This accelerated course is for experienced Unix administrators who desire to develop an understanding of the skills required to administer Red Hat or SUSE Linux-based systems in their enterprise computing environments. This course combines the topics in H7091S: Enterprise Linux System Administration and H7092S: Enterprise Linux Network Services.
Audience
Experienced Unix administrators
Supported distributions
• Red Hat Enterprise Linux 8
• SUSE Linux Enterprise 15
• Free Software Foundation (FSF) and GNU
• General Public License (GPL)
• Linux kernel and versioning
• Components of a distribution
• Red Hat Linux products
• SUSE Linux products
• Hardware discovery tools
• Configuring new hardware with hwinfo
• Hardware and system clock
• Console
• Virtual terminals
• Keyboard and locale configuration
• Serial ports
• SCSI devices
• USB architecture
• Defining a printer
• SCSI tape drives and libraries
• Managing Linux device files
• Kernel hardware info /sys/
• /sys/ structure
• udev
• Kernel modules
• Configuring kernel components and modules
• Handling module dependencies
• Configuring the kernel via /proc/
• Random numbers and /dev/random
Lab Tasks
• Adjusting kernel options
• Linux kernel driver compilation
• Configuring print queues
• Introduction to troubleshooting labs
• Troubleshooting practice: kernel modules
• System boot method overview
• systemd system and service manager
• Modifying systemd services
• Systemd service sandboxing features
• systemd targets
• Using systemd
• Linux runlevels aliases
• Legacy support for SysV init
Lab Tasks
• Managing services with systemd’s systemctl
• Creating a systemd unit file
• Booting Linux on PCs
• GRUB 2
• GRUB 2 configuration
• The boot loader specification
• GRUB 2 security
• Boot parameters
• Initial RAM filesystem
• init
• Systemd local-fs.target and sysinit.target
• Systemd basic.target and multi-user.target
• Legacy local bootup script support
• System configuration files
• RHEL8 configuration utilities
• SLES15 configuration utilities
• Shutdown and reboot
Lab Tasks
• Boot process
• Booting directly to a bash shell
• GRUB command line
• Basic GRUB security
• Troubleshooting practice: boot process
• RPM architecture
• Working with RPMs
• Querying and verifying with RPM
• Updating the kernel RPM
• Using the Yum and DNF commands
• Using the Zypper command
• Yum package groups
• Zypper services and catalogs
• Configuring Yum
• DNF repositories
• Rebuilding source RPM packages
Lab Tasks
• Managing software with RPM
• Creating a custom RPM repository
• Querying the RPM database
• Installing software via RPM and source and rebuilding SRPMs
• Using Yum
• Using Zypper
• Partitioning disks with fdisk and gdisk
• Resizing a GPT partition with gdisk
• Partitioning disks with parted
• Non-interactive disk partitioning with sfdisk
• Filesystem creation
• Mounting filesystems
• Filesystem maintenance
• Resizing filesystems
• Managing an XFS filesystem
• Swap
• Filesystem attributes
Lab Tasks
• Creating and managing filesystems
• Hot adding swap
• Logical volume management (LVM)
• Implementing LVM
• Creating logical volumes
• Activating LVM VGs
• Exporting and importing a VG
• Examining LVM components
• Changing LVM components
• Advanced LVM overview
• Advanced LVM: components and object tags
• Advanced LVM: automated storage tiering
• Advanced LVM: thin provisioning
• Advanced LVM: striping and mirroring
• Advanced LVM: RAID volumes
• SLES graphical disk tool
• RAID concepts
• Array creation with mdadm
• Software RAID monitoring
• Software RAID control and display
Lab Tasks
• Creating and managing LVM volumes
• Creating LVM thin volumes
• Creating and managing a RAID-5 array
• Remote storage overview
• Remote filesystem protocols
• Remote block device protocols
• NFS clients
• NFS server configuration
• Implementing NFSv4
• AutoFS
• AutoFS configuration
• SAN multipathing
• Multipath configuration
• Multipathing best practices
• iSCSI architecture
• Open-iSCSI initiator implementation
• iSCSI initiator discovery
• iSCSI initiator node administration
• Mounting iSCSI targets at boot
• iSCSI multipathing considerations
Lab Tasks
• Using autofs
