the steps for this setup as below:

Pre-requisite Step1:
Install OpenSSH on Ubuntu.
Update the package index using the following command:
sudo apt-get update

To install the OpenSSH server application as well as the other related
packages use the command below:
sudo apt-get install openssh-server

Further, you can install the OpenSSH client application using
the following command:
sudo apt-get install openssh-client

Pre-requisite Step2:
Configure OpenSSH on Ubuntu
Before making any changes in OpenSSH configuration,
we need to know how to manage the OpenSSH service on Ubuntu VMs.

How to check ssh version?:
use the command; ssh -V

i) To start the service we can use the following command:
sudo systemctl start sshd.service

ii) To stop the service we can use:
sudo systemctl stop sshd.service

iii) To restart the service we can use:
sudo systemctl restart sshd.service

iv) To check the status of the service we can use:
sudo systemctl status sshd.service

v) If we want to enable the service on system boot we can use:
sudo systemctl enable sshd.service

vi) If we want to disable the service on system boot we can use:
sudo systemctl disable sshd.service

vii) The configuration file for the OpenSSH server application
is in the folder:/etc/ssh/sshd_config
We need to update the default port in this file.
We need to make sure to create a backup of the original configuration before
making any changes:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig

We can edit the file by using a text editor of our choice either vi or vim, etc..
The first thing we must do is to change the default SSH listening port.
Open the file and locate the line that specifies the listening port:
Port 22
Change it to your desired port number. Ex: Port 1990

Save the file and close it.
Then restart the service for the changes to take effect.

Note:
After making any changes in the OpenSSH configuration you need to restart the service
for the changes to take effect.

Pre-requisite Step3: Create an SSH key pair
Please note, during Ansible exercise or other DevOps tools, we need to connect to other VMs using SSH keys.

Let us note; the Key-based authentication uses two keys, one “public” key that anyone is allowed
to see.
And another “private” key that only the owner is allowed to see.
To securely communicate using key-based authentication, one needs to create a key pair,
securely store the private key on the computer which we want to log in from [Source machine],
and store the public key on the other Virtual Machine[Target machine] one wants to log in to.
Using key based logins with ssh is generally considered more secure than using plain password logins.

Now, let us see these steps:
1. Generating RSA Keys:
Our first step involves creating a set of RSA keys for use in authentication.
This should be done on the client.
To create our public and private SSH keys we need to use the below commands:
mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t rsa

We will be prompted for a location to save the keys, and a passphrase for the keys.
This passphrase will protect our private key while it’s stored on the hard drive:

=== Sample Output ====>
Generating public/private rsa key pair.
Enter file in which to save the key (/home/b/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/b/.ssh/id_rsa.
Your public key has been saved in /home/b/.ssh/id_rsa.pub.
======================>
Note; An SSH key passphrase is a secondary form of security.
You need to remember it while logging the remote machine.
Now, our public key is now available as .ssh/id_rsa.pub in the home directory.

The file name and pwd can be given when you follow rigid security procedures as per your project setup. Here if you avoid in giving name/pwd, it makes us easy to copy the key file to target machine.

2. Transfer Client Key to Host:
The key we need to transfer to the host is the public one.
If we can log in to a computer over SSH using a password,
we can transfer our RSA key by doing the following from our own computer:
Command format:
====>
ssh-copy-id <username>@<host>
====>
Note: The <username> and <host> should be replaced by our username
and the name of the computer we’re transferring our key to.

TIP on Port# usage:
We cannot specify a port other than the standard port 22 [unless we changed it to
another port# in the target VM]. we can work around this by issuing the
command like this: ssh-copy-id “<username>@<host> -p <port_nr>”.
If we are using the standard port 22, we can ignore this tip.

We can make sure this worked by doing the below command test:
ssh <username>@<host>

We should be prompted for the passphrase for our key:
Enter passphrase for key ‘/home/<user>/.ssh/id_rsa’:
Enter your passphrase, and provided host is configured to allow key-based logins,
we should then be logged in as usual.

 

How to remove the existing SSH from Ubuntu ?
If we have already ssh we can use the below steps to remove and
get the latest setup.

Step1: Stop SSH service before uninstalling it.
service ssh stop

Step2: Now, we need to Uninstall and remove the ssh package from the machine by using the below
apt-get command.

apt-get purge openssh-server

Now you can check its status using ssh -VM
If it is not there you should not get the version.

Please note my VMs Ips,where i will apply some exercises timely:

IP of Ans-ControlMachine:
192.168.116.132

IP of VM1:
192.168.116.134

IP of VM2:
192.168.116.135

IP of VM3:
192.168.116.133

The machine names are prompted in CLI.
I am using these four Virtual machines on Vmware environment with player as well as Workstation.

I have played around with SSH among these machines.
I have copied most of the screen outputs in this content.

