GL250 - Enterprise Linux System Administration

Need something different? Guru Labs has other Linux and security courses and can build a custom course that covers exactly what you need!

This comprehensive course is designed to equip learners with a profound understanding of Linux system administration. The course kicks off with foundational concepts such as the Linux Kernel, device management, and the intricacies of systemd, setting the stage for deeper exploration into system boot processes, including GRUB2 and systemd boot. Each section progresses through detailed topics, including hardware discovery, kernel module configuration, and systemd service management, ensuring participants build a robust foundation in managing and configuring the core aspects of a Linux system.

As the course unfolds, it delves into advanced areas such as software maintenance, local and remote storage administration, user and group management, and the critical aspects of security through Pluggable Authentication Modules (PAM) and comprehensive security administration modules. These sections are crafted to cover the essentials of software management using RPM and DNF, the intricacies of LVM & RAID for storage, and the importance of security in system administration, including SELinux and firewall management. The practical application of these concepts is reinforced through targeted lab tasks, where learners apply knowledge to real-world scenarios, enhancing their problem-solving and system management skills.

The course also addresses the dynamic nature of networking and system maintenance, with chapters dedicated to basic and advanced networking concepts, log file administration, and the pivotal aspects of monitoring and troubleshooting. These sections are crucial for understanding how Linux systems interact within networked environments and how administrators can effectively monitor, diagnose, and resolve system issues. This course is designed not just to impart theoretical knowledge but to foster practical skills and critical thinking, preparing learners for the challenges of Linux system administration in real-world environments.

Audience:

  1. Aspiring System Administrators: Individuals looking to start a career in system administration and seeking a solid foundation in Linux, one of the most popular and widely-used operating systems in server environments.
  2. IT Professionals: Those already working in IT fields such as network administration, support, or database management who want to expand their skill set to include Linux system administration to enhance their career prospects and job performance.
  3. Developers: Software developers who wish to gain a deeper understanding of the Linux environment, which can help in optimizing applications, managing development environments, or working more effectively with DevOps practices.
  4. DevOps Engineers: Professionals in the DevOps space who require a thorough understanding of Linux systems to improve collaboration between development and operations, automate processes, and ensure the reliability and scalability of services.
  5. Technology Enthusiasts: Tech enthusiasts or hobbyists interested in deepening their knowledge of Linux internals, system management, and administration to manage personal projects, contribute to open source, or simply satisfy their intellectual curiosity.
  6. Cybersecurity Professionals: Security analysts and professionals who need to understand system administration, particularly in Linux, to better secure and manage their organization's IT infrastructure.

Benefits:

  1. Comprehensive Understanding of Linux Systems: This course offers an in-depth exploration of Linux system administration, particularly focusing on RHEL9, providing students with a broad and detailed understanding of various components, from kernel and device management to advanced networking and security. Such knowledge is invaluable for anyone looking to work in environments that rely on Linux servers.
  2. Hands-on Experience: With lab tasks integrated into each chapter, participants gain practical experience by applying theoretical knowledge to real-world scenarios. This hands-on approach enhances problem-solving skills, familiarizes students with common issues they might face, and teaches them how to troubleshoot effectively, thereby bridging the gap between theoretical knowledge and practical application.
  3. Career Advancement Opportunities: Proficiency in Linux system administration, especially in widely used distributions like RHEL, is highly sought after in the tech industry. Completing this course equips individuals with the skills needed to manage and maintain Linux systems, opening up numerous opportunities in IT infrastructure, cloud services, cybersecurity, and more.
  4. Security Expertise: With dedicated modules on security administration and Pluggable Authentication Modules (PAM), learners will develop a strong understanding of security principles, SELinux, firewall management, and security best practices. This knowledge is crucial for maintaining the integrity, confidentiality, and availability of information systems.
  5. Networking and Storage Management Skills: The course covers essential networking concepts, storage administration, LVM, RAID, and remote storage solutions, which are critical for designing, implementing, and maintaining scalable and reliable infrastructure. Understanding these areas allows professionals to ensure optimal performance and data integrity across diverse computing environments.

