bash

bash
#!/bin/bash
set -euo pipefail

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'

Shell scripting for DevOps automation

bash shell-scripting devops
by Ryan Nakamura 1 tab
bash
#!/bin/bash
# Helm commands

# Add repositories
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update

Kubernetes Helm charts for package management

kubernetes helm charts
by Ryan Nakamura 4 tabs
hcl
# S3 bucket for static assets
resource "aws_s3_bucket" "assets" {
  bucket = "${var.project_name}-assets-${var.environment}"
}

resource "aws_s3_bucket_versioning" "assets" {

AWS S3 and CloudFront for static asset hosting

aws s3 cloudfront
by Ryan Nakamura 2 tabs
bash
#!/bin/bash
# Docker Compose commands

# Start all services
docker compose up -d

Docker Compose for multi-container applications

docker docker-compose devops
by Ryan Nakamura 2 tabs
dockerfile
# Optimized production Dockerfile

# Stage 1: Dependencies
FROM node:20-alpine AS deps
WORKDIR /app

Docker image optimization and security scanning

docker optimization security
by Ryan Nakamura 2 tabs
hcl
# Backend configuration with S3 + DynamoDB locking
terraform {
  backend "s3" {
    bucket         = "company-terraform-state"
    key            = "services/web-app/terraform.tfstate"
    region         = "us-east-1"

Terraform state management and workspace strategies

terraform state-management iac
by Ryan Nakamura 2 tabs
bash
#!/usr/bin/env bash
set -euo pipefail

cosign sign --key env://COSIGN_PRIVATE_KEY ghcr.io/example/codesnips:${GITHUB_SHA}
cosign verify --key env://COSIGN_PUBLIC_KEY ghcr.io/example/codesnips:${GITHUB_SHA}

Signed release artifacts with cosign for software supply chain trust

supply-chain cosign signing
by Kai Nakamura 1 tab
bash
#!/usr/bin/env bash
set -euo pipefail

certbot renew --quiet --deploy-hook "systemctl reload nginx"
openssl x509 -enddate -noout -in /etc/letsencrypt/live/example.com/fullchain.pem

TLS certificate automation with certbot and strict renewal checks

tls certificates certbot
by Kai Nakamura 1 tab
yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-app
  namespace: production
  labels:

Kubernetes Pod and Deployment manifests

kubernetes k8s pods
by Ryan Nakamura 2 tabs
bash
#!/usr/bin/env bash
tcpdump -i eth0 host 10.10.20.15 -w suspect-host.pcap
tcpdump -i eth0 port 443 and host api.example.com
tcpdump -i eth0 'tcp[tcpflags] & (tcp-syn|tcp-fin|tcp-rst) != 0'

tcpdump filters for fast packet capture during investigations

tcpdump packets incident-response
by Kai Nakamura 1 tab
yaml
# ConfigMap from literal values
apiVersion: v1
kind: ConfigMap
metadata:
  name: web-app-config
  namespace: production

Kubernetes ConfigMaps and Secrets management

kubernetes k8s configmaps
by Ryan Nakamura 2 tabs
bash
#!/bin/bash
# Linux system administration commands

# === Process Management ===
ps aux                                # All processes
ps aux | grep nginx                   # Find specific process

Linux system administration essentials for DevOps

linux sysadmin devops
by Ryan Nakamura 1 tab