• NFS server configuration
• iSCSI initiator configuration
• Approaches to storing user accounts
• User and group concepts
• User administration
• Modifying accounts
• Group administration
• Password aging
• Default user files
• Controlling login sessions
• PAM overview
• PAM module types
• PAM order of processing
• PAM control statements
• pam_wheel.so
• pam_limits.so
Lab Tasks
• User and group administration
• Using LDAP for centralized user accounts
• Troubleshooting practice: account management
• Restricting superuser access to wheel group membership
• Setting limits with the pam_limits modules
• Using pam_limits to restrict simultaneous logins
• Security concepts
• Tightening default security
• Security advisories
• Fine grained authorizations with Polkit
• File access control lists (FACLs)
• Manipulating FACLs
• Viewing FACLs
• Backing up FACLs
• File creation permissions with umask
• User private group scheme
• Alternatives to UPG
• Xinetd
• Netfilter concepts
• Using the iptables command
• Common match_specs
• Extended packet matching modules
• Connection tracking
• AppArmor
• SELinux security framework
• SELinux modes
• SELinux commands
• Choosing an SELinux policy
• SELinux Booleans
• SELinux policy tools
Lab Tasks
• User private groups
• Using filesystem ACLs
• Securing xinetd services
• Enforcing security policy with xinetd
• Securing services with Netfilter
• Exploring SELinux modes
• SELinux file contexts
• at and cron usage
• Anacron
• Viewing processes
• Managing processes
• Tuning process scheduling
• Setting resource limits via ulimit
Lab Tasks
• Creating and managing user cron jobs
• Adding system cron jobs
• Linux network interfaces
• Ethernet hardware tools
• Network configuration with IP command
• Configuring routing tables
• IP to MAC address mapping with ARP
• Starting and stopping interfaces
• NetworkManager
• DNS clients
• DHCP clients
• Network diagnostics
• Information from ss and netstat
• Continual time sync with NTP
• Multiple IP addresses
• IPv6
• Interface aggregation
• Interface bonding
• Network teaming
• Interface bridging
• 802.1q VLANS
Lab Tasks
• Network discovery
• Basic client networking
• Multiple IP addresses per network interface
• Configuring IPv6
• Troubleshooting practice: networking
• System status - memory
• System status - I/O
• System status - CPU
• Performance trending with sar
• Troubleshooting basics: the process
• Troubleshooting basics: the tools
• System logging
• systemd journal
• systemd journal’s journalctl
• Secure logging with journal’s log sealing
• Rsyslog
• /etc/rsyslog.conf
• Log management
• Log anomaly detector
• strace and ltrace
• Troubleshooting incorrect file permissions
• Inability to foot
• Typos in configuration files
• Corrupt filesystems
• RHEL8 rescue environment
• SUSE rescue environment
Lab Tasks
• Using the systemd journal
• Setting up a full debug logfile
• Remote Syslog configuration
• Remote Rsyslog TLS configuration
• Recovering damaged MBR
• The domain name space (DNS)
• Delegation and zones
• Server roles
• Resolving names
• Resolving IP addresses
• Basic BIND administration
• Configuring the resolver
• Testing resolution
• rndc key configuration
• named.conf options flock
• Creating a site-wide cache
• Zones in named.conf
• Zone database file Ssyntax
• Start of Authority (SOA)
• Address and pointer records (A, AAAA, and PTR)
• Name server (NS)
• Text, alias, and mail host (TXT, CNAME, and MX)
• Abbreviations and gotchas
• $GENERATE, $ORIGIN, and $INCLUDE
Lab Tasks
• Configuring a slave name server
• Use rndc to control named
• Configuring BIND zone files
• Popular SQL databases
• SELECT statements
• INSERT statements
• UPDATE statements
• DELETE statements
• JOIN clauses
• MariaDB
• MariaDB installation and security
• MariaDB user account management
• MariaDB replication
Lab Tasks
• SQL with Sqlite3
• Installing and securing MariaDB
• Creating a database in MariaDB
• Create a database backed application
• Popular LDAP server implementations
• OpenLDAP client tools
• LDAP data interchange format (LDIF)
• 389 Directory Server (389DS)
• 389 Directory Server features
• 389DS utilities
Lab Tasks
• Installing and configuring 389DS
