Sumário Itens Encontrados: 480Linux: Powerful Server AdministrationCreditsPrefaceWhat this learning path coversWhat you need for this learning pathWho this learning path is forReader feedbackCustomer supportDownloading the example codeErrataPiracyQuestions1. Module 11. Managing Users and GroupsIntroductionCreating a user accountCreating user accounts in batch modeCreating a groupAdding group membersDeleting a user accountManaging file permissionsGetting root privileges with sudoSetting password less sudoOther uses of sudoSetting resource limits with limits.confSetting up public key authenticationWorking of SSH authenticationTroubleshooting SSH connectionsSSH tools for the Windows platformSecuring user accounts2. NetworkingConnecting to a network with a static IPIPv6 configurationInstalling the DHCP serverInstalling the DNS serverHiding behind the proxy with squidAccess control listSet cache refresh rulesSarg â tool to analyze squid logsSquid guardBeing on time with NTPDiscussing load balancing with HAProxyTuning the TCP stackTroubleshooting network connectivitySecuring remote access with OpenVPNSecuring a network with uncomplicated firewallSecuring against brute force attacksDiscussing Ubuntu security best practices3. Working with Web ServersInstalling and configuring the Apache web serverHTTP version 2 supportServing dynamic contents with PHPPHP settingsInstalling the LAMP stackUpgrading PHP under Ubuntu 14Hosting multiple websites with a virtual domainSecuring web traffic with HTTPSInstalling Nginx with PHP_FPMSetting Nginx as a reverse proxyHAProxy and VarnishLoad balancing with NginxSetting HTTPs on NginxBenchmarking and performance tuning of ApacheSecuring the web serverTroubleshooting the web serverWeb server not accessibleVirtual host not accessibleAccess denied or forbidden errorsApache downloads .php files4. Working with Mail ServersSending e-mails with PostfixEnabling IMAP and POP3 with DovecotAdding e-mail accountsWeb console for virtual mailbox administrationMail filtering with spam-assassinTroubleshooting the mail serverInstalling the Zimbra mail server5. Handling DatabasesInstalling relational databases with MySQLThereâs moreâ¦Securing MySQL installationStoring and retrieving data with MySQLImporting and exporting bulk dataAdding users and assigning access rightsRemoving user accountsSetting resource limitsInstalling web access for MySQLSetting backupsOptimizing MySQL performance â queriesSharding MySQLOptimizing MySQL performance â configurationPercona configuration wizardMySQL table compressionCreating MySQL replicas for scaling and high availabilityTroubleshooting MySQLInstalling MongoDBStoring and retrieving data with MongoDB6. Network StorageInstalling the Samba serverTools for personal file sharingAdding users to the Samba serverInstalling the secure FTP serverSynchronizing files with RsyncPerformance tuning the Samba serverTroubleshooting the Samba serverChecking network connectivityChecking the Samba serviceChecking Samba logsChecking Samba configurationInstalling the Network File System7. Cloud ComputingCreating virtual machine with KVMManaging virtual machines with virshEasy cloud images with uvtoolSetting up your own cloud with OpenStackAdding a cloud image to OpenStackLaunching a virtual instance with OpenStackInstalling Juju a service orchestration frameworkManaging services with Juju8. Working with ContainersInstalling LXD,the Linux container daemonDeploying your first container with LXDManaging LXD containersManaging LXD containers â advanced optionsSetting resource limits on LXD containersNetworking with LXDInstalling DockerStarting and managing Docker containersCreating images with a DockerfileUnderstanding Docker volumesDeploying WordPress using a Docker networkMonitoring Docker containersSecuring Docker containers9. Streaming with AmpacheInstalling the Ampache serverUploading contents and creating catalogsSetting on-the-fly transcodingEnabling API access for remote streamingStreaming music with Ampache10. Communication Server with XMPPInstalling EjabberdCreating users and connecting with the XMPP clientConfiguring the Ejabberd installationCreating web client with Strophe.jsEnabling group chatChat server with Node.js11. Git HostingInstalling GitCreating a local repository with Git CLIStoring file revisions with Git commitSynchronizing the repository with a remote serverGitHub pagesReceiving updates with Git pullCreating repository clonesInstalling GitLab,your own Git hostingAdding users to the GitLab serverCreating a repository with GitLabAutomating common tasks with Git hooks12. Collaboration ToolsInstalling the VNC serverInstalling Hackpad,a collaborative document editorUsing Hackpad with DockerInstalling Mattermost â a self-hosted slack alternativeInstalling OwnCloud,self-hosted cloud storage13. Performance MonitoringMonitoring the CPUMonitoring memory and swapMonitoring the networkMonitoring storageSetting performance benchmarksGraphing