← ~/tech~/ubuntu-devops-setup
ubuntudevopslinuxdockerkubernetesterraformansibleawsazuregcp

My Ubuntu Setup for DevOps Engineering

Every tool in my Ubuntu DevOps environment, from CLI essentials to containerization tools, and why each one earned a place on the machine.

Jan 16, 202312 min readNsisong Effiong

You get a new machine — or you nuke an old one — and you have maybe two hours before you need it operational. No time to deliberate. No time to read twelve blog posts and compare options. You need the list, and you need to know it works.

This is mine. Every tool here runs on my Ubuntu machine right now. I'll tell you what each one does and how to get it, but I won't pretend the install commands are interesting. The list is the thing.

Before anything else

Update the system. Do this first, every time, without exception:

sudo apt update && sudo apt upgrade -y

Command Line Tools

curl

You'll use curl to pull down installer scripts, test APIs, and check endpoints. It comes pre-installed on most Ubuntu distributions, but confirm it:

curl --version

If it's missing:

sudo apt install curl -y

vim

My terminal editor. Muscle memory at this point. If you're a nano person, that's fine. But when you're SSHed into a server at 11pm and something needs editing, you want a capable editor under your fingers.

sudo apt install vim -y

nala

nala is a frontend for apt that makes package operations faster and reads better. Parallel downloads, cleaner output, transaction history. I stopped using apt directly once I found it.

sudo apt install nala -y

After that, nala install, nala update, nala upgrade replace the apt equivalents.

git

Version control is the foundation everything else sits on. If it's not installed, nothing else matters.

sudo apt install git -y

Configure it immediately after install:

git config --global user.name "Your Name"
git config --global user.email "you@example.com"

terminator

Ubuntu's default terminal is fine. Terminator is better. Split panes, grouped typing, profiles. When you're running a Terraform plan in one pane, watching logs in another, and SSHed into a box in a third, you'll understand why it matters.

sudo apt install terminator -y

Oh My Zsh

Zsh with Oh My Zsh for autocompletion, plugins, and a prompt that tells you the git branch you're on. The setup takes ten minutes and pays back daily.

Install zsh first:

sudo apt install zsh -y

Then install Oh My Zsh:

sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

Set zsh as your default shell when prompted, or run chsh -s $(which zsh) afterward.

Development Tools

VS Code

My primary editor for everything that isn't a quick terminal fix. The extension ecosystem is what makes it: remote SSH, Docker, Kubernetes, Terraform, Python, YAML lint. Add what you need as you go.

Download the .deb package from code.visualstudio.com and install:

sudo dpkg -i code_*.deb
sudo apt install -f

Or use the official Microsoft repo for managed updates:

wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > packages.microsoft.gpg
sudo install -o root -g root -m 644 packages.microsoft.gpg /etc/apt/trusted.gpg.d/
sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main" > /etc/apt/sources.list.d/vscode.list'
sudo apt update
sudo apt install code -y

Postman

API development and testing. I use it for exploring endpoints during development, writing test suites for REST APIs, and sharing collections with the team.

sudo snap install postman

Browsers

Microsoft Edge

curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
sudo install -o root -g root -m 644 microsoft.gpg /etc/apt/trusted.gpg.d/
sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/edge stable main" > /etc/apt/sources.list.d/microsoft-edge.list'
sudo apt update
sudo apt install microsoft-edge-stable -y

Chrome

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo dpkg -i google-chrome-stable_current_amd64.deb
sudo apt install -f -y

Containerization and Virtualization

Docker

Docker changed how I work with environments permanently. No more "works on my machine." No more dependency hell. Every service in its own container, reproducible from a single docker-compose.yml.

