SecDep
Automated secure docker services deployment and virtual machine management using (mainly) the libcloud library to connect to AWS, Azure and GCE.
Description
Have you ever wanted to instantly deploy a simple virtual machine (or multiple) using one or more of the IaaS that the top 3 cloud providers offer? If yes, you might have noticed some things that tip you off like the fact that their web portals are bloated for your use case or confusing. Or that more often than not the same goes for their official cli tools. In the case you want to manage more than one provider's virtual machines, it becomes a hassle having to head over to their web portal, or tool and do the same thing in a different manner.
That's where SecDep comes in. With SecDep, you can manage your virtual machines across all three cloud providers with ease without having to think of where to go and how to get there to do what you want.
Features and roadmap
- Virtual machine creation
- GCE
- Azure
- AWS
- Virtual machine actions (delete, start, stop, reboot)
- GCE
- Azure
- AWS
- Virtual machine simple ssh connection
- Interactive
.envfile editing - Provider image, location, size and instance listing
- GCE
- Azure
- AWS
- Choice to perform above actions and instance listing on a single or all providers
- Hardening during creation
- Docker deployment during hardening
Prerequisites
Even though we want to avoid using the tools or the web portals we actually have to do it just once to have everything set up to go.
GCE
First and foremost, you need to have a Google account. If you don't have one, you can create one here.
Then follow the instructions here to set up your GCE account. Instructions based on libcloud's documentation.
Azure
For Azure you need to be a part of an organization that has an Azure subscription.
Then follow the instructions here to set up your Azure account. Instructions based on libcloud's documentation.
AWS
For AWS you firstly need an account and then to follow the instructions here
Dependencies
We would have 3 external dependecies but due to missing functionality in libcloud when it comes to Azure management we need 6.
- libcloud
- python-dotenv
- paramiko which is actually needed for the deployment of libcloud
- azure-sdk-for-python from which we need
Installation
Cloning the repository
You can clone the repository by running git clone https://git.konsthol.eu/konsthol/SecDep.git in the directory you want the files to reside.
It goes without saying that you need to have git installed and that you need python to run it since it is a python script afterall.
Installing the dependencies
The simplest way to install them is to run pip install -r requirements.txt in the root directory of the project.
If you don't have pip installed you can install it by running sudo apt install python3-pip on Debian based systems or sudo dnf install python3-pip on Fedora based systems.
For other systems you can check here for more information.
Walkthrough
Assuming you have set up your accounts and have the dependencies installed, you can now start using SecDep.
Further instructions here
Connecting to the virtual machines
If you want to connect using your ssh client you will be able to run ssh -i ~/Path/To/SecDep/secdep secdep@<ip>.
To use putty you will need to probably add the key to the program.
The ip will be outputted after the creation of the virtual machine.
If for any reason you delete either the public or the provate key they will both be regenerated and you should probably delete the virtual machines that use it or find another way to log in and manually put the secdep.pub key to the authorized_keys file of the secdep user.