KEMBAR78
Systems administration for coders presentation | PPTX
MW
Uploaded byMatt Willsher
PPTX, PDF348 views

Systems administration for coders presentation

The document provides comprehensive guidelines for systems administration, emphasizing best practices to enhance reliability and minimize maintenance time. It outlines the roles and responsibilities of systems administrators, including technology implementation, routine maintenance, security management, and effective use of tools like SSH. Additionally, it covers deployment methods, system diagnostics, and security measures to ensure optimal performance and management of computer systems.

Download to read offline
SYSTEMS ADMINISTRATION FOR CODERS Hints & tips to increase reliability & reduce maintenance time.
WHAT IS A SYSTEM? An assemblage or combination of things or parts forming a complex or unitary whole.
WHAT DOES A SYSTEMS ADMINISTRATOR DO? • Introduces new technologies into an environment • Analyses system logs and identifies potential issues with a system. • Plans and performs routine maintenance • Performs and maintains backups • Installs and configures new software and hardware
WHAT DOES A SYSTEMS ADMINISTRATOR DO? • Manages user accounts • Responsibility for security • Responsibility for documentation of the system • Plans systems upgrades and outages to apply upgrades • Troubleshooting reported problems • Deals with, often frustrated, system users... ... etc. etc.
A COMPUTER SYSTEM • Many components working together - software (application, web server, OS), hardware (disks, RAM, CPU) & others (networking equipment, switches, routers, load balancers) • Provides stability and maintainability that underpins the entire application. • Supports your software for its lifetime. • Can provide parts of your application. Sometimes a problem has already been solved by some other software.
START AT BEGINNING • Start sysadmin tasks at the beginning of the project. • Write tools to aid deployment. • Write tools to set up environments. • Iterate over these tools and stabilise for production
ENVIRONMENTS • Dev, QA, Live • Dev, Test, QA, UAT, Live ~~ Dev, Test, QA, UAT, Staging, Live • The nearer they get to live, the closer the should resemble live. • Dev environment should at least be the same major versions, preferably OS version. • Vagrant is a useful tool for this.
SSH • Probably the most frequently used tool • Forwarding SSH agent to allow key use remotely (e.g. git, hopping between servers) • Tunnels for access to remote resources • Reverse tunnels for remote access to local resource • Easy to configure the client
SSH-AGENT • Generate keys >2048 bits (e.g. ssh-keygen -b 4096) • ssh-add to load default key (~/.ssh/id_rsa) • ssh-copy-id <server> to copy to remote server • ssh -A <server> to forward agent back to local instance. • Agent runs at login for modern Linux desktop, Mac OS.
SSH-TUNNELS • Local access to remote: ssh -L3307:localhost:3306 <server> • Remote access to local: ssh -R:3307:localhost:3306 <server> • SOCKS proxy: ssh -D5050 <server>
SSH CLIENT CONFIGURATION • Per user configuration: ~/.ssh/config • Config options can be set per host or via wild card, e.g. User, ForwardAgent, Hostname & many more • manpage: ssh_config
UNIX/LINUX PRINCIPLES • Most things in Linux & UNIX are text. • Each command line tools does one task and does it well. • Command line tools process text with relative ease. • Much of the text is separated into fields - especially logs, or as key = value pairs. • There are standard locations for many types of file.