Remove any old versions first:

sudo apt remove docker docker-engine docker.io containerd runc

Install via the official Docker repo:

sudo apt install ca-certificates curl gnupg lsb-release -y
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /tmp/docker.gpg
gpg --dearmor -o /etc/apt/keyrings/docker.gpg < /tmp/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y

Add your user to the docker group so you're not prefixing every command with sudo:

sudo usermod -aG docker $USER
newgrp docker

VirtualBox

For full VM workloads: testing OS configurations, running Windows environments, validating Vagrant boxes. Docker handles most things, but sometimes you need the whole machine.

sudo apt install virtualbox -y

Or grab the latest version from virtualbox.org/wiki/Linux_Downloads for more recent releases.

Vagrant

Vagrant sits on top of VirtualBox and gives you reproducible VM environments via a Vagrantfile. Define the box, the network config, the provisioning script. Anyone on the team can spin up the same environment.

wget https://releases.hashicorp.com/vagrant/2.4.1/vagrant_2.4.1-1_amd64.deb
sudo dpkg -i vagrant_2.4.1-1_amd64.deb

Check releases.hashicorp.com/vagrant for the current version before downloading.

Cloud Services and Infrastructure

AWS CLI

If you work with AWS, you need this. Configure it once with your credentials and region and you have programmatic access to everything: S3, EC2, ECS, Lambda, IAM, the lot.

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

Then configure:

aws configure

Azure CLI

Same principle for Azure. The az command covers resource groups, VMs, AKS clusters, storage accounts, and every other Azure resource.

curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
az login

gcloud CLI

For Google Cloud Platform. GKE, Cloud Run, Cloud Storage, BigQuery — all reachable from gcloud.

curl https://sdk.cloud.google.com | bash
exec -l $SHELL
gcloud init

Terraform

Infrastructure as code. I define resources in .tf files, run terraform plan to see what will change, and terraform apply to make it happen. The state file tracks what's deployed. Teams that don't use IaC eventually end up with infrastructure nobody fully understands.

wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install terraform -y

kubectl

The Kubernetes command-line tool. You'll use it for everything: deploying workloads, inspecting pods, scaling deployments, reading logs, exec-ing into containers.

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

Configuration Management and Automation

Ansible

Agentless configuration management. You write playbooks in YAML that describe the desired state of your servers, point Ansible at an inventory file, and it SSHes into each host and makes it so. No agent to install. No daemon to manage.

sudo apt install ansible -y

Or install the latest version via pip for more control:

pip install ansible

Jenkins

CI/CD automation. Jenkins picks up code changes, runs builds, executes tests, and handles deployments. It's been around long enough to have integrations for almost everything.

curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee /usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] https://pkg.jenkins.io/debian-stable binary/ | sudo tee /etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt update
sudo apt install jenkins -y

Jenkins runs on port 8080 by default. Get the initial admin password from:

sudo cat /var/lib/jenkins/secrets/initialAdminPassword

Networking and Security

Wireshark

Network protocol analyzer. When something is wrong at the network level — a service not responding, unexpected traffic, a TLS handshake failing — Wireshark shows you the actual packets. The GUI version runs on Ubuntu with no issue.

sudo apt install wireshark -y

When prompted whether non-superusers should be able to capture packets, select yes. Then add yourself to the wireshark group:

sudo usermod -aG wireshark $USER

Log out and back in for the group change to take effect.

Programming Languages

Python

Python ships with Ubuntu, but the version matters. Check what you have:

python3 --version

Install pip and venv if they're missing:

sudo apt install python3-pip python3-venv -y

For projects, always work inside a virtual environment:

python3 -m venv .venv
source .venv/bin/activate

This keeps project dependencies isolated from system Python and from each other. The discipline saves you the dependency conflict debugging session you'd otherwise have at the worst possible moment.

Done

The next step is making this reproducible. A shell script that runs all of this unattended is worth the hour it takes to write. You won't always have two hours when you need a new machine. Sometimes you'll have twenty minutes.

I'll cover the automation script in a follow-up post.

// discussion0 comments

// add a comment

email hidden publicly · comments moderated before publishing