Current Version: R9-B01

Prerequisites:

Students should already be comfortable working in a Linux or Unix environment. Fundamentals such as the Linux filesystem, process management, and how to edit files will not be covered in class. An understanding of network concepts, and the TCP/IP protocol suite is helpful. These skills are taught in the GL120 "Linux Fundamentals" course.

Supported Distributions:
Red Hat Enterprise Linux 9
Recommended Class Length:
5 days
Detailed Course Outline:
  1. Linux Kernel & Devices
    1. Hardware Discovery Tools
    2. Kernel Hardware Info – /sys/
    3. /sys/ Structure
    4. udev
    5. Managing Linux Device Files
    6. List Block Devices
    7. SCSI Devices
    8. USB Devices
    9. USB Architecture
    10. Kernel Modules
    11. Configuring Kernel Components and Modules
    12. Handling Module Dependencies
    13. Configuring the Kernel via /proc/
    14. Console
    15. Virtual Terminals
    16. Keyboard & locale configuration
    17. Serial Ports
    18. Random Numbers and /dev/random
    Lab Tasks
    1. Adjusting Kernel Options
    2. Linux Kernel Driver Compilation
    3. Introduction to Troubleshooting Labs
    4. Troubleshooting Practice: Kernel Modules
  2. Systemd Overview
    1. System Boot Method Overview
    2. systemd System and Service Manager
    3. Modifying systemd services
    4. Systemd Service Sandboxing Features
    5. systemd Targets
    6. Using systemd
    7. Linux Runlevels Aliases
    8. Legacy Support for SysV init
    Lab Tasks
    1. Managing Services With Systemd's systemctl
    2. Creating a systemd unit file
  3. GRUB2/Systemd Boot Process
    1. Booting Linux on PCs
    2. GRUB 2
    3. GRUB 2 Configuration
    4. The Boot Loader Specification
    5. GRUB 2 Security
    6. Boot Parameters
    7. Initial RAM Filesystem
    8. init
    9. Systemd local-fs.target and sysinit.target
    10. Systemd basic.target and multi-user.target
    11. Legacy local bootup script support
    12. System Configuration Files
    13. RHEL9 Configuration Utilities
    14. Shutdown and Reboot
    Lab Tasks
    1. Boot Process
    2. Booting directly to a bash shell
    3. GRUB Command Line
    4. Basic GRUB Security
    5. Troubleshooting Practice: Boot Process
  4. Software Maintenance
    1. Managing Software
    2. RPM Features
    3. RPM Architecture
    4. RPM Package Files
    5. Working With RPMs
    6. Querying and Verifying with RPM
    7. Updating the Kernel RPM
    8. Dealing With RPM Yum Digest Changes
    9. DNF Plugins & RHSM Subscription Manager
    10. DNF Version Lock Plugin
    11. DNF Repositories
    12. DNF Repository Groups
    13. Compiling/Installing from Source
    14. Manually Installed Shared Libraries
    15. Rebuilding Source RPM Packages
    Lab Tasks
    1. Managing Software with RPM
    2. Creating a Custom RPM Repository
    3. Querying the RPM Database
    4. Installing Software via RPM & Source and Rebuilding SRPMs
    5. Troubleshooting Practice: Package Management
  5. Local Storage Administration
    1. Partitioning Disks with fdisk & gdisk
    2. Resizing a GPT Partition with gdisk
    3. Partitioning Disks with parted
    4. Non-Interactive Disk Partitioning with sfdisk
    5. Filesystem Creation
    6. Persistent Block Devices
    7. Mounting Filesystems
    8. Resizing Filesystems
    9. Filesystem Maintenance
    10. Managing an XFS Filesystem
    11. Swap
    12. Filesystem Structures
    13. Determining Disk Usage With df and du
    14. Configuring Disk Quotas
    15. Setting Quotas
    16. Viewing and Monitoring Quotas