BASIC TOOLS • cat - display text • grep - find text • awk - field processing (and more) • sed - search and replace text • wc - count • cut - simple field processing • head, tail - print first and last lines of text • sort - sort text
LOCATION, LOCATION, LOCATION • /etc - configuration • /usr - read-only user data • /var - variable length files (caches, logs, temporary files) • /home - users' home directories • /opt - optional applications • /srv - served site specific data • See the Filesystem Hierarchy Standard. Same across most distros
VARIABLE LENGTH FILES • /var/log - Logs go here • /var/cache - Cached files • Watch your permissions • During normal operation, /usr, /opt should be able to be mounted read only
SOFTWARE DEPLOYMENT • Use vendor supplied packages whenever possible: • Reduces risk of misconfigurations • Easier to seek help • Usually well tested • Easier upgrades, timely security fixes • Building from source will take a fair amount of time, CPU • Ruby may be an exception. PHP isn't
CHOICE OF LINUX DISTRIBUTION • Two main camps - Debian and RedHat • Red Hat Enterprise Linux is rock solid but expensive & packages tend to be older. CentOS is Enterprise Linux recompiled from the same source RPMs. • Debian stable is rock solid but packages tend to be old. Community/3rd party support only. • Ubuntu LTS is pretty solid, packages are more recent than EL. Well supported in the Cloud - AWS, OpenStack especially.
SOURCE OF PACKAGES • Use as stable, well testing packages as much possible • Ubuntu main, Debian stable ideally • For EL distros, EPEL augments core packages well • For EL, IUS provide recent versions of MySQL, PHP but is less well tested. • Avoid one person repos, PPAs if at all possible.
BUILDING FROM SOURCE • Do not build on live servers. Deploy only compiled code. • Ideally produce a package. • Avoid if possible. Increased risk of problems - more moving parts.
DIAGNOSTICS • Check disk space: df -h 100% full is bad. • Check logs: /var/log, /var/log/syslog, /var/log/messages - get to know your logs. • dmesg for hardware information. • Check RAM (free -m) and CPU usage with top. • Install sysstat package early on - sar will gather data. Also gives you iostat, vmstat, mpstat.
SECURITY • Install denyhosts/fail2ban to help protect SSH. • Disable SSH in as root, use SSH keys. • Use host based firewalls, AWS security groups. • Don’t run your servers as root. Try to split them over different users with clear paths between them. One user nginx, one. php-fpm • Audit trials are useful.
BACKUPS • Databases: Dump the DB, don’t take hot copies of the DB files, • Make use of your hosting providers backup services. • Make sure you can restore. Test regularly.
PROCESS • Repeat manual tasks often • Try to use the same deployment system across stages • Get live up early, treat it as UAT and deploy to it regularly. Avoid 'big bang' deployment • Use what suits - don't blindly follow trends, assess risks as suits the type of project. • Small steps, iterative improvement. Agile, Kanban, Lean etc.
AUTOMATION • CFEngine, Puppet, Chef can get you quick wins. They can quickly become hard to manage. Learning curves are steep. • Ansible is simple to get going on. Can be hacked at and still get good results. Data driven. Pretty new, but growing fast. • Nothing wrong with shell/Python/Ruby/Perl scripts. Configuration management tools are not essential. • Packaging gets you out of a lot of automation tasks.
THAT’S A LOT OF STUFF! • Not touched on DR, monitoring, OS provisioning, storage, networking... • Hire a sys-admin :) • A good sys-admin will work with you... • ...to let you get on with the job you enjoy.
QUESTIONS? matt@monki.org.uk
THANKS! matt@monki.org.uk