Removing SSH from one Virtual machine for installating procedure testing:
I have preloaded SSH earlier.
I am purging SSH in one Virtual machine to demonstrate the exercise.
And below I have copied the screen outputs also.

==== Screen outputs for Ans-ControlMachine =====>
=== Removing SSH from Ans-ControlMachine=========>
vskumar@ubuntu:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016
vskumar@ubuntu:~$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~$ service ssh stop
Failed to stop ssh.service: Unit ssh.service not loaded.
vskumar@ubuntu:~$ service ssh status
● ssh.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
vskumar@ubuntu:~$
vskumar@ubuntu:~$ apt-get -purge openssh-server
E: Command line option ‘p’ [from -purge] is not understood in combination with the other options.
vskumar@ubuntu:~$ apt-get purge remove openssh-server
E: Could not open lock file /var/lib/dpkg/lock – open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
vskumar@ubuntu:~$ sudo apt-get purge remove openssh-server
Reading package lists… Done
Building dependency tree
Reading state information… Done
E: Unable to locate package remove
vskumar@ubuntu:~$ sudo apt-get purge openssh-server
Reading package lists… Done
Building dependency tree
Reading state information… Done
Package ‘openssh-server’ is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 432 not upgraded.

vskumar@ubuntu:~$ sudo apt-get purge openssh-client
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages will be REMOVED:
openssh-client* snapd* ubuntu-core-launcher*
0 upgraded, 0 newly installed, 3 to remove and 429 not upgraded.
After this operation, 61.7 MB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database … 176110 files and directories currently installed.)
Removing ubuntu-core-launcher (2.25) …
Removing snapd (2.25) …
Warning: Stopping snapd.service, but it can still be activated by:
snapd.socket
Purging configuration files for snapd (2.25) …
Final directory cleanup
Discarding preserved snap namespaces
umount: /run/snapd/ns/*.mnt: mountpoint not found
umount: /run/snapd/ns/: mountpoint not found
Removing extra snap-confine apparmor rules
Removing snapd state
Removing openssh-client (1:7.2p2-4ubuntu2.2) …
Purging configuration files for openssh-client (1:7.2p2-4ubuntu2.2) …
Processing triggers for man-db (2.7.5-1) …

vskumar@ubuntu:~$
s for man-db (2.7.5-1) …
vskumar@ubuntu:~$
vskumar@ubuntu:~$ ssh -V
bash: /usr/bin/ssh: No such file or directory
vskumar@ubuntu:~$
== So we have completely removed the SSH ====>
=== from Ans-ControlMachine=========>

Installing SSH into Ans-ControlMachine:

Now, let me install the SSH server and client also.
Step1:
Let update the packages.
sudo apt-get update

== Output =======>
vskumar@ubuntu:~$ sudo apt-get update

Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [107 kB]
Hit:2 http://us.archive.ubuntu.com/ubuntu xenial InRelease
Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [109 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease [107 kB]
Get:5 http://security.ubuntu.com/ubuntu xenial-security/main amd64 DEP-11 Metadata [67.7 kB]
Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 DEP-11 Metadata [319 kB]
Get:7 http://security.ubuntu.com/ubuntu xenial-security/main DEP-11 64×64 Icons [72.6 kB]
Get:8 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 DEP-11 Metadata [107 kB]
Get:9 http://security.ubuntu.com/ubuntu xenial-security/universe DEP-11 64×64 Icons [147 kB]
Get:10 http://us.archive.ubuntu.com/ubuntu xenial-updates/main DEP-11 64×64 Icons [226 kB]
Get:11 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 DEP-11 Metadata [246 kB]
Get:12 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe DEP-11 64×64 Icons [331 kB]
Get:13 http://us.archive.ubuntu.com/ubuntu xenial-updates/multiverse amd64 DEP-11 Metadata [5,964 B]
Get:14 http://us.archive.ubuntu.com/ubuntu xenial-backports/main amd64 DEP-11 Metadata [3,324 B]
Get:15 http://us.archive.ubuntu.com/ubuntu xenial-backports/universe amd64 DEP-11 Metadata [5,088 B]
Fetched 1,853 kB in 11s (168 kB/s)
Reading package lists… Done
vskumar@ubuntu:~$
============>

Step2: Installing server
Now, we will use the below command to install ssh srver:
sudo apt-get install openssh-server