• vsftpd
• Anonymous FTP with vsftpd
• Configuring vsftpd
• HTTP operation
• Apache architecture
• Apache configuration files
• httpd.conf - server settings
• httpd.conf - main configuration
• httpd.conf – virtual host configuration
• Virtual hosting DNS implications
• Adding modules to Apache
• Apache logging
• Delegating administration
• Directory protection
• Directory protection with AllowOverride
• Common uses for .htaccess
• TLS using mod_ssl.so
Lab Tasks
• Configuring vsftpd
• Apache architecture
• Apache content
• Configuring virtual hosts
• Using .htaccess files
• Using TLS certificates with Apache
• Squid overview
• Squid file layout
• Squid access control lists (ACLs)
• Applying Squid ACLs
• Tuning Squid and configuring cache hierarchies
• Bandwidth metering
• Monitoring Squid
• Proxy client configuration
Lab Tasks
• Installing and configuring Squid
• Squid cache manager CGI
• Proxy auto configuration
• Configure a Squid proxy cluster
• Samba daemons
• Accessing Windows/Samba shares from Linux
• Samba utilities
• Samba configuration files
• The smb.conf file
• Mapping permissions and ACLs
• Mapping Linux concepts
• Sharing home directories
• Sharing printers
• Share authentication
• User-level access
• Mapping users
• Samba account database
• User share restrictions
Lab Tasks
• Samba share-level access
• Samba user-level access
• Samba group shares
• Handling symbolic links with Samba
• Samba home directory shares
• Postfix features
• Postfix components
• Postfix configuration
• master.cf
• main.cf
• Postfix map types
• Postfix pattern matching
• Virtual fomains
• Postfix mail filtering
• Configurationg commands
• Management commands
• SMTP AUTH server and relay control
• SMTP AUTH clients
• TLS server configuration
• Postfix client configuration for TLS
Lab Tasks
• Configuring Postfix
• Postfix network configuration
• Postfix virtual host configuration
• Postfix SMTP AUTH configuration
• Postfix STARTTLS configuration
• SUSE Postfix configuration cleanup
• Procmail
• SpamAssassin
• amavisd-new mail filtering
• Cyrus IMAP/POP3 server
• Cyrus IMAP MTA integration
• Cyrus mailbox administration
• Dovecot POP3/IMAP server
Lab Tasks
• Configuring Procmail and SpamAssassin
• Configuring Cyrus IMAP
• Dovecot TLS configuration
• Anaconda: an overview
• Anaconda: booting thes
• Anaconda: common boot options
• Anaconda: loading Anaconda and packages
• Anaconda: storage options
• Anaconda: troubleshooting
• FirstBoot
• Kickstart
• Network booting with PXE
• A typical install
Lab Tasks
• Linux installation
• Automating installation with Kickstart
• YaST install program interface
• Network installation
• SLP for SUSE Linux installation
• Installation xhoices
• Kernel crash dump configuration
• Network booting with PXE
• Creating AutoYaST2 files
• Using AutoYaST2 files
• linuxrc automation
• Installation diagnostics
• After the first reboot
• A typical install
Lab Tasks
• SUSE Linux Enterprise Server installation
• Automating installation with AutoYaST
Prerequisites
Students should be experienced Unix administrators. Fundamentals such as the Unix command line and how to edit files are not covered in class. A good understanding of network concepts, the TCP/IP protocol suite, and basic Unix security is also assumed. The accelerated pace of this class makes it difficult for unprepared students to keep up. Less experienced students are encouraged to instead take either the Linux Fundamentals, Enterprise Linux Systems Administration, or Enterprise Linux Network Services course.
Firma NT GROUP Sp. z o.o. jest Autoryzowanym partnerem firmy HPE
Spółka posiada wpis do ewidencji placówek niepublicznych Nr ew. ES.VIII.4320-6/p.n./2003 wydany z upoważnienia Prezydenta Miasta Łodzi
Zachęcamy do skorzystania z możliwości dofinansowania szkoleń oferowanych przez naszą firmę. Dostępne rozwiązania:
Skontaktuj się z nami, aby uzyskać więcej informacji. Oferujemy pełne wsparcie w tym procesie.
Zapraszamy!
|
|
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: 30-01-2025 09:00
Najbliższy termin: 05-02-2025 09:00
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt
Najbliższy termin: Prosimy o kontakt