toolsMore options14. Centralized Authentication ServiceInstalling OpenLDAPInstalling phpLDAPadminUbuntu server logins with LDAPAuthenticating Ejabberd users with LDAP2. Module 21. Installing CentOSDownloading CentOS and confirming the checksum on Windowsor OS XCreating USB installation media on Windows or OS XPerforming an installation of CentOS using the graphical installerRunning a netinstall over HTTPInstalling CentOS 7 using a kickstart fileGetting started and customising the boot loaderTroubleshooting the system in rescue modeReaching rescue modeAccessing the filesystemRe-install the CentOS boot loaderUpdating the installation and enhancing the minimal install withadditional administration and development tools2. Configuring the SystemNavigating text files with lessIntroduction to VimSpeaking the right languageSynchronizing the system clock with NTP and the chrony suiteSetting your hostname and resolving the networkBuilding a static network connectionBecoming a superuserCustomizing your system banners and messagesPriming the kernel3. Managing the SystemKnowing and managing your background servicesTroubleshooting background servicesTracking system resources with journaldConfiguring journald to make it persistentManaging users and their groupsScheduling tasks with cronSynchronizing files and doing more with rsyncMaintaining backups and taking snapshotsMonitoring important server infrastructureTaking control with GIT and SubversionHow it works4. Managing Packages with YUMUsing YUM to update the systemUsing YUM to search for packagesUsing YUM to install packagesUsing YUM to remove packagesKeeping YUM clean and tidyKnowing your prioritiesUsing a third-party repositoryCreating a YUM repositoryWorking with the RPM package manager5. Administering the FilesystemCreating a virtual block deviceFormatting and mounting a filesystemUsing disk quotasEnabling user and group quotasEnabling project (directory) quotasMaintaining a filesystemExtending the capacity of the filesystem6. Providing SecurityLocking down remote access and hardening SSHChanging the SSH port number of your serverLimiting SSH access by user or groupInstalling and configuring fail2banWorking with a firewallForging the firewall rules by exampleTo change an existing firewalld service (ssh)To create your own new serviceGenerating self-signed certificatesUsing secure alternatives to FTPSecuring your vsftpd server with SSLâFTPSSecuring your vsftpd server using SSH â SFTP7. Building a NetworkPrinting with CUPSHow to add a network printer to the CUPS serverHow to share a local printer to the CUPS serverRunning a DHCP serverUsing WebDAV for file sharingInstalling and configuring NFSInstalling and configuring the NFS serverCreating an export shareWorking with NFSSecurely sharing resources with Samba8. Working with FTPInstalling and configuring the FTP serviceWorking with virtual FTP usersCustomizing the FTP serviceTroubleshooting users and file transfers9. Working with DomainsInstalling and configuring a caching-only nameserverConfiguring a caching-only Unbound DNS serverConfiguring a forwarding only DNS serverSetting up an authoritative-only DNS serverCreating an integrated nameserver solutionPopulating the domainBuilding a secondary (slave) DNS serverChanges to the primary DNS serverChanges to the secondary DNS server(s)10. Working with DatabasesInstalling a MariaDB database serverManaging a MariaDB databaseReviewing and revoking permissions or dropping a userAllowing remote access to a MariaDB serverInstalling a PostgreSQL server and managing a databaseConfiguring remote access to PostgreSQLInstalling phpMyAdmin and phpPgAdminInstalling and configuring phpMyAdminInstalling and configuring phpPgAdmin11. Providing Mail ServicesConfiguring a domain-wide mail service with PostfixChanging an e-mails appearing domain nameUsing TLS- (SSL) encryption for SMTP communicationConfigure BIND to use your new mailserverWorking with PostfixConnecting mailx to a remote MTAReading your local mails from the mailboxDelivering the mail with DovecotSetting up e-mail softwareUsing FetchmailConfiguring Fetchmail with gmail.com and outlook.com emailaccountsAutomating Fetchmail12. Providing Web ServicesInstalling Apache and serving web pagesEnabling system users and building publishing directoriesImplementing name-based hostingImplementing CGI with Perl and RubyCreating your first Perl CGI scriptCreating your first Ruby CGI scriptInstalling,configuring,and testing PHPSecuring ApacheConfiguring httpd.conf to provide better securityRemoving unneeded httpd modulesProtecting your Apache filesSetting up HTTPS with Secure Sockets Layer (SSL)13. Operating System-Level VirtualizationInstalling and configuring DockerDownloading an image and running a containerStopping and starting a containerAttaching and interacting with your containerCreating your own images from Dockerfiles and uploading toDocker HubUploading your image to the Docker HubSetting