    17. XFS Project quotas
    18. Filesystem Attributes
    Lab Tasks
    1. Creating and Managing Filesystems
    2. Hot Adding Swap
    3. XFS Copy-on-Write
    4. Setting User Quotas
    5. Creating XFS Project Quotas
  6. LVM & RAID
    1. Logical Volume Management
    2. Implementing LVM
    3. Creating Logical Volumes
    4. Activating LVM VGs
    5. Exporting and Importing a VG
    6. Examining LVM Components
    7. Changing LVM Components
    8. Advanced LVM Overview
    9. Advanced LVM: Components & Object Tags
    10. Advanced LVM: Automated Storage Tiering
    11. Advanced LVM: Thin Provisioning
    12. Advanced LVM: Striping & Mirroring
    13. Advanced LVM: RAID Volumes
    14. RAID Concepts
    15. Array Creation with mdadm
    16. Software RAID Monitoring
    17. Software RAID Control and Display
    Lab Tasks
    1. Creating and Managing LVM Volumes
    2. Creating LVM Thin Volumes
    3. Using Boom to Boot to an LVM Snapshot
    4. Troubleshooting Practice: LVM
    5. Creating and Managing a RAID-5 Array
  7. Remote Storage Administration
    1. Remote Storage Overview
    2. Remote Filesystem Protocols
    3. Remote Block Device Protocols
    4. File Sharing via NFS
    5. NFSv4+
    6. NFS Clients
    7. NFS Server Configuration
    8. Implementing NFSv4
    9. AutoFS
    10. AutoFS Configuration
    11. Accessing Windows/Samba Shares from Linux
    12. SAN Multipathing
    13. Multipath Configuration
    14. Multipathing Best Practices
    15. iSCSI Architecture
    16. Open-iSCSI Initiator Implementation
    17. iSCSI Initiator Discovery
    18. iSCSI Initiator Node Administration
    19. Mounting iSCSI Targets at Boot
    20. iSCSI Multipathing Considerations
    Lab Tasks
    1. Using autofs
    2. NFS Server Configuration
    3. iSCSI Initiator Configuration
    4. Multipathing with iSCSI
  8. User/Group Administration
    1. Approaches to Storing User Accounts
    2. User and Group Concepts
    3. User Administration
    4. Modifying Accounts
    5. Group Administration
    6. Password Aging
    7. Default User Files
    8. Controlling Login Sessions
    9. RHEL DS Client Configuration
    10. System Security Services Daemon (SSSD)
    Lab Tasks
    1. User and Group Administration
    2. Using LDAP for Centralized User Accounts
    3. Troubleshooting Practice: Account Management
  9. Pluggable Authentication Modules (PAM)
    1. PAM Overview
    2. PAM Module Types
    3. PAM Order of Processing
    4. PAM Control Statements
    5. PAM Modules
    6. pam_unix
    7. pam_nologin.so
    8. pam_limits.so
    9. pam_wheel.so
    10. pam_xauth.so
    Lab Tasks
    1. Restricting superuser access to wheel group membership
    2. Using pam_nologin to Restrict Logins
    3. Setting Limits with the pam_limits Modules
    4. Using pam_limits to Restrict Simultaneous Logins
  10. Security Administration
    1. Security Concepts
    2. Tightening Default Security
    3. Security Advisories
    4. Fine Grained Authorizations with Polkit
    5. File Access Control Lists
    6. Manipulating FACLs
    7. Viewing FACLs
    8. Backing Up FACLs
    9. File Creation Permissions with umask
    10. User Private Group Scheme
    11. Alternatives to UPG
    12. SELinux Security Framework
    13. SELinux Modes
    14. SELinux Commands
    15. Choosing an SELinux Policy
    16. SELinux Booleans
    17. Permissive Domains
    18. SELinux Policy Tools
    19. FirewallD
    Lab Tasks
    1. User Private Groups
    2. Using Filesystem ACLs
    3. Exploring SELinux Modes
    4. SELinux File Contexts
    5. SELinux Contexts in Action