==== Screen output ======>
vskumar@ubuntu:~$ sudo apt-get install openssh-server
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
ncurses-term openssh-client openssh-sftp-server ssh-import-id
Suggested packages:
ssh-askpass libpam-ssh keychain monkeysphere rssh molly-guard
The following NEW packages will be installed:
ncurses-term openssh-client openssh-server openssh-sftp-server ssh-import-id
0 upgraded, 5 newly installed, 0 to remove and 429 not upgraded.
Need to get 1,222 kB of archives.
After this operation, 8,917 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-client amd64 1:7.2p2-4ubuntu2.4 [589 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 ncurses-term all 6.0+20160213-1ubuntu1 [249 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-sftp-server amd64 1:7.2p2-4ubuntu2.4 [38.7 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-server amd64 1:7.2p2-4ubuntu2.4 [335 kB]
Get:5 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 ssh-import-id all 5.5-0ubuntu1 [10.2 kB]
Fetched 1,222 kB in 7s (162 kB/s)
Preconfiguring packages …
Selecting previously unselected package openssh-client.
(Reading database … 176023 files and directories currently installed.)
Preparing to unpack …/openssh-client_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-client (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package ncurses-term.
Preparing to unpack …/ncurses-term_6.0+20160213-1ubuntu1_all.deb …
Unpacking ncurses-term (6.0+20160213-1ubuntu1) …
Selecting previously unselected package openssh-sftp-server.
Preparing to unpack …/openssh-sftp-server_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-sftp-server (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package openssh-server.
Preparing to unpack …/openssh-server_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-server (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package ssh-import-id.
Preparing to unpack …/ssh-import-id_5.5-0ubuntu1_all.deb …
Unpacking ssh-import-id (5.5-0ubuntu1) …
Processing triggers for man-db (2.7.5-1) …
Processing triggers for ufw (0.35-0ubuntu2) …
Processing triggers for systemd (229-4ubuntu19) …
Processing triggers for ureadahead (0.100.0-19) …
Setting up openssh-client (1:7.2p2-4ubuntu2.4) …
Setting up ncurses-term (6.0+20160213-1ubuntu1) …
Setting up openssh-sftp-server (1:7.2p2-4ubuntu2.4) …
Setting up openssh-server (1:7.2p2-4ubuntu2.4) …
Creating SSH2 RSA key; this may take some time …
2048 SHA256:3yMAIuH8WhE4tf0kwEqrBHo7gxj3nYq/RTXhYMrpz/s root@ubuntu (RSA)
Creating SSH2 DSA key; this may take some time …
1024 SHA256:HoY3UATMD48l8tOWSWQcJWtwK+s98j7WpD7WGEPsbVo root@ubuntu (DSA)
Creating SSH2 ECDSA key; this may take some time …
256 SHA256:sIDDAzkiGiTCzpGHOTEU3QbG/oNn4DNvXxHtm7kzAZ4 root@ubuntu (ECDSA)
Creating SSH2 ED25519 key; this may take some time …
256 SHA256:hGlI7mLNIGbU2bs/igS1YZrNwxxCvFpszZxOCAOozGk root@ubuntu (ED25519)
Setting up ssh-import-id (5.5-0ubuntu1) …
Processing triggers for systemd (229-4ubuntu19) …
Processing triggers for ureadahead (0.100.0-19) …
Processing triggers for ufw (0.35-0ubuntu2) …
vskumar@ubuntu:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
vskumar@ubuntu:~$
=======================>

Step3: install client
We can try to install the OpenSSH client application using
the following command:
sudo apt-get install openssh-client

==== Screen output =====================>
vskumar@ubuntu:~$
vskumar@ubuntu:~$ sudo apt-get install openssh-client
Reading package lists… Done
Building dependency tree
Reading state information… Done
openssh-client is already the newest version (1:7.2p2-4ubuntu2.4).
openssh-client set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 429 not upgraded.
vskumar@ubuntu:~$
=== It is installed along with server ====>

Step4:
Now, let us check the status:

=== Status of SSH server ===>
vskumar@ubuntu:~$ sudo systemctl status sshd.service
● ssh.service – OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab
Active: active (running) since Sat 2018-05-26 05:21:18 PDT; 6min ago
Main PID: 4645 (sshd)
CGroup: /system.slice/ssh.service
└─4645 /usr/sbin/sshd -D

May 26 05:21:17 ubuntu systemd[1]: Starting OpenBSD Secure Shell server…
May 26 05:21:17 ubuntu sshd[4645]: Server listening on 0.0.0.0 port 22.
May 26 05:21:17 ubuntu sshd[4645]: Server listening on :: port 22.
May 26 05:21:18 ubuntu systemd[1]: Started OpenBSD Secure Shell server.
lines 1-11/11 (END)
vskumar@ubuntu:~$
============================>

Generating RSA Keys:
Step1:
To create our public and private SSH keys we need to use the below commands:
mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t rsa

