6.2 KiB
First run 🏃
What will happen on your system on first run? well, SecDep will create a .env file in the root directory of the project. This file is needed to store the authentication values needed to access the cloud providers. You will be asked for every needed value for every supported provider and if you don't need one you should just press enter to leave it's respecting values empty.
Configuration ⚙️
Should you ever change your mind you can always edit the .env file manually or run python3 secdep.py -v or python3 secdep.py --values to change the values you want.
Key Creation 🔐
Then a public and a private ssh key will be generated and stored in the root of the directory. The public key will be added to the ~/.ssh/authorized_keys file of a secdep user that will be created on the virtual machines. The private key will be used to connect to the virtual machines.
Creating a virtual machine 🖥️
To create a virtual machine you can run python3 secdep.py -P <provider> -c or python3 secdep.py --provider <provider> --create where <provider> is either gce, azure or aws.
You will be asked to enter some information regarding the virtual machine you want to create such as
- The name
- The size
- The image
- The location
and then you will be shown the chosen values and asked to confirm the creation of the virtual machine.
Skipping the confirmation and some options 🙅
If you want to skip the confirmation or some of the asked values you can specify them using command line flags as so
-n <name>or--name <name>to specify the name-s <size>or--size <size>to specify the size-i <image>or--image <image>to specify the image-g <region>or--region <region>to specify the location-yor--yesto skip the confirmation
You will be asked for the values you didn't specify.
A note on the -g or --region flag. It is used for Azure and GCE and it is used to specify the region. For AWS it is derived from the image because they are region specific.
A full example looks like this
python3 secdep.py -P <provider> -c -n <name> -s <size> -i <image> -g <region> -y
or with specific values
GCE
python3 secdep.py -P gce -c -n test-node -g us-central1-a -s f1-micro -i debian-10-buster-v20230306 -y
Azure
python3 secdep.py -P azure -c -n test-node -s Standard_B1ls -i Debian:debian-11:11:0.20221219.1234 -g eastus -y
AWS
python3 secdep.py -P aws -c -n test-node -s t3.micro -i ami-0246e87085c5c98e3 -y
Finding valid values for the flags 🕵️
If you want to find valid values for the image you can run python3 secdep.py -P <provider> -I -p or python3 secdep.py --provider <provider> --listimages --print where <provider> is either gce, azure or aws.
Same goes for the -S -p or --listsizes --print flag for the sizes and the -G -p or --listlocations --print flag for the location.
AWS image example output
python3 secdep.py -P aws -I -p
<NodeImage: id=ami-0eb2c4104acb437b2, name=debian-10-amd64-20221224-1239, driver=Amazon EC2 ...>
You can see that the image id is ami-0eb2c4104acb437b2 and the name is debian-10-amd64-20221224-1239.
What you'll need to specify is the image id.
GCE image example output
python3 secdep.py -P gce -I -p
<NodeImage: id=992739542793186627, name=debian-10-buster-v20230306, driver=Google Compute Engine ...>
Here you will need the name of the image.
Azure image example output
python3 secdep.py -P azure -I -p
<AzureImage: id=Debian:debian-11:11:0.20221219.1234, name=Debian debian-11 11 0.20221219.1234, location=eastus>
Here you will need the id of the image.
AWS size example output
python3 secdep.py -P aws -S -p
<NodeSize: id=t3.micro, name=t3.micro, ram=1024, disk=0, bandwidth=0, price=0.0204, driver=Amazon EC2 ...>
Here you will need the id of the size.
GCE size example output
python3 secdep.py -P gce -S -p
<NodeSize: id=1000, name=f1-micro, ram=614 disk=0 bandwidth=0 price=None driver=Google Compute Engine ...>
Here you will need the name of the size.
Azure size example output
python3 secdep.py -P azure -S -p
<NodeSize: id=Standard_B1ls, name=Standard_B1ls, ram=512 disk=4.0 bandwidth=0 price=0 driver=Azure Virtual machines ...>
Here you will need the id of the size.
AWS location example output
python3 secdep.py -P aws -G -p
<EC2NodeLocation: id=0, name=us-east-1a, country=USA, availability_zone=<ExEC2AvailabilityZone: name=us-east-1a, zone_state=available, region_name=us-east-1> driver=Amazon EC2>
That is actually here for demonstration purposes because AWS doesn't have locations. The location is derived from the image.
GCE location example output
python3 secdep.py -P gce -G -p
<NodeLocation: id=2000, name=us-central1-a, country=us, driver=Google Compute Engine>
We get the name of the location.
Azure location example output
python3 secdep.py -P azure -G -p
<NodeLocation: id=eastus, name=East US, country=Virginia, USA, driver=Azure Virtual machines>
We get the id of the location.
Listing virtual machines
To list the virtual machines you can run python3 secdep.py -P <provider> -l or python3 secdep.py --provider <provider> --list.
You can also do the same without the provider flag to list all the virtual machines from all the providers.
The print flag also works with the list flag like this python3 secdep.py -P <provider> -l -p or python3 secdep.py --provider <provider> --list --print.
Deleting a virtual machine
To delete a virtual machine you perform an action with the -a or --action flag.
When the action is delete you choose one of the virtual machines from the list and it will be deleted. Compined with the provider flag it lists all the virtual machines from that one provider.
python3 secdep.py -P <provider> -a delete
or
python3 secdep.py -a delete
If you want to delete them all in either case you can use the deleteall action instead of the delete
Same goes for stop, start and reboot.
SSHing into a virtual machine 🚀
- Interactive TUI programs such as
vimand similar will not work.
If you can, prefer a better ssh client.
To SSH into a virtual machine you get the choice from python3 secdep.py -ssh or python3 secdep.py -P gce -ssh to only choose from the gce instances.