DevOps | Setup Your Ubuntu Server Workstation

Formatting your drive and re-creating your Ubuntu workstation periodically (weekly) is an advantageous behaviour. Two important lean principles are

  • if it hurts, do it more
  • if it hurts, do it often (and)
  • bring pain forward

I DevOps engineer should practise what he or she preaches and perform a weekly rebuild of their workstations.

Why Run Both Client and Server Workstations?

In DevOps it pays to have both a server and a client workstation on (or under) your desk - but why?

A Realistic Viable Kubernetes Cluster

A Kubernetes Cluster on just one machine is not realistic, nor is it viable.

Running it on one machine lulls you into a false sense of security! You literally do not know the half of it.

Getting a Kubernetes Cluster running using two (or even better 3 or 4) separate host computers brings to life a great number of issues that you can learn from. The resulting entity can be mapped into an AWS cloud, VMWare or a powerful cost-effective on-site bare metal cluster.

It all starts with two workstations - Ubuntu Client and Ubuntu Server.

The Client has GUI Tools, The Server takes the Load

You can surf the web, use team collaboration tools and IDEs through your lient workstation. All this while your server workstation is taking more than its fair share of load.

Start up 3 or 4 Vagrant VMs and your client workstation freezes. Start up a couple on the client and 3 or 4 on the server and you can continue working while your cluster trains a neural network or searches for an optimal Rubik's Cube solution.

Create Ubuntu User If Necessary

These are high quality user creation commands. Use if required.

sudo adduser --home /var/opt/<<usrname>> --shell /bin/bash --gecos 'New User' <<usrname>>
sudo install -d -m 755 -o <<usrname>> -g <<usrname>> /var/opt/<<usrname>>

The above simply create the user and there home directory within /var/opt

Give User Sudo Priveleges

We modify the user and then assume root rather than just using sudo - otherwise a permission denied error for changing /etc/sudoers will ensue.

sudo usermod -a -G sudo <<username>>
sudo su root
sudo echo '<<username>> ALL=NOPASSWD: ALL' >> /etc/sudoers

Now you need to pull up a new terminal.

Ubuntu - the Big Upgrade

After installing on Ubuntu we need to do a big upgrade to get the latest versions of the key packages. Here it is.

sudo apt-get update && sudo apt-get --assume-yes upgrade
sudo apt-get install --assume-yes git tree

Install Tree | Directory Viewer

Tree promotes productivity through viewing a whole recursive directory tree with depth indicators.

sudo apt-get install --assume-yes tree

Install and then Configure Git ( and Clone the Project )

sudo apt-get install --assume-yes git ruby-full
git config --global core.autocrlf input
git config --global "@[user|]"
git config --global "@[user|email.address]"
git config credential.helper store
git clone @[@[project|id]|git_url] @[@[project|id]|git_mirror]

The id of the project that is selected can be used to gain the git_url and the git_mirror from the key/value stores.

Then as and when - you can issue the common commands

git add .
git commit -am "Git repository comment"
git push -u origin master
git config --global push.default simple
git push


Mount USB Key | Mount Flash Drive

In order to perform the automated workstation build we need to have access to an auth provider. This could be key pass, vaults and/or other services but we need to authenticate with the auth provider to.

Using a buddy system whence two or three office members authenticate the provision of tokens on a USB drive that are valid for a specific time and fit for a given purpose.

First insert the USB key into the drive and then look for its Device ID with the fdisk command.

sudo fdisk -l
sudo mkdir /media/usb_drive
sudo mount -o rw,users,umask=000 /dev/sdb1 /media/usb_drive
ls -lah /media/usb_drive

Note that the -o rw,users,umask=000 is to enable write permissions. If you want to mount a drive as read only you can safely omit this section.

Note that FAT32 drives do not support permissions so attempts to add write permissions through chmod and chown will prove futile.

Unmount USB Key | Unmount Flash Drive

When you are done using the USB key you can unmount it with the below command.

ls -lah /media/usb_drive
sudo umount /media/usb_drive
ls -lah /media/usb_drive
Looking at the drive before unmounting list the files - and then nothing.

Install Ansible

sudo apt-add-repository ppa:ansible/ansible
sudo apt-get update
sudo apt-get install ansible

Create Workstation SSH Key-Pair

This is required if the workstation may be part of a cluster. For the other machines (or the local one) to communicate over SSH we need to setup a key.

Everything is described in detail below.

We needed to have installed openssh-server with apt-get.

@todo - We Still Need to Automate the below Command.

sudo apt-get install --assume-yes openssh-client openssh-server
ssh-keygen -t rsa -C "Brain Pad Workstation Key"
sudo cat $HOME/.ssh/ >> $HOME/.ssh/authorized_keys
sudo chown $USER:$USER $HOME/.ssh/authorized_keys
sudo chmod 400 $HOME/.ssh/authorized_keys
cp $HOME/.ssh/id_rsa /media/apollo/6464-31A4/workstation.brain-pad.key.pem

Remember we automated this already in 2012 - pick up where that left of.

Until we re-automate it - after ssh-keygen we press enter 3 times. Once for default id_rsa file and twice for a blank passphrase.

Copy public key to the ~/.ssh/authorized_keys file.

Save Workstation SSH Keys (Encrypted) on Removable Media

See above section on How to Mount a USB or Flash Drive

Provision the Unix Pass Password Manager

sudo apt-get install --assume-yes pass

The Foundation Packages Install

Pick and choose your base packages that will be placed on both your client and server workstations.

sudo apt-get install --assume-yes emacs24-lucid