=== Screen output ===>
vskumar@ubuntu:~$ ls
Desktop Downloads Music Public Videos
Documents examples.desktop Pictures Templates
vskumar@ubuntu:~$ ls -la
total 116
drwxr-xr-x 17 vskumar vskumar 4096 May 26 05:30 .
drwxr-xr-x 3 root root 4096 Nov 22 2017 ..
-rw——- 1 vskumar vskumar 524 Mar 6 18:06 .bash_history
-rw-r–r– 1 vskumar vskumar 220 Nov 22 2017 .bash_logout
-rw-r–r– 1 vskumar vskumar 3771 Nov 22 2017 .bashrc
drwx—— 13 vskumar vskumar 4096 May 26 04:45 .cache
drwx—— 14 vskumar vskumar 4096 Nov 22 2017 .config
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Desktop
-rw-r–r– 1 vskumar vskumar 25 Nov 22 2017 .dmrc
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Documents
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Downloads
-rw-r–r– 1 vskumar vskumar 8980 Nov 22 2017 examples.desktop
drwx—— 2 vskumar vskumar 4096 Dec 22 21:36 .gconf
drwx—— 3 vskumar vskumar 4096 May 26 04:42 .gnupg
-rw——- 1 vskumar vskumar 3498 May 26 04:42 .ICEauthority
drwx—— 3 vskumar vskumar 4096 Nov 22 2017 .local
drwx—— 4 vskumar vskumar 4096 Nov 22 2017 .mozilla
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Music
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Pictures
-rw-r–r– 1 vskumar vskumar 655 Nov 22 2017 .profile
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Public
drwxrwxr-x 2 vskumar vskumar 4096 May 26 05:30 .ssh
-rw-r–r– 1 vskumar vskumar 0 Nov 22 2017 .sudo_as_admin_successful
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Templates
drwxr-xr-x 2 vskumar vskumar 4096 Nov 22 2017 Videos
-rw——- 1 vskumar vskumar 51 May 26 04:42 .Xauthority
-rw——- 1 vskumar vskumar 82 May 26 04:42 .xsession-errors
-rw——- 1 vskumar vskumar 82 May 26 03:11 .xsession-errors.old
vskumar@ubuntu:~$
vskumar@ubuntu:~$ chmod 700 ~/.ssh
I copied on the below line:
drwx—— 2 vskumar vskumar 4096 May 26 05:30 .ssh
The rights are changed.
======================>

=========================>
vskumar@ubuntu:~$
vskumar@ubuntu:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/vskumar/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/vskumar/.ssh/id_rsa.
Your public key has been saved in /home/vskumar/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:jLVDx+RqfC+3lo3qcajm+gcHO+44+h/cfTDDLHtsEAg vskumar@ubuntu
The key’s randomart image is:
+—[RSA 2048]—-+
| E . |
| . = |
| + = |
| *.+ + |
| . So+ * |
| o++.O + |
| .o+* O+. |
| ..oo.B+o. |
| .o+O*ooo. |
+—-[SHA256]—–+
vskumar@ubuntu:~$
=== I have given the pwd for passphrase ====>

Step2: Transfer Client Key to Host
ssh-copy-id <username>@<host>
I will try with VM1.
==== Copting ssh id to VM1 ====>
== From Ans-ControlMachine ====>
vskumar@ubuntu:~/.ssh$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~/.ssh$ ls
id_rsa id_rsa.pub known_hosts
vskumar@ubuntu:~/.ssh$ ssh ssh-copy-id vskumar@192.168.116.134
ssh: Could not resolve hostname ssh-copy-id: Name or service not known
vskumar@ubuntu:~/.ssh$ sudo ssh-copy-id vskumar@192.168.116.134
[sudo] password for vskumar:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/vskumar/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.116.134 (192.168.116.134)’ can’t be established.
ECDSA key fingerprint is SHA256:ZPPT6yQv8nAC1A6cDkeIssDYiim81f4/88I+NNVm1Iw.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
vskumar@192.168.116.134’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘vskumar@192.168.116.134′”
and check to make sure that only the key(s) you wanted were added.

vskumar@ubuntu:~/.ssh$

==== Copied ssh key to VM1 ===>

======From VM1 =====>
vskumar@VM1:~$
vskumar@VM1:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016
vskumar@VM1:~$ service ssh stop
Failed to stop ssh.service: Unit ssh.service not loaded.
vskumar@VM1:~$ apt-get -purge openssh-server
E: Command line option ‘p’ [from -purge] is not understood in combination with the other options.
vskumar@VM1:~$ sudo apt-get -purge openssh-server
[sudo] password for vskumar:
E: Command line option ‘p’ [from -purge] is not understood in combination with the other options.
vskumar@VM1:~$ sudo apt-get purge openssh-server
Reading package lists… Done
Building dependency tree
Reading state information… Done
Package ‘openssh-server’ is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 432 not upgraded.
vskumar@VM1:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016
vskumar@VM1:~$ sudo apt-get purge openssh-client
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages will be REMOVED:
openssh-client* snapd* ubuntu-core-launcher*
0 upgraded, 0 newly installed, 3 to remove and 429 not upgraded.
After this operation, 61.7 MB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database … 176110 files and directories currently installed.)
Removing ubuntu-core-launcher (2.25) …
Removing snapd (2.25) …
Warning: Stopping snapd.service, but it can still be activated by:
snapd.socket
Purging configuration files for snapd (2.25) …
Final directory cleanup
Discarding preserved snap namespaces
umount: /run/snapd/ns/*.mnt: mountpoint not found
umount: /run/snapd/ns/: mountpoint not found
Removing extra snap-confine apparmor rules
Removing snapd state
Removing openssh-client (1:7.2p2-4ubuntu2.2) …
Purging configuration files for openssh-client (1:7.2p2-4ubuntu2.2) …
Processing triggers for man-db (2.7.5-1) …
vskumar@VM1:~$
vskumar@VM1:~$ ssh -V
bash: /usr/bin/ssh: No such file or directory
vskumar@VM1:~$