More Related Content

PPTX
Device drivers Introduction
byvijay selva
 
PDF
Developing a Ceph Appliance for Secure Environments
byCeph Community
 
PPTX
Device Drivers in Linux
byShreyas MM
 
PDF
Simplifying Ceph Management with Virtual Storage Manager (VSM)
byCeph Community
 
PPT
2. introduction to linux
byMohd yasin Karim
 
PPTX
Unix tc
byBill Chea
 
PPTX
Server Hardening Primer - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
PPT
Linux操作系统01 简介
bylclsg123
 
Device drivers Introduction
byvijay selva
 
Developing a Ceph Appliance for Secure Environments
byCeph Community
 
Device Drivers in Linux
byShreyas MM
 
Simplifying Ceph Management with Virtual Storage Manager (VSM)
byCeph Community
 
2. introduction to linux
byMohd yasin Karim
 
Unix tc
byBill Chea
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
Linux操作系统01 简介
bylclsg123
 

What's hot

PDF
XPDS16: Xen Project Weather Report 2016
byThe Linux Foundation
 
PDF
Embedded Systems: Lecture 5: A Tour in RTOS Land
byAhmed El-Arabawy
 
PPTX
Arch linux and whole security concepts in linux explained
bykrishna kakade
 
PPTX
What can QNAP Turbo NAS do for your business
byqnap
 
PDF
Embedded Systems: Lecture 6: Linux & GNU
byAhmed El-Arabawy
 
PPTX
SOUG_Deployment__Automation_DB
byUniFabric
 
PPT
GPLS/PINES GenaSYS Presentation - EG2012
bypines
 
PDF
Building a Two Node SLES 11 SP2 Linux Cluster with VMware
bygeekswing
 
PPTX
NGENSTOR_ODA_P2V_V5
byUniFabric
 
PDF
Course 101: Lecture 4: A Tour in RTOS Land
byAhmed El-Arabawy
 
PDF
Nrpe
byTushar Dwivedi
 
PDF
My experience with embedding PostgreSQL
byJignesh Shah
 
PDF
Gnubs-pres-foss-cdac-sem
bySagun Baijal
 
PDF
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
byThe Linux Foundation
 
PDF
Tuning DB2 in a Solaris Environment
byJignesh Shah
 
PDF
Course 101: Lecture 6: Installing Ubuntu
byAhmed El-Arabawy
 
PDF
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
byNagios
 
PPT
1184 Quayle
byStanley F. Quayle
 
XPDS16: Xen Project Weather Report 2016
byThe Linux Foundation
 
Embedded Systems: Lecture 5: A Tour in RTOS Land
byAhmed El-Arabawy
 
Arch linux and whole security concepts in linux explained
bykrishna kakade
 
What can QNAP Turbo NAS do for your business
byqnap
 
Embedded Systems: Lecture 6: Linux & GNU
byAhmed El-Arabawy
 
SOUG_Deployment__Automation_DB
byUniFabric
 
GPLS/PINES GenaSYS Presentation - EG2012
bypines
 
Building a Two Node SLES 11 SP2 Linux Cluster with VMware
bygeekswing
 
NGENSTOR_ODA_P2V_V5
byUniFabric
 
Course 101: Lecture 4: A Tour in RTOS Land
byAhmed El-Arabawy
 
Nrpe
byTushar Dwivedi
 
My experience with embedding PostgreSQL
byJignesh Shah
 
Gnubs-pres-foss-cdac-sem
bySagun Baijal
 
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
byThe Linux Foundation
 
Tuning DB2 in a Solaris Environment
byJignesh Shah
 
Course 101: Lecture 6: Installing Ubuntu
byAhmed El-Arabawy
 
Nagios Conference 2013 - John Sellens - Monitoring Remote Locations with Nagios
byNagios
 
1184 Quayle
byStanley F. Quayle
 

Similar to Systems administration for coders presentation

PDF
Web 2.0 Performance and Reliability: How to Run Large Web Apps
byadunne
 
PPTX
'Intro to Infrastructure as Code' - DevOps Belfast
byJohn Fitzpatrick
 
ODP
Deepa ppt about lamp technology
byDeepa
 
ODP
lamp technology
byDeepa
 
PDF
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
byemausalsonal
 
PDF
Deployment of WebObjects applications on CentOS Linux
byWO Community
 
PDF
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
bymummdhnhy3994
 
PPT
Planning for-high-performance-web-application
byNguyễn Duy Nhân
 
PDF
Linux Unveiled: From Novice to Guru Kameron Hussain
byahendadedzi
 
PDF
PDF Servers for Hackers Server Administration for Programmers 1 (2018-06-19) ...
byolkscoray
 
PPTX
linux_admin_course_full_for beginers.pptx
bytejas2429
 
PPT
Network administrationcode Lecture 1.ppt
byWamisho
 
PPT
Lamp technology
by2tharan21
 
PDF
Linux Administration for Developers
byMahmoud Said
 
PPT
Desktops-Servers-Services-connexion directe à tous les autres ordinateurs du ...
bysabrinamokrani5
 