  11. Basic Networking
    1. IPv4 Fundamentals
    2. TCP/UDP Fundamentals
    3. Linux Network Interfaces
    4. Ethernet Hardware Tools
    5. Network Configuration with ip Command
    6. Configuring Routing Tables
    7. IP to MAC Address Mapping with ARP
    8. Starting and Stopping Interfaces
    9. NetworkManager
    10. DNS Clients
    11. DHCP Clients
    12. Network Diagnostics
    13. Information from ss and netstat
    14. Hardware and System Clock
    15. Continual Time Sync with NTP
    16. Time Synchronization with Chronyd
    Lab Tasks
    1. Network Discovery
    2. Using nmcli
    3. Chrony Client Configuration
  12. Advanced Networking
    1. Multiple IP Addresses
    2. Configuring a DHCP server
    3. IPv6
    4. Interface Aggregation
    5. Interface Bonding
    6. Network Teaming
    7. Interface Bridging
    8. 802.1q VLANS
    9. Tuning Kernel Network Settings
    10. TCP Congestion Control
    Lab Tasks
    1. Multiple IP Addresses Per Network Interface
    2. Configuring IPv6
    3. TCP Congestion Control
    4. Troubleshooting Practice: Networking
  13. Log File Administration
    1. System Logging
    2. systemd Journal
    3. systemd Journal's journalctl
    4. Secure Logging with Journal's Log Sealing
    5. Cockpit - Logs
    6. Rsyslog
    7. /etc/rsyslog.conf
    8. Log Management
    9. Log Anomaly Detector
    10. Sending logs from the shell
    Lab Tasks
    1. Using the systemd Journal
    2. Setting up a Full Debug Logfile
    3. Remote Syslog Configuration
    4. Remote Rsyslog TLS Configuration
  14. Monitoring & Troubleshooting
    1. System Status – Memory
    2. System Status – I/O
    3. System Status – CPU
    4. Performance Trending with sar
    5. Determining Service to Process Mapping
    6. Real-time Monitoring of Resources — Cgroups
    7. Troubleshooting Basics: The Process
    8. Troubleshooting Basics: The Tools
    9. strace and ltrace
    10. Common Problems
    11. Troubleshooting Incorrect File Permissions
    12. Inability to Boot
    13. Typos in Configuration Files
    14. Corrupt Filesystems
    15. RHEL9 Rescue Environment
    Lab Tasks
    1. System Activity Reporter
  1. Pre-Installation Considerations
    1. Pre-Installation Considerations
    2. Hardware Compatibility
    3. Multi-OS Booting
    4. Partition Considerations
    5. Filesystem Planning
    6. Selecting a Filesystem
  2. Installing RHEL9
    1. Anaconda: An Overview
    2. Anaconda: Booting the System
    3. Anaconda: Common Boot Options
    4. Anaconda: Loading Anaconda and Packages
    5. Anaconda: Storage Options
    6. Anaconda: Troubleshooting
    7. FirstBoot
    8. Kickstart
    9. Network Booting with PXE
    10. A Typical Install
    Lab Tasks
    1. Linux Installation
    2. Automating Installation with Kickstart
  3. Manage Virtual Machines
    1. Virtualization: What and Why?
    2. Introducing libvirt
    3. libvirt: Basic Concepts
    4. libvirt: Storage Architecture
    5. libvirt: Network Architecture
    6. libvirt: Graphical Tools
    7. libvirt: Command Line Tools
    8. virsh: Basics
    9. virsh: Common Tasks
    10. virt-install
    11. Virtual Machine Guest Tools & Drivers
    12. libguestfs and guestfish
    Lab Tasks
    1. Installing a Virtual Machine
  4. Backups
    1. Backup Software
    2. Managing Optical Media
    3. SCSI Tape Drives & Libraries
    4. Backup Examples
    Lab Tasks
    1. Using rsync and ssh for Backups
    2. Using tar for Backups
    3. Using cpio for Backups
    4. Creating ISO Images for Backups
    5. Using dump and restore for Backups