vskumar@VM1:~$ sudo apt-get update
0% [Working]
Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [107 kB]
Hit:2 http://us.archive.ubuntu.com/ubuntu xenial InRelease
Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [109 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease [107 kB]
Get:5 http://security.ubuntu.com/ubuntu xenial-security/main amd64 DEP-11 Metadata [67.7 kB]
Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [783 kB]
Get:7 http://security.ubuntu.com/ubuntu xenial-security/main DEP-11 64×64 Icons [72.6 kB]
Get:8 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 DEP-11 Metadata [107 kB]
Get:9 http://security.ubuntu.com/ubuntu xenial-security/universe DEP-11 64×64 Icons [147 kB]
Get:10 http://us.archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages [718 kB]
Get:11 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 DEP-11 Metadata [319 kB]
Get:12 http://us.archive.ubuntu.com/ubuntu xenial-updates/main DEP-11 64×64 Icons [226 kB]
Get:13 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages [631 kB]
Get:14 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe i386 Packages [577 kB]
Get:15 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe amd64 DEP-11 Metadata [246 kB]
Get:16 http://us.archive.ubuntu.com/ubuntu xenial-updates/universe DEP-11 64×64 Icons [331 kB]
Get:17 http://us.archive.ubuntu.com/ubuntu xenial-updates/multiverse amd64 DEP-11 Metadata [5,964 B]
Get:18 http://us.archive.ubuntu.com/ubuntu xenial-backports/main amd64 DEP-11 Metadata [3,324 B]
Get:19 http://us.archive.ubuntu.com/ubuntu xenial-backports/universe amd64 DEP-11 Metadata [5,088 B]
Fetched 4,562 kB in 24s (187 kB/s)
Reading package lists… Done
vskumar@VM1:~$

vskumar@VM1:~$
vskumar@VM1:~$ sudo apt-get install openssh-server
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
ncurses-term openssh-client openssh-sftp-server ssh-import-id
Suggested packages:
ssh-askpass libpam-ssh keychain monkeysphere rssh molly-guard
The following NEW packages will be installed:
ncurses-term openssh-client openssh-server openssh-sftp-server ssh-import-id
0 upgraded, 5 newly installed, 0 to remove and 429 not upgraded.
Need to get 1,222 kB of archives.
After this operation, 8,917 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-client amd64 1:7.2p2-4ubuntu2.4 [589 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 ncurses-term all 6.0+20160213-1ubuntu1 [249 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-sftp-server amd64 1:7.2p2-4ubuntu2.4 [38.7 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-server amd64 1:7.2p2-4ubuntu2.4 [335 kB]
Get:5 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 ssh-import-id all 5.5-0ubuntu1 [10.2 kB]
Fetched 1,222 kB in 7s (160 kB/s)
Preconfiguring packages …
Selecting previously unselected package openssh-client.
(Reading database … 176023 files and directories currently installed.)
Preparing to unpack …/openssh-client_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-client (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package ncurses-term.
Preparing to unpack …/ncurses-term_6.0+20160213-1ubuntu1_all.deb …
Unpacking ncurses-term (6.0+20160213-1ubuntu1) …
Selecting previously unselected package openssh-sftp-server.
Preparing to unpack …/openssh-sftp-server_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-sftp-server (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package openssh-server.
Preparing to unpack …/openssh-server_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-server (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package ssh-import-id.
Preparing to unpack …/ssh-import-id_5.5-0ubuntu1_all.deb …
Unpacking ssh-import-id (5.5-0ubuntu1) …
Processing triggers for man-db (2.7.5-1) …
Processing triggers for ufw (0.35-0ubuntu2) …
Processing triggers for systemd (229-4ubuntu19) …
Processing triggers for ureadahead (0.100.0-19) …
Setting up openssh-client (1:7.2p2-4ubuntu2.4) …
Setting up ncurses-term (6.0+20160213-1ubuntu1) …
Setting up openssh-sftp-server (1:7.2p2-4ubuntu2.4) …
Setting up openssh-server (1:7.2p2-4ubuntu2.4) …
Creating SSH2 RSA key; this may take some time …
2048 SHA256:4efQhtH82rrRfTvvYxt3Wu7lJg0HJcW66yEi6WaTN+c root@VM1 (RSA)
Creating SSH2 DSA key; this may take some time …
1024 SHA256:fGZ3vX279MRTXsRhzYyHSPIwVv7ge2/WRQmh+SHlIZo root@VM1 (DSA)
Creating SSH2 ECDSA key; this may take some time …
256 SHA256:ZPPT6yQv8nAC1A6cDkeIssDYiim81f4/88I+NNVm1Iw root@VM1 (ECDSA)
Creating SSH2 ED25519 key; this may take some time …
256 SHA256:5rZGM1Q0vbVD82kcvKS4NdtzCGgDIaiEjL+C01+iJgU root@VM1 (ED25519)
Setting up ssh-import-id (5.5-0ubuntu1) …
Processing triggers for systemd (229-4ubuntu19) …
Processing triggers for ureadahead (0.100.0-19) …
Processing triggers for ufw (0.35-0ubuntu2) …
vskumar@VM1:~$
vskumar@VM1:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
vskumar@VM1:~$

