Book Image

Mastering Ubuntu Server - Third Edition

By : Jay LaCroix
Book Image

Mastering Ubuntu Server - Third Edition

By: Jay LaCroix

Overview of this book

Ubuntu Server has taken data centers around the world by storm. Whether you're deploying Ubuntu for a large-scale project or for a small office, it is a stable, customizable, and powerful Linux distribution with innovative and cutting-edge features. For both simple and complex server deployments, Ubuntu's flexible nature can be easily adapted to meet to the needs of your organization. This third edition is updated to cover the advancements of Ubuntu 20.04 LTS and further train you to understand how to use Ubuntu Server, from initial deployment to creating production-ready resources for your network. The book begins with the concepts of user management, group management, and file system permissions. Continuing into managing storage volumes, you will learn how to format storage devices, utilize logical volume management, and monitor disk usage. Later, you will learn how to virtualize hosts and applications, which will include setting up QEMU & KVM, as well as containerization with both Docker and LXD. As the book continues, you will learn how to automate configuration with Ansible, as well as take a look at writing scripts. Lastly, you will explore best practices and troubleshooting techniques when working with Ubuntu Server that are applicable to real-world scenarios. By the end of this Ubuntu Server book, you will be well-versed in Ubuntu server’s advanced concepts and attain the required proficiency needed for Ubuntu Server administration.
Table of Contents (26 chapters)
24
Another Book You May Enjoy
25
Index

Managing security groups with Terraform

Security groups, as you learned in the previous chapter, allow you to control what is able to communicate with your resources. In the previous section, we reused the security group that we've created last time, but it would be useful to understand how to create one from scratch.

Here's the example Terraform file again, with some new code added:

provider "aws" {
  region = "us-east-1"
}
resource "aws_instance" "my-server-1" {
  ami                                   = "ami-0dba2cb6798deb6d8"
  associate_public_ip_address = "true"
  instance_type                         = "t2.micro"
  key_name                              = "jay_ssh"
  vpc_security_group_ids        = [   "${aws_security_group.external_access.id}" ]
  tags = {
    Name = "Web Server 1"
  }
}
resource "aws_security_group" "external_access" {
...