PDF
Top AWS DevOps course in Hyderabad
byManiSri4
 
PPT
Planning For High Performance Web Application
byYue Tian
 
ODP
Nadhiya lamp
byNadhi ya
 
PDF
Scalable, good, cheap
byMarc Cluet
 
PDF
Puppet for Sys Admins
byPuppet
 
Web 2.0 Performance and Reliability: How to Run Large Web Apps
byadunne
 
'Intro to Infrastructure as Code' - DevOps Belfast
byJohn Fitzpatrick
 
Deepa ppt about lamp technology
byDeepa
 
lamp technology
byDeepa
 
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
byemausalsonal
 
Deployment of WebObjects applications on CentOS Linux
byWO Community
 
Servers for Hackers Server Administration for Programmers 1 (2018-06-19) Edit...
bymummdhnhy3994
 
Planning for-high-performance-web-application
byNguyễn Duy Nhân
 
Linux Unveiled: From Novice to Guru Kameron Hussain
byahendadedzi
 
PDF Servers for Hackers Server Administration for Programmers 1 (2018-06-19) ...
byolkscoray
 
linux_admin_course_full_for beginers.pptx
bytejas2429
 
Network administrationcode Lecture 1.ppt
byWamisho
 
Lamp technology
by2tharan21
 
Linux Administration for Developers
byMahmoud Said
 
Desktops-Servers-Services-connexion directe à tous les autres ordinateurs du ...
bysabrinamokrani5
 
Top AWS DevOps course in Hyderabad
byManiSri4
 
Planning For High Performance Web Application
byYue Tian
 
Nadhiya lamp
byNadhi ya
 
Scalable, good, cheap
byMarc Cluet
 
Puppet for Sys Admins
byPuppet
 

Recently uploaded

PDF
Atlantix is an AI-first venture studio, building companies with AI at the core
byadmin625551
 
PPTX
Agentic AI Solutions and Services | Aeologic
byankitaeologic
 
PPTX
BioVault.net ADW 2025 CODATA: SyftBox: a General Purpose Solution for Data Vi...
byMadhava Jay
 
PDF
Unlock This Brilliant App Freezur That Builds Brainrot Videos That Captivate ...
bySOFTTECHHUB
 
PPTX
Hybrid Active Directory Cyber Resiliency
byFrancesco Faenzi
 
PDF
Getting the Best of TrueDEM – October News & Updates
bypanagenda
 
PPTX
"Towards React Server Components in Clojure", Roman Liutikov
byFwdays
 
PDF
Application Monitoring and Observability: Elastic Stack Solution for Producti...
byPattabhi Amperayani
 
PDF
Planetek Italia Corporate Profile brochure
byPlanetek Italia Srl
 
PDF
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
PDF
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 
PDF
NDP Act GAID Simplified: From Confusion to Compliance
byMuiz Adeleke
 
PDF
TrustArc Webinar - Migration to TrustArc: What Your Journey Will Look Like
byTrustArc
 
PDF
Using Copilot with Microsoft Office Apps
byDeb Walther
 
PDF
Expert Python App Development Company for Modern Enterprises
bySynapseIndia
 
PDF
Session 4 - Specialized AI Associate Series: UiPath Document Understanding O...
byDianaGray10
 
PDF
How to Measure Microsoft 365 Copilot Success and Manage AI Risk: Advanced Str...
byNikki Chapple
 
PPTX
WUG-DMV: Workfront Wizards: Tips & Tricks Exchange (Sept 2025)
byWUG-DC MARYLAND VIRGINIA
 
PDF
Agentic AI Guide for Enterprise Use-cases
byDebmalya Biswas
 
PPTX
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 
Atlantix is an AI-first venture studio, building companies with AI at the core
byadmin625551
 
Agentic AI Solutions and Services | Aeologic
byankitaeologic
 
BioVault.net ADW 2025 CODATA: SyftBox: a General Purpose Solution for Data Vi...
byMadhava Jay
 
Unlock This Brilliant App Freezur That Builds Brainrot Videos That Captivate ...
bySOFTTECHHUB
 