==========================>

 

===Connecting to >
vskumar@VM1:~$ ssh vskumar@Ans-ControlMachine
ssh: Could not resolve hostname ans-controlmachine: Name or service not known
vskumar@VM1:~$ ssh vskumar@192.168.116.132
The authenticity of host ‘192.168.116.132 (192.168.116.132)’ can’t be established.
ECDSA key fingerprint is SHA256:sIDDAzkiGiTCzpGHOTEU3QbG/oNn4DNvXxHtm7kzAZ4.
Are you sure you want to continue connecting (yes/no)? y
Please type ‘yes’ or ‘no’: yes
Warning: Permanently added ‘192.168.116.132’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.132’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

 

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

vskumar@ubuntu:~$

vskumar@ubuntu:~$ pwd
/home/vskumar
vskumar@ubuntu:~$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~$ exit
logout
Connection to 192.168.116.132 closed.
vskumar@VM1:~$ cat /etc/hostname
VM1
vskumar@VM1:~$
==== Connected from VM1 to ======>
==== Ans-ControlMachine and exit ======>

I am connecting to VM1 from Ans-ControlMachine through ssh.

== Connecting to VM1 from ==>
====Ans-ControlMachine =====>
vskumar@ubuntu:~/.ssh$ ssh vskumar@192.168.116.134
The authenticity of host ‘192.168.116.134 (192.168.116.134)’ can’t be established.
ECDSA key fingerprint is SHA256:ZPPT6yQv8nAC1A6cDkeIssDYiim81f4/88I+NNVm1Iw.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.116.134’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.134’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

 

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

vskumar@VM1:~$ cat /etc/hostname
VM1
vskumar@VM1:~$
vskumar@VM1:~$
vskumar@VM1:~$ exit
logout
Connection to 192.168.116.134 closed.
vskumar@ubuntu:~/.ssh$
vskumar@ubuntu:~/.ssh$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~/.ssh$
======= Exit from VM1 And back ====>
==== to Ans-ControlMachine ====>

 

=== Connecting from VM1 to VM2 ===>
== Connecting in the same SSH ====>
== From VM1 to Ans-ControlMachine ====>
== You can play around with ssh ====>
== Across VMs by using IPs ========>
vskumar@VM2:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016
vskumar@VM2:~$ sudo ssh vskumar@VM1
[sudo] password for vskumar:
ssh: Could not resolve hostname vm1: Name or service not known
vskumar@VM2:~$ sudo ssh vskumar@192.168.116.134
The authenticity of host ‘192.168.116.134 (192.168.116.134)’ can’t be established.
ECDSA key fingerprint is SHA256:ZPPT6yQv8nAC1A6cDkeIssDYiim81f4/88I+NNVm1Iw.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.116.134’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.134’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

Last login: Sat May 26 06:00:10 2018 from 192.168.116.132
vskumar@VM1:~$ cat /etc/hostname
VM1
vskumar@VM1:~$ ssh vskumar@192.168.116.132
vskumar@192.168.116.132’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

Last login: Sat May 26 05:55:36 2018 from 192.168.116.134
vskumar@ubuntu:~$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~$
vskumar@ubuntu:~$ exit
logout
Connection to 192.168.116.132 closed.
vskumar@VM1:~$

vskumar@VM1:~$ exit
logout
Connection to 192.168.116.134 closed.
vskumar@VM2:~$ cat /etc/hostname
VM2
vskumar@VM2:~$
== We have played around 3 VMs ===>
=== With SSH =====================>

 

=== Connecting from VM2 ===>
==== tO Ans-ControlMachine===>
vskumar@VM2:~$ ssh vskumar@192.168.116.132
The authenticity of host ‘192.168.116.132 (192.168.116.132)’ can’t be established.
ECDSA key fingerprint is SHA256:sIDDAzkiGiTCzpGHOTEU3QbG/oNn4DNvXxHtm7kzAZ4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.116.132’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.132’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

