COURSE OBJECTIVE:
Course Objectives On completion of this course the delegate will have in-depth technical knowledge of what is required to administer Linux within the Enterprise. They will have gained practical experience of configuring administrative,networking and security aspects of a Linux Enterprise system to an advanced level.
TARGET AUDIENCE:
Who will the Course Benefit? The SUSE Linux Advanced System Administration (SCA) training course is suitable for Linux System Administrators who need to acquire advanced administration knowledge of the key administrative,networking and security tasks required on Linux within the Enterprise. An ideal course for delegates who will be working in an environment using several different Linux distributions and therefore knowledge of skills common to all the different Linux distributions is required. For the purpose of practical exercises,SUSE Linux will be used. Note: Should the delegate only require knowledge of Red Hat Linux then they should instead consider attending our range of Red Hat Linux Administration courses.
COURSE PREREQUISITES:
Requirements Experience of administering Linux in an Enterprise environment to the level covered in the SUSE Linux System Administration (SCA) course.
COURSE CONTENT:
SUSE Linux Advanced System Administration (SCA) Training Course Course Contents – DAY 1 Course Introduction • Administration and Course Materials • Course Structure and Agenda • Delegate and Trainer Introductions Session 1: ADVANCED NETWORK CONFIGURATION & TROUBLESHOOTING • Configuring the network card • Network scripts • Configuring routing • Network troubleshooting and related tools • The radvd Router Advertisement Daemon • Exercise Session 2: APACHE,SQUID AND NGINX • Apache main configuration files • Apache server and access configuration • Configuring secure Apache (https) • Configuring IP address-based virtual hosts • Configuring name-based virtual hosts • Configuring Apache for user-based content • Configuring the Squid proxy server • Configuring client browsers • Squid security settings • Nginx Proxy and Reverse Proxy • Exercise Session 3: NFS NETWORK SERVICES • NFS operation and associated daemons • Configuring an NFS server • Investigating the portmapper • Configuring an NFS client • Mounting NFS filesystems at boot • Using the automounter to access NFS mounts on demand • Configuring AutoFS direct and indirect mounts • Creating AutoFS units • Exercise Session 4: SAMBA • Configuring a Samba server • Testing the Samba configuration (testparm) • Configuring Samba users • Mapping Windows and Samba users • Starting Samba • Managing Windows filesystems (smbmount,nmblookup) • Accessing Windows shares • Exercise SUSE Linux Advanced System Administration (SCA) Training Course Course Contents – DAY 2 Session 5: THE DOMAIN NAME SERVER • DNS operation • Types of DNS Servers • Domain Name Space • Setting up a DNS master and slave server • Server configuration files (named.conf and databases) • DNS resource record formats • Configuring DNS logging • Configuring DNS security • Testing DNS resolution • Configuring DNS Clients • Exercise Session 6: DHCP • Configuring DHCP • The dhcpd.conf configuration file • DNS entries • Address leases • DHCP client configuration • Exercise Session 7: FTP • Configuring a VSFTPD server • Configuring FTP • Configuring Pure-FTPd • Configuring ProFTPd • Active vs Passive mode • The vsftpd.conf configuration file • Anonymous access • Restricting access to the user's login directory • FTP logfile • Exercise Session 8: CENTRALISED STORAGE WITH ISCSI • Definition and benefits of iSCSI • Configuring an iSCSI target and initiator • Configuring iSCSI via YaST • Exercise SUSE Linux Advanced System Administration (SCA) Training Course Course Contents – DAY 3 Session 9: FILESYSTEM TOOLS AND DISK MONITORING • Converting Ext filesystems to Btrfs • Checking and repairing Btrfs filesystems • Creating Btrfs subvolumes and snapshots • Performing full and incremental backups of XFS filesystems • Querying the backup repository • Restoring XFS filesystems • The ZFS filesystem • Configuring smartd • Disk monitoring with smartctl • Exercise Session 10: RAID • RAID overview • Raw devices and partitions • Creating and managing a RAID device • Creating and mounting a file system within RAID • Hot swapping failed drives • Exercise Session 11: LOGICAL VOLUME MANAGEMENT (LVM) • Logical Volume Management Overview • Viewing LVM information • Configuring LVM • Creating striped logical volumes • Resizing Logical Volumes • Logical Volume Snapshots • The role of the Device Mapper • Configuring the lvm.conf file • Exercise Session 12: DIRECTORY SERVICES • Structure of an LDAP Tree • Configuring 389 Directory Services • Managing Directory Server Users • Testing the Directory Server • Configuring the Client • Legacy LDAP Commands • Secure LDAPS with Directory Server • Exercise SUSE Linux Advanced System Administration (SCA) Training Course Course Contents – DAY 4 Session 13: COMPILING SOFTWARE FROM SOURCE • Installing programs from source • Compiling Open Source Software • Installing the compiled software • Managing shared libraries • Compiling from SRC (source) RPM packages • Exercise Session 14: SYSTEM MONITORING & PERFORMANCE MANAGEMENT • System performance monitoring • Collecting system performance information • Monitoring memory usage • Measuring virtual memory • Measuring I/O performance • Performance Guidelines • Performance monitoring tools • Capacity planning • Exercise Session 15: FIREWALL CONFIGURATION • Basic packets and routing • Netfilter (iptables) • Packet filtering (iptables,chains,rule targets,connection tracking) • Saving and restoring firewall settings • Network address translation (NAT) • Exercise Session 16: SYSTEM SECURITY • Reporting security alerts • Applying security related patches • Installing and configuring a Host Intrusion Detection System (HIDS) • Installing and configuring fail2ban • Exercise SUSE Linux Advanced System Administration (SCA) Training Course Course Contents – DAY 5 Session 17: PLUGGABLE AUTHENTICATION MODULES (PAM) • The main PAM configuration files • Configuration file formats • Controlling user access using the configuration files • Configuring pam_listfile • Controlling time-based access with PAM • Controlling limits with PAM • Exercise Session 18: POSTFIX • Configuring a Postfix server • Postfix TLS configuration • Configuring Dovecot • Managing email delivery • Filtering emails • Exercise Session 19: THE LINUX KERNEL • Kernel naming conventions • Monolithic and Modular kernel design • Listing modules • Kernel module configuration • Kernel tuning • The GRUB2 Bootloader • Installing an alternate Kernel • Exercise Session 20: HARDWARE CONFIGURATION • Hotplug system • Devices and Interfaces • sysfs filesystem and persistent names • Device initialisation and interface configuration • Hotplug and Coldplug • UDEV system • Exercise Addendum: Reference Materials (provided within the course handbook for additional reading) APPENDIX A – CONFIGURING APACHE FOR PHP AND TOMCAT • Configuring Apache Web Server to support PHP and Tomcat APPENDIX B – BASIC OPENVPN • Accessing a private network with OpenVPN APPENDIX C – RAIDTOOLS • Old style raidtools package APPENDIX D – ALTERNATE BOOT LOADERS • An overview of SYSLINUX and ISOLINUX • Booting with PXELINUX APPENDIX E – DRACUT • Managing the Linux boot process with dracut APPENDIX F – APPARMOR • Enabling and disabling AppArmor • AppArmor monitoring tools • Building and modifying AppArmor profiles • Logging AppArmor • AppArmor Options • Exercise
FOLLOW ON COURSES:
Further Learning Linux Advanced Shell Programming Tools Linux System Security Apache Web Server Oracle SQL