Hybrid Active Directory Cyber Resiliency
byFrancesco Faenzi
 
Getting the Best of TrueDEM – October News & Updates
bypanagenda
 
"Towards React Server Components in Clojure", Roman Liutikov
byFwdays
 
Application Monitoring and Observability: Elastic Stack Solution for Producti...
byPattabhi Amperayani
 
Planetek Italia Corporate Profile brochure
byPlanetek Italia Srl
 
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 
NDP Act GAID Simplified: From Confusion to Compliance
byMuiz Adeleke
 
TrustArc Webinar - Migration to TrustArc: What Your Journey Will Look Like
byTrustArc
 
Using Copilot with Microsoft Office Apps
byDeb Walther
 
Expert Python App Development Company for Modern Enterprises
bySynapseIndia
 
Session 4 - Specialized AI Associate Series: UiPath Document Understanding O...
byDianaGray10
 
How to Measure Microsoft 365 Copilot Success and Manage AI Risk: Advanced Str...
byNikki Chapple
 
WUG-DMV: Workfront Wizards: Tips & Tricks Exchange (Sept 2025)
byWUG-DC MARYLAND VIRGINIA
 
Agentic AI Guide for Enterprise Use-cases
byDebmalya Biswas
 
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 

Systems administration for coders presentation

  • 1.
    SYSTEMS ADMINISTRATION FOR CODERS Hints &tips to increase reliability & reduce maintenance time.
  • 2.
    WHAT IS ASYSTEM? An assemblage or combination of things or parts forming a complex or unitary whole.
  • 3.
    WHAT DOES ASYSTEMS ADMINISTRATOR DO? • Introduces new technologies into an environment • Analyses system logs and identifies potential issues with a system. • Plans and performs routine maintenance • Performs and maintains backups • Installs and configures new software and hardware
  • 4.
    WHAT DOES ASYSTEMS ADMINISTRATOR DO? • Manages user accounts • Responsibility for security • Responsibility for documentation of the system • Plans systems upgrades and outages to apply upgrades • Troubleshooting reported problems • Deals with, often frustrated, system users... ... etc. etc.
  • 5.
    A COMPUTER SYSTEM •Many components working together - software (application, web server, OS), hardware (disks, RAM, CPU) & others (networking equipment, switches, routers, load balancers) • Provides stability and maintainability that underpins the entire application. • Supports your software for its lifetime. • Can provide parts of your application. Sometimes a problem has already been solved by some other software.
  • 6.
    START AT BEGINNING •Start sysadmin tasks at the beginning of the project. • Write tools to aid deployment. • Write tools to set up environments. • Iterate over these tools and stabilise for production
  • 7.
    ENVIRONMENTS • Dev, QA,Live • Dev, Test, QA, UAT, Live ~~ Dev, Test, QA, UAT, Staging, Live • The nearer they get to live, the closer the should resemble live. • Dev environment should at least be the same major versions, preferably OS version. • Vagrant is a useful tool for this.
  • 8.
    SSH • Probably themost frequently used tool • Forwarding SSH agent to allow key use remotely (e.g. git, hopping between servers) • Tunnels for access to remote resources • Reverse tunnels for remote access to local resource • Easy to configure the client
  • 9.
    SSH-AGENT • Generate keys>2048 bits (e.g. ssh-keygen -b 4096) • ssh-add to load default key (~/.ssh/id_rsa) • ssh-copy-id <server> to copy to remote server • ssh -A <server> to forward agent back to local instance. • Agent runs at login for modern Linux desktop, Mac OS.
  • 10.
    SSH-TUNNELS • Local accessto remote: ssh -L3307:localhost:3306 <server> • Remote access to local: ssh -R:3307:localhost:3306 <server> • SOCKS proxy: ssh -D5050 <server>
  • 11.
    SSH CLIENT CONFIGURATION • Peruser configuration: ~/.ssh/config • Config options can be set per host or via wild card, e.g. User, ForwardAgent, Hostname & many more • manpage: ssh_config
  • 12.