Last login: Sat May 26 06:05:18 2018 from 192.168.116.134
vskumar@ubuntu:~$
vskumar@ubuntu:~$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~$
vskumar@ubuntu:~$ exit
logout
Connection to 192.168.116.132 closed.
vskumar@VM2:~$
==== Conneted from VM2 ==>

=== Removing ssh from VM2 ====>
== To have clean files ========>
vskumar@VM2:~$ sudo apt-get purge openssh-client
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages will be REMOVED:
openssh-client* snapd* ubuntu-core-launcher*
0 upgraded, 0 newly installed, 3 to remove and 429 not upgraded.
After this operation, 61.7 MB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database … 176110 files and directories currently installed.)
Removing ubuntu-core-launcher (2.25) …
Removing snapd (2.25) …
Warning: Stopping snapd.service, but it can still be activated by:
snapd.socket
Purging configuration files for snapd (2.25) …
Final directory cleanup
Discarding preserved snap namespaces
umount: /run/snapd/ns/*.mnt: mountpoint not found
umount: /run/snapd/ns/: mountpoint not found
Removing extra snap-confine apparmor rules
Removing snapd state
Removing openssh-client (1:7.2p2-4ubuntu2.2) …
Purging configuration files for openssh-client (1:7.2p2-4ubuntu2.2) …
Processing triggers for man-db (2.7.5-1) …
vskumar@VM2:~$
vskumar@VM2:~$ ssh -V
bash: /usr/bin/ssh: No such file or directory
vskumar@VM2:~$
===== SSH is removed in VM2 ====>

=== Installing ssh in VM2 ====>
vskumar@VM2:~$ sudo apt-get install openssh-server
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
ncurses-term openssh-client openssh-sftp-server ssh-import-id
Suggested packages:
ssh-askpass libpam-ssh keychain monkeysphere rssh molly-guard
The following NEW packages will be installed:
ncurses-term openssh-client openssh-server openssh-sftp-server ssh-import-id
0 upgraded, 5 newly installed, 0 to remove and 429 not upgraded.
Need to get 633 kB/1,222 kB of archives.
After this operation, 8,917 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 ncurses-term all 6.0+20160213-1ubuntu1 [249 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-sftp-server amd64 1:7.2p2-4ubuntu2.4 [38.7 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 openssh-server amd64 1:7.2p2-4ubuntu2.4 [335 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 ssh-import-id all 5.5-0ubuntu1 [10.2 kB]
Fetched 633 kB in 34s (18.5 kB/s)
Preconfiguring packages …
Selecting previously unselected package openssh-client.
(Reading database … 176023 files and directories currently installed.)
Preparing to unpack …/openssh-client_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-client (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package ncurses-term.
Preparing to unpack …/ncurses-term_6.0+20160213-1ubuntu1_all.deb …
Unpacking ncurses-term (6.0+20160213-1ubuntu1) …
Selecting previously unselected package openssh-sftp-server.
Preparing to unpack …/openssh-sftp-server_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-sftp-server (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package openssh-server.
Preparing to unpack …/openssh-server_1%3a7.2p2-4ubuntu2.4_amd64.deb …
Unpacking openssh-server (1:7.2p2-4ubuntu2.4) …
Selecting previously unselected package ssh-import-id.
Preparing to unpack …/ssh-import-id_5.5-0ubuntu1_all.deb …
Unpacking ssh-import-id (5.5-0ubuntu1) …
Processing triggers for man-db (2.7.5-1) …
Processing triggers for ufw (0.35-0ubuntu2) …
Processing triggers for systemd (229-4ubuntu19) …
Processing triggers for ureadahead (0.100.0-19) …
Setting up openssh-client (1:7.2p2-4ubuntu2.4) …
Setting up ncurses-term (6.0+20160213-1ubuntu1) …
Setting up openssh-sftp-server (1:7.2p2-4ubuntu2.4) …
Setting up openssh-server (1:7.2p2-4ubuntu2.4) …
Creating SSH2 RSA key; this may take some time …
2048 SHA256:JzaY4P+pXshET4rzo/+nkNxGxWe9Hl2Vljd5OV9upko root@VM2 (RSA)
Creating SSH2 DSA key; this may take some time …
1024 SHA256:M49R3FKLVlxGFRw8Caf+s1ktna9h3Ak5Ls93+TyBrac root@VM2 (DSA)
Creating SSH2 ECDSA key; this may take some time …
256 SHA256:/HtM2RyrOSeFO01WW3d1S5fcB9mBM7MApniY54Nq4k4 root@VM2 (ECDSA)
Creating SSH2 ED25519 key; this may take some time …
256 SHA256:lbmYMsRLrCR23898dlX4TidNFYkasm3w/lpyl0oZXfg root@VM2 (ED25519)
Setting up ssh-import-id (5.5-0ubuntu1) …
Processing triggers for systemd (229-4ubuntu19) …
Processing triggers for ureadahead (0.100.0-19) …
Processing triggers for ufw (0.35-0ubuntu2) …
vskumar@VM2:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
vskumar@VM2:~$
== Now VM2 has the complete ssh =====>