up and working with a private Docker registrySteps to be done on our Docker registry serverSteps to be done on every client needing access to ourregistry14. Working with SELinuxInstalling and configuring important SELinux toolsWorking with SELinux security contextsWorking with policiesTroubleshooting SELinux15. Monitoring IT InfrastructureInstalling and configuring Nagios CoreSetting up NRPE on remote client hostsMonitoring important remote system metrics3. Module 31. Working with KVM GuestsInstalling and configuring a KVMManual installationKickstart installationGraphical setup during the systems setupConfiguring resourcesCreating storage poolsQuerying storage poolsRemoving storage poolsCreating a virtual networkRemoving networksLocal storage poolsNetworked or shared storage poolsBuilding guestsCreate a guestDeleting a guestAdding CPUs on the flyOn the KVM host,perform the following steps:On the KVM guest,perform the following:Adding RAM on the flyAdding disks on the flyMoving disks to another storageMoving VMsLive native migration over the default networkLive native migration over a dedicated networkBacking up your VM metadata2. Deploying RHEL "En Masse"Creating a kickstart filePublishing your kickstart file using httpdDeploying a system using PXEDeploying a system using a custom boot ISO file3. Configuring Your NetworkCreating a VLAN interfaceCreating the VLAN connection with nmcliCreating the VLAN connection with nmtuiCreating the VLAN connection with kickstartCreating a teamed interfaceCreating the teamed interface using nmcliCreating the teamed interface using nmtuiCreating the teamed interface with kickstartnmclinmtuikickstartCreating a bridgeCreating a bridge using nmcliCreating a bridge using nmtuiCreating a bridge with kickstartConfiguring IPv4 settingsSetting your IPv4 configuration using nmcliSetting your IPv4 configuration using nmtuiConfiguring your DNS resolversSetting your DNS resolvers using nmcliSetting your DNS resolvers using nmtuiConfiguring static network routesConfiguring static network routes using nmcliConfiguring network routes using nmtui4. Configuring Your New SystemThe systemd service and setting runlevelsStarting and stopping systemd servicesConfiguring the systemd journal for persistenceMonitoring services using journalctlConfiguring logrotateManaging timeManaging time through chronyManaging time through ntpdConfiguring your boot environmentConfiguring smtp5. Using SELinuxChanging file contextsTemporary context changesPersistent file context changesConfiguring SELinux booleansListing SELinux booleansChanging SELinux booleansConfiguring SELinux port definitionsaudit.logsyslogausearchCreating SELinux policiesApplying SELinux policies6. Orchestrating with AnsibleInstall AnsibleInstalling the latest tarballInstalling cutting edge from GitInstalling Ansible from the EPEL repositoryConfiguring the Ansible inventoryThe static inventory fileThe dynamic inventory filehost_vars filesgroup_vars filesCreating a template for a kickstart fileCreating a playbook to deploy a new VM with kickstartCreating a playbook to perform system configuration tasksTroubleshooting Ansible7. Puppet Configuration ManagementInstalling and configuring Puppet MasterInstalling and configuring the Puppet agentDefining a simple module to configure timeDefining nodes and node groupingCreate the configuration nodeCreate a node groupDeploying modules to single nodes and node groupsConfigure to deploy a module or manifest to a single clientConfigure to deploy a module or manifest to a node groupConfigure to deploy to all registered systemsDeploy to a system8. Yum and RepositoriesManaging yum historyYour yum historyInformation about a yum transaction or packageUndoing/redoing certain yum transactionsRoll back to a certain point in your transaction historyCreating a copy of an RHN repositorySyncing RHN repositoriesConfiguring additional repositoriesSetting up yum to automatically updateConfiguring logrotate for yumRecovering from a corrupted RPM database9. Securing RHEL 7Installing and configuring IPAInstalling the IPA serverInstalling the IPA clientSecuring the system loginConfiguring privilege escalation with sudoSecure the network with firewalldShowing the currently allowed services and ports on yoursystemAllowing incoming requests for NFS (v4)Allowing incoming requests on an arbitrary portUsing kdump and SysRqInstalling and configuring kdump and SysRqUsing kdump tools to analyze the dumpUsing ABRTInstalling and configuring abrtdUsing abrt-cliAuditing the systemConfiguring a centralized syslog server to accept audit logsSome audit rulesShowing audit logs for the preceding rules10. Monitoring and Performance TuningTuning your systems performanceSetting up PCP â Performance Co-PilotThe default installationThe central collectorMonitoring basic system performanceMonitoring CPU performanceMonitoring RAM performanceMonitoring storage performanceMonitoring network performanceBibliography