    UNIX/LINUX PRINCIPLES • Mostthings in Linux & UNIX are text. • Each command line tools does one task and does it well. • Command line tools process text with relative ease. • Much of the text is separated into fields - especially logs, or as key = value pairs. • There are standard locations for many types of file.
  • 13.
    BASIC TOOLS • cat- display text • grep - find text • awk - field processing (and more) • sed - search and replace text • wc - count • cut - simple field processing • head, tail - print first and last lines of text • sort - sort text
  • 14.
    LOCATION, LOCATION, LOCATION • /etc- configuration • /usr - read-only user data • /var - variable length files (caches, logs, temporary files) • /home - users' home directories • /opt - optional applications • /srv - served site specific data • See the Filesystem Hierarchy Standard. Same across most distros
  • 15.
    VARIABLE LENGTH FILES •/var/log - Logs go here • /var/cache - Cached files • Watch your permissions • During normal operation, /usr, /opt should be able to be mounted read only
  • 16.
    SOFTWARE DEPLOYMENT • Usevendor supplied packages whenever possible: • Reduces risk of misconfigurations • Easier to seek help • Usually well tested • Easier upgrades, timely security fixes • Building from source will take a fair amount of time, CPU • Ruby may be an exception. PHP isn't
  • 17.
    CHOICE OF LINUX DISTRIBUTION •Two main camps - Debian and RedHat • Red Hat Enterprise Linux is rock solid but expensive & packages tend to be older. CentOS is Enterprise Linux recompiled from the same source RPMs. • Debian stable is rock solid but packages tend to be old. Community/3rd party support only. • Ubuntu LTS is pretty solid, packages are more recent than EL. Well supported in the Cloud - AWS, OpenStack especially.
  • 18.
    SOURCE OF PACKAGES •Use as stable, well testing packages as much possible • Ubuntu main, Debian stable ideally • For EL distros, EPEL augments core packages well • For EL, IUS provide recent versions of MySQL, PHP but is less well tested. • Avoid one person repos, PPAs if at all possible.
  • 19.
    BUILDING FROM SOURCE •Do not build on live servers. Deploy only compiled code. • Ideally produce a package. • Avoid if possible. Increased risk of problems - more moving parts.
  • 20.
    DIAGNOSTICS • Check diskspace: df -h 100% full is bad. • Check logs: /var/log, /var/log/syslog, /var/log/messages - get to know your logs. • dmesg for hardware information. • Check RAM (free -m) and CPU usage with top. • Install sysstat package early on - sar will gather data. Also gives you iostat, vmstat, mpstat.
  • 21.
    SECURITY • Install denyhosts/fail2banto help protect SSH. • Disable SSH in as root, use SSH keys. • Use host based firewalls, AWS security groups. • Don’t run your servers as root. Try to split them over different users with clear paths between them. One user nginx, one. php-fpm • Audit trials are useful.
  • 22.
    BACKUPS • Databases: Dumpthe DB, don’t take hot copies of the DB files, • Make use of your hosting providers backup services. • Make sure you can restore. Test regularly.
  • 23.
    PROCESS • Repeat manualtasks often • Try to use the same deployment system across stages • Get live up early, treat it as UAT and deploy to it regularly. Avoid 'big bang' deployment • Use what suits - don't blindly follow trends, assess risks as suits the type of project. • Small steps, iterative improvement. Agile, Kanban, Lean etc.
  • 24.
    AUTOMATION • CFEngine, Puppet,Chef can get you quick wins. They can quickly become hard to manage. Learning curves are steep. • Ansible is simple to get going on. Can be hacked at and still get good results. Data driven. Pretty new, but growing fast. • Nothing wrong with shell/Python/Ruby/Perl scripts. Configuration management tools are not essential. • Packaging gets you out of a lot of automation tasks.
  • 25.
    THAT’S A LOTOF STUFF! • Not touched on DR, monitoring, OS provisioning, storage, networking... • Hire a sys-admin :) • A good sys-admin will work with you... • ...to let you get on with the job you enjoy.
  • 26.
  • 27.