=== Now let me connect to ===>
====Ans-ControlMachine ======>
== From VM2 =================>

vskumar@VM2:~$ sudo ssh vskumar@192.168.116.132
The authenticity of host ‘192.168.116.132 (192.168.116.132)’ can’t be established.
ECDSA key fingerprint is SHA256:sIDDAzkiGiTCzpGHOTEU3QbG/oNn4DNvXxHtm7kzAZ4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.116.132’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.132’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

Last login: Sat May 26 06:58:14 2018 from 192.168.116.135
vskumar@ubuntu:~$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~$
vskumar@ubuntu:~$ exit
logout
Connection to 192.168.116.132 closed.
vskumar@VM2:~$
== Connected and exited ====>

=== Now let me connect to ===>
====From Ans-ControlMachine ======>
==== TO VM2 =================>
vskumar@ubuntu:~/.ssh$ ssh vskumar@192.168.116.135
The authenticity of host ‘192.168.116.135 (192.168.116.135)’ can’t be established.
ECDSA key fingerprint is SHA256:/HtM2RyrOSeFO01WW3d1S5fcB9mBM7MApniY54Nq4k4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.116.135’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.135’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

vskumar@VM2:~$ cat /etc/hostname
VM2
vskumar@VM2:~$
vskumar@VM2:~$ exit
logout
Connection to 192.168.116.135 closed.
vskumar@ubuntu:~/.ssh$
===== Connected to VM2 and exited ===>

== SSh key added in VM2 ===>
====From Ans-ControlMachine ======>
vskumar@ubuntu:~/.ssh$
vskumar@ubuntu:~/.ssh$ ssh ssh-copy-id vskumar@192.168.116.135
ssh: Could not resolve hostname ssh-copy-id: Name or service not known
vskumar@ubuntu:~/.ssh$ sudo ssh-copy-id vskumar@192.168.116.135
[sudo] password for vskumar:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/vskumar/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.116.135 (192.168.116.135)’ can’t be established.
ECDSA key fingerprint is SHA256:/HtM2RyrOSeFO01WW3d1S5fcB9mBM7MApniY54Nq4k4.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
vskumar@192.168.116.135’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘vskumar@192.168.116.135′”
and check to make sure that only the key(s) you wanted were added.

vskumar@ubuntu:~/.ssh$
===== So now, we have made correct ssh connection ====>
=== with VM2 also ============================>

Now, let us try with VM3 as below:

=== Status of VM3 ====>
vskumar@VM3:~$ cat /etc/hostname
VM3
vskumar@VM3:~$ ssh -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016
vskumar@VM3:~$
vskumar@VM3:~$ ssh vskumar@192.168.116.135
The authenticity of host ‘192.168.116.135 (192.168.116.135)’ can’t be established.
ECDSA key fingerprint is SHA256:/HtM2RyrOSeFO01WW3d1S5fcB9mBM7MApniY54Nq4k4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.116.135’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.135’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

Last login: Sat May 26 07:13:50 2018 from 192.168.116.132
vskumar@VM2:~$ cat /etc/hostname
VM2
vskumar@VM2:~$
vskumar@VM2:~$ ssh vskumar@192.168.116.132
vskumar@192.168.116.132’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

Last login: Sat May 26 07:13:07 2018 from 192.168.116.132
vskumar@ubuntu:~$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~$
vskumar@ubuntu:~$ exit
logout
Connection to 192.168.116.132 closed.
vskumar@VM2:~$
vskumar@VM2:~$ exit
logout
Connection to 192.168.116.135 closed.
vskumar@VM3:~$
vskumar@VM3:~$ ssh vskumar@192.168.116.132
The authenticity of host ‘192.168.116.132 (192.168.116.132)’ can’t be established.
ECDSA key fingerprint is SHA256:sIDDAzkiGiTCzpGHOTEU3QbG/oNn4DNvXxHtm7kzAZ4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.116.132’ (ECDSA) to the list of known hosts.
vskumar@192.168.116.132’s password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-28-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

437 packages can be updated.
251 updates are security updates.

Last login: Sat May 26 07:35:04 2018 from 192.168.116.135
vskumar@ubuntu:~$ cat /etc/hostname
Ans-ControlMachine
vskumar@ubuntu:~$ exit
logout
Connection to 192.168.116.132 closed.
vskumar@VM3:~$
== So, we could connect from VM3 ====>
=== To all 3 other VMs ==============>
== The issues is resolved for ssh in VM3 ===>

Now, we are ready to use these ssh connection made machines for Ansible future exercises.

 

In the following video I have demonstrated with trouble shoot methods also: