├── .gitattributes
├── .github
└── workflows
│ └── mdbook.yml
├── .gitignore
├── README.md
├── book.toml
├── ref
├── intro.md
├── ub.md
├── ulab.md
└── uws.md
├── scripts
└── generate_resources.sh
├── src
├── SUMMARY.md
├── assets
│ ├── deploy
│ │ └── ansible-playbook.yml
│ ├── downloads
│ │ ├── u1
│ │ │ ├── u1_lab.docx
│ │ │ ├── u1_lab.pdf
│ │ │ ├── u1_worksheet.docx
│ │ │ └── u1_worksheet.txt
│ │ ├── u10
│ │ │ ├── u10_lab.docx
│ │ │ ├── u10_lab.pdf
│ │ │ ├── u10_worksheet.docx
│ │ │ ├── u10_worksheet.pdf
│ │ │ └── u10_worksheet.txt
│ │ ├── u11
│ │ │ ├── u11_lab.docx
│ │ │ ├── u11_lab.pdf
│ │ │ ├── u11_worksheet.docx
│ │ │ ├── u11_worksheet.pdf
│ │ │ └── u11_worksheet.txt
│ │ ├── u12
│ │ │ ├── u12_lab.docx
│ │ │ ├── u12_lab.pdf
│ │ │ ├── u12_worksheet.docx
│ │ │ ├── u12_worksheet.pdf
│ │ │ └── u12_worksheet.txt
│ │ ├── u13
│ │ │ ├── enable-now.png
│ │ │ ├── expanselogs.png
│ │ │ ├── image2.jpeg
│ │ │ ├── image3.png
│ │ │ ├── iptables.png
│ │ │ ├── nginxbans.png
│ │ │ ├── sshbans.png
│ │ │ ├── u13_lab.docx
│ │ │ ├── u13_lab.pdf
│ │ │ ├── u13_worksheet.docx
│ │ │ ├── u13_worksheet.pdf
│ │ │ └── u13_worksheet.txt
│ │ ├── u14
│ │ │ ├── u14_lab.docx
│ │ │ ├── u14_lab.pdf
│ │ │ ├── u14_worksheet.docx
│ │ │ ├── u14_worksheet.pdf
│ │ │ └── u14_worksheet.txt
│ │ ├── u15
│ │ │ ├── u15_lab.docx
│ │ │ ├── u15_lab.pdf
│ │ │ ├── u15_worksheet.docx
│ │ │ ├── u15_worksheet.pdf
│ │ │ └── u15_worksheet.txt
│ │ ├── u16
│ │ │ ├── u16_lab.docx
│ │ │ ├── u16_lab.pdf
│ │ │ └── u16_lab.txt
│ │ ├── u2
│ │ │ ├── u2_lab.docx
│ │ │ ├── u2_lab.pdf
│ │ │ ├── u2_worksheet.docx
│ │ │ └── u2_worksheet.txt
│ │ ├── u3
│ │ │ ├── u3_lab.docx
│ │ │ ├── u3_lab.pdf
│ │ │ ├── u3_worksheet.docx
│ │ │ └── u3_worksheet.txt
│ │ ├── u4
│ │ │ ├── u4_lab.docx
│ │ │ ├── u4_lab.pdf
│ │ │ ├── u4_worksheet.docx
│ │ │ └── u4_worksheet.txt
│ │ ├── u5
│ │ │ ├── u5_lab.docx
│ │ │ ├── u5_lab.pdf
│ │ │ ├── u5_worksheet.docx
│ │ │ └── u5_worksheet.txt
│ │ ├── u6
│ │ │ ├── u6_lab.docx
│ │ │ ├── u6_lab.pdf
│ │ │ ├── u6_worksheet.docx
│ │ │ └── u6_worksheet.txt
│ │ ├── u7
│ │ │ ├── u7_lab.docx
│ │ │ ├── u7_lab.pdf
│ │ │ ├── u7_lab.txt
│ │ │ ├── u7_worksheet.docx
│ │ │ └── u7_worksheet.txt
│ │ ├── u8
│ │ │ ├── u8_lab.docx
│ │ │ ├── u8_lab.pdf
│ │ │ ├── u8_worksheet.docx
│ │ │ └── u8_worksheet.txt
│ │ └── u9
│ │ │ ├── u9_lab.docx
│ │ │ ├── u9_lab.pdf
│ │ │ ├── u9_worksheet.docx
│ │ │ ├── u9_worksheet.pdf
│ │ │ └── u9_worksheet.txt
│ └── images
│ │ ├── addkey.png
│ │ ├── flow.png
│ │ ├── logo.png
│ │ ├── permissions.png
│ │ ├── squashing.png
│ │ ├── syllabus-lab.png
│ │ ├── syncfork.png
│ │ ├── verified.png
│ │ └── workflow.png
├── certify.md
├── contributing.md
├── contributors.md
├── development.md
├── downloads.md
├── outro.md
├── project.md
├── prolug.md
├── resources.md
├── syllabus.md
├── u10b.md
├── u10intro.md
├── u10lab.md
├── u10ws.md
├── u11intro.md
├── u11lab.md
├── u11ws.md
├── u12intro.md
├── u12lab.md
├── u12ws.md
├── u13b.md
├── u13intro.md
├── u13lab.md
├── u13ws.md
├── u14b.md
├── u14intro.md
├── u14lab.md
├── u14ws.md
├── u15intro.md
├── u15lab.md
├── u15ws.md
├── u16intro.md
├── u16lab.md
├── u16ws.md
├── u1b.md
├── u1intro.md
├── u1lab.md
├── u1ws.md
├── u2intro.md
├── u2lab.md
├── u2ws.md
├── u3b.md
├── u3intro.md
├── u3lab.md
├── u3ws.md
├── u4intro.md
├── u4lab.md
├── u4ws.md
├── u5intro.md
├── u5lab.md
├── u5ws.md
├── u6b.md
├── u6intro.md
├── u6lab.md
├── u6ws.md
├── u7b.md
├── u7intro.md
├── u7lab.md
├── u7ws.md
├── u8b.md
├── u8intro.md
├── u8lab.md
├── u8ws.md
├── u9intro.md
├── u9lab.md
├── u9ws.md
└── unitindex.md
└── theme
├── css
├── general.css
└── variables.css
└── favicon.png
/.gitattributes:
--------------------------------------------------------------------------------
1 | * text=auto
2 |
--------------------------------------------------------------------------------
/.github/workflows/mdbook.yml:
--------------------------------------------------------------------------------
1 | # Sample workflow for building and deploying a mdBook site to GitHub Pages
2 | #
3 | # To get started with mdBook see: https://rust-lang.github.io/mdBook/index.html
4 | #
5 | name: Deploy mdBook site to Pages
6 |
7 | on:
8 | # Runs on pushes targeting the default branch
9 | push:
10 | branches: ["main"]
11 |
12 | # Allows you to run this workflow manually from the Actions tab
13 | workflow_dispatch:
14 |
15 | # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
16 | permissions:
17 | contents: read
18 | pages: write
19 | id-token: write
20 |
21 | # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
22 | # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
23 | concurrency:
24 | group: "pages"
25 | cancel-in-progress: false
26 |
27 | jobs:
28 | # Build job
29 | build:
30 | runs-on: ubuntu-latest
31 | env:
32 | MDBOOK_VERSION: 0.4.45
33 | steps:
34 | - uses: actions/checkout@v4
35 |
36 | - name: Dynamically generate resources.md file
37 | run: ./scripts/generate_resources.sh
38 |
39 | # Install rust with GitHub's 'setup-rs' action (most recent stable version)
40 | - name: Install Rust
41 | uses: actions-rs/toolchain@v1
42 | with:
43 | toolchain: stable # Or specify a version
44 | override: true # ensure this version is used globally in the workflow
45 | components: cargo
46 |
47 | # Cache rust crates (mdbook dependencies) so reinstalls don't take long
48 | - name: Cache the cargo registry and build artifacts
49 | uses: actions/cache@v3
50 | with:
51 | path: |
52 | ~/.cargo/registry
53 | ~/.cargo/git
54 | target
55 | key: cargo-${{ runner.os }}-${{ hashFiles('**/Cargo.lock') }}
56 | restore-keys: cargo-${{ runner.os }}-
57 |
58 | # Cache the mdbook binary so we don't need to install it every time
59 | - name: Cache mdbook binary
60 | id: cache-mdbook
61 | uses: actions/cache@v3
62 | with:
63 | path: ~/.cargo/bin/mdbook
64 | key: mdbook-${{ runner.os }}-${{ env.MDBOOK_VERSION }}
65 | restore-keys: mdbook-${{ runner.os }}-
66 |
67 | # Install correct version of mdbook if it's not cached
68 | - name: Install mdBook
69 | if: steps.cache-mdbook.outputs.cache-hit != 'true'
70 | run: cargo install --version ${MDBOOK_VERSION} mdbook --force
71 |
72 | - name: Setup Pages
73 | id: pages
74 | uses: actions/configure-pages@v5
75 |
76 | - name: Build with mdBook
77 | run: mdbook build
78 |
79 | - name: Upload artifact
80 | uses: actions/upload-pages-artifact@v3
81 | with:
82 | path: ./book
83 |
84 | # Deployment job
85 | deploy:
86 | environment:
87 | name: github-pages
88 | url: ${{ steps.deployment.outputs.page_url }}
89 | runs-on: ubuntu-latest
90 | needs: build
91 | steps:
92 | - name: Deploy to GitHub Pages
93 | id: deployment
94 | uses: actions/deploy-pages@v4
95 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | book
2 | ./src/resources.md
3 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # The Professional Linux Users Group (ProLUG) Systems Administration Course Book
2 |
3 | Current deployment:
4 |
5 | ## Goals
6 |
7 | The overarching goal of this project is to provide a free, open source Systems Administration course
8 | predicated on the work produced by Scott Champine, an experienced and skilled Senior Systems Engineer.
9 |
10 | Scott has over 20+ years administering and engineering Linux systems across a broad variety of
11 | fields and teams. He has built and maintains systems like High Performance Compute (HPC) clusters
12 | for [NOAA (The National Oceanic and Atmospheric Administration)](https://www.noaa.gov/) and more.
13 |
14 | ProLUG looks forward to working with contributors who want to give back to the community and produce
15 | skilled Systems Administrators and Systems enthusiasts.
16 |
17 | ## Objectives
18 |
19 | Contributors will be tasked with developing templated course material provided by Scott Champine.
20 | Outlined below are a set of objectives this repository attempts to provide.
21 |
22 | - Provide a centralized set of worksheets and labs for prospective learners to begin understanding Systems Administration.
23 | - Deliver templated versions of course work per unit along with supplementary material and video.
24 | - Provide learners with foundational knowledge in computer systems to include:
25 | - Linux fundamentals:
26 | - Basic command line skills, ie. scripting, tools, syntax
27 | - Networking
28 | - Security practices
29 | - Basic Systems engineering
30 | - Server build processes
31 | - System hardening
32 | - Construction of build testing, ie. conditional testing, system tasks
33 | - Introductions to technologies like:
34 | - Podman, Kubernetes, Ansible
35 | - Automation and implementation
36 | - Troubleshooting and system benchmarking
37 |
38 | ## To Begin Contributing
39 |
40 | ProLUG asks all contributors to understand and adhere to the principles and guidelines detailed
41 | in the [contributing.md](https://github.com/ProfessionalLinuxUsersGroup/lac/blob/main/src/contributing.md) markdown file.
42 | Contributors found significantly deviating from these policies will have their work discarded appropriately.
43 |
44 | Contributors will be provided with supplementary material to begin building out unit worksheet labs
45 | and templates within the project managed issues board.
46 |
47 | To start contributing:
48 |
49 | - Understand the repository objectives
50 | - Read the [contributing.md](https://github.com/ProfessionalLinuxUsersGroup/lac/blob/main/src/contributing.md) markdown
51 | - Look over the [template pages wiki](https://github.com/ProfessionalLinuxUsersGroup/lac/wiki), or directly here:
52 | - Pages: [intro](https://github.com/ProfessionalLinuxUsersGroup/lac/blob/main/ref/intro.md),
53 | [bonus](https://github.com/ProfessionalLinuxUsersGroup/lac/blob/main/ref/ub.md),
54 | [lab](https://github.com/ProfessionalLinuxUsersGroup/lac/blob/main/ref/ulab.md),
55 | [worksheet](https://github.com/ProfessionalLinuxUsersGroup/lac/blob/main/ref/uws.md)
56 | - Request to be assigned a task within the repo [Issues](https://github.com/ProfessionalLinuxUsersGroup/lac/issues) tab
57 | - Fork this repository and create a development branch for eventual pull requests
58 | - Strictly adhere to contemporary GitHub contribution decorum to facilitate the version control process
59 |
--------------------------------------------------------------------------------
/book.toml:
--------------------------------------------------------------------------------
1 | [book]
2 | authors = []
3 | language = "en"
4 | multilingual = false
5 | src = "src"
6 | title = "Linux Administration Course"
7 |
8 | [output.html]
9 | site-url = "/lac/"
10 | default-theme = "navy"
11 | no-section-label = true
12 | git-repository-url = "https://github.com/ProfessionalLinuxUsersGroup/lac"
13 | edit-url-template = "https://github.com/ProfessionalLinuxUsersGroup/lac/issues/new"
14 | git-repository-icon = "fa-github"
15 |
--------------------------------------------------------------------------------
/ref/intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit Intro Template
5 |
6 |
7 |
8 | # THIS IS A TEMPLATE DOCUMENT
9 |
10 | (However, these are not hard fast templates, as long as the style is maintained
11 | there is a degree of freedom.)
12 |
13 | ## Overview
14 |
15 | ---
16 |
17 | (Small paragraph overviewing the unit)
18 |
19 | ### What is the skill/tech/concept we are dealing with?
20 |
21 | (Skills, tech, or concepts related to the unit)
22 |
23 | etc..
24 |
25 | ## Learning Objectives
26 |
27 | ---
28 |
29 | (Objectives and learning goals related to the unit)
30 |
31 | 1.
32 | 2.
33 | 3.
34 |
35 | ## Relevance & Context
36 |
37 | ---
38 |
39 | (Contextualize the unit content to systems administration)
40 |
41 | ### Why is it important to Linux Administrators/Engineers?
42 |
43 | 1.
44 | 2.
45 | 3.
46 |
47 | etc..
48 |
49 | ## Prerequisites
50 |
51 | ---
52 |
53 | (Any unit prerequisite knowledge)
54 |
55 | ### Briefly mention concepts or skills the reader should already understand before starting the chapter.
56 |
57 | 1.
58 | 2.
59 | 3.
60 |
61 | etc..
62 |
63 | ## Key terms and Definitions
64 |
65 | ---
66 |
67 | (Any important terms relating to the unit)
68 |
69 | Term 1
70 |
71 | Term 2
72 |
73 | etc..
74 |
--------------------------------------------------------------------------------
/ref/ub.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit Bonus Template
5 |
6 |
7 |
8 | # THIS IS A TEMPLATE DOCUMENT
9 |
10 | (However, these are not hard fast templates, as long as the style is maintained
11 | there is a degree of freedom.)
12 |
13 | There is a larger degree of operational freedom allowed for unit bonuses.
14 |
15 | However these bonus sections should be structured much like unit labs
16 | and pertain directly to the unit they reside in, for example, a Unit 2
17 | Bonus should present and build upon Unit 2 content.
18 |
--------------------------------------------------------------------------------
/ref/ulab.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit Lab Template
5 |
6 |
7 |
8 | ## THIS IS A TEMPLATE DOCUMENT
9 |
10 | (However, these are not hard fast templates, as long as the style is maintained
11 | there is a degree of freedom.)
12 |
13 |
14 |
15 | If you are unable to finish the lab in the ProLUG lab environment we ask you `reboot`
16 | the machine from the command line so that other students will have the intended environment.
17 |
18 |
19 |
20 | ### Resources / Important Links
21 |
22 | [Link Template](example.org)
23 |
24 | [Link Template](example.org)
25 |
26 | [Link Template](example.org)
27 |
28 | ### Required Materials
29 |
30 | - Rocky 9.4+ - ProLUG Lab
31 | - Or comparable Linux box
32 | - root or sudo command access
33 |
34 | #### Downloads
35 |
36 | The lab has been provided for convenience below:
37 |
38 | - 📥 u_lab(`.pdf`)
39 | - 📥 u_lab(`.docx`)
40 |
41 | ## Pre-Lab Warm-Up
42 |
43 | ---
44 |
45 | (This will be transposed from the lab provided by Scott Champine)
46 |
47 | Step 1:
48 |
49 | Step 2:
50 |
51 | Code block:
52 |
53 | etc..
54 |
55 | ## Lab 🧪
56 |
57 | ---
58 |
59 | (This will be transposed from the lab provided by Scott Champine)
60 |
61 | Step 1:
62 |
63 | Step 2:
64 |
65 | Code block:
66 |
67 | etc..
68 |
69 |
70 |
71 | Be sure to `reboot` the lab machine from the command line when you are done.
72 |
73 |
7 |
8 | (However, these are not hard fast templates, as long as the style is maintained
9 | there is a degree of freedom. We are using `prettier` for formatting.)
10 |
11 | ## Instructions
12 |
13 | ---
14 |
15 | Fill out the worksheet as you progress through the lab and discussions.
16 | Hold your worksheets until the end to turn them in as a final submission packet.
17 |
18 | ### Resources / Important Links
19 |
20 | - [PLACEHOLDER]()
21 | - [PLACEHOLDER]()
22 | - [PLACEHOLDER]()
23 |
24 | #### Downloads
25 |
26 | The worksheet has been provided below. The document(s) can be transposed to
27 | the desired format so long as the content is preserved. For example, the `.txt`
28 | could be transposed to a `.md` file.
29 |
30 | - 📥 u_worksheet(`.txt`)
31 | - 📥 u_worksheet(`.docx`)
32 |
33 | ### Unit N Recording
34 |
35 |
45 |
46 | #### Discussion Post #1
47 |
48 | 1. PLACEHOLDER - Questions will be in ordered lists.
49 |
50 | 2. PLACEHOLDER - Questions will be in ordered lists.
51 |
52 | #### Discussion Post #2
53 |
54 |
59 |
60 | 1. PLACEHOLDER - Questions will be in ordered lists.
61 |
62 | 2. PLACEHOLDER - Questions will be in ordered lists.
63 |
64 |
65 | Submit your input by following the link below:
66 |
67 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
68 |
69 |
70 |
71 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1098309490681598072)
72 |
73 | ## Definitions
74 |
75 | ---
76 |
77 | PLACEHOLDER: The terms will be left blank for the student to fill in.
78 |
79 | PLACEHOLDER:
80 |
81 | PLACEHOLDER:
82 |
83 | PLACEHOLDER:
84 |
85 | PLACEHOLDER:
86 |
87 | ## Digging Deeper
88 |
89 | ---
90 |
91 | 1. PLACEHOLDER - Questions will be in ordered lists.
92 | - Related sub-questions will be in nested unordered lists.
93 |
94 | ## Reflection Questions
95 |
96 | ---
97 |
98 |
99 |
100 | 1. What questions do you still have about this week?
101 |
102 | 2. PLACEHOLDER: Second question from the worksheet.
103 |
--------------------------------------------------------------------------------
/scripts/generate_resources.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # To be run in the project's root directory
3 | declare RESOURCES_FILE='./src/resources.md'
4 | declare SEARCH_DIR="./src"
5 | declare FILE_PATTERN="*.md"
6 | declare -A ADDED_LINKS
7 |
8 | declare -a FILES
9 | IFS=$'\n' read -r -d '' -a FILES < <(find "$SEARCH_DIR" -maxdepth 1 -mindepth 1 -name "$FILE_PATTERN")
10 |
11 | debug() {
12 | printf "[ \033[33mDEBUG\033[0m ]: "
13 | printf "%s\n" "$*"
14 | }
15 |
16 | pull-links() {
17 | local -i COUNT_MD_LINKS=0
18 | local -i COUNT_REG_LINKS=0
19 | local -i COUNT_UF_LINKS=0
20 | local -i DUPLICATES
21 | for FILE in "${FILES[@]}"; do
22 | local UNIT=
23 | [[ "$FILE" == *resources.md ]] && continue
24 | [[ "$FILE" == *unitindex.md ]] && continue
25 |
26 | declare -a RESOURCES
27 |
28 | IFS=$'\n' read -r -d '' -a RESOURCES < <(
29 | grep -i -E '\).* ]]; then
42 | # Link is formatted as:
43 | MARKDOWN_LINK="${BASH_REMATCH[1]}"
44 | COUNT_REG_LINKS+=1
45 | elif [[ $MARKDOWN_LINK =~ .*[^[\<\(](https://[^ \)]+).* ]]; then
46 | # Link is unformatted: http://example.com
47 | MARKDOWN_LINK="${BASH_REMATCH[1]}"
48 | COUNT_UF_LINKS+=1
49 | continue
50 | else
51 | # Link is formatted as: [Link](http://example.com)
52 | COUNT_MD_LINKS+=1
53 | fi
54 | [[ -z $MARKDOWN_LINK ]] && continue
55 |
56 | # Fix duplicate problem
57 | # Using grep to check for duplicates created a race condition
58 | # - Add associative array containing links already added
59 | # - Bash can't parse markdown links as associative array keys
60 | # - use md5sum hashes
61 | LINK_HASH=$(
62 | printf "%s" "${MARKDOWN_LINK,,}" |
63 | sed -E 's/\/([>\)])?$/\1/' |
64 | md5sum |
65 | cut -d ' ' -f1
66 | )
67 |
68 | if [[ -z "${ADDED_LINKS["$LINK_HASH"]}" ]]; then
69 | [[ -n $UNIT ]] && sed -i "/^## Unit $UNIT\>/a- $MARKDOWN_LINK" "$RESOURCES_FILE"
70 | [[ -z $UNIT ]] && sed -i "/^## Misc$/a- $MARKDOWN_LINK" "$RESOURCES_FILE"
71 | ADDED_LINKS["$LINK_HASH"]=1
72 | else
73 | debug "Duplicate link found, skipping: ${MARKDOWN_LINK}"
74 | (( DUPLICATES++ ))
75 | fi
76 |
77 | done
78 |
79 | done
80 |
81 | TOTAL_LINK_COUNT=$(( COUNT_MD_LINKS + COUNT_UF_LINKS + COUNT_REG_LINKS ))
82 | cat <<- EOF
83 | REPORT:
84 | - Markdown Links $COUNT_MD_LINKS
85 | - Regular Links $COUNT_REG_LINKS
86 | - Unformatted Links $COUNT_UF_LINKS
87 | Total Links: $TOTAL_LINK_COUNT
88 | Total links added: ${#ADDED_LINKS[@]}
89 |
90 | Duplicates: $DUPLICATES
91 | EOF
92 |
93 | }
94 |
95 | format-resources() {
96 | # truncate file
97 | : > "$RESOURCES_FILE"
98 | cat <<- EOF >> "$RESOURCES_FILE"
99 |
100 |
101 |
102 |
Course Resources
103 |
104 |
105 | This is a comprehensive list of all external resources used in this course.
106 |
107 | EOF
108 |
109 | if [[ -f ./src/unitindex.md ]]; then
110 | perl -ne 'print "## Unit $1 - $2\n\n" if s/^[|]\s*(\d+)\s*[|]\s*[[](.*?)[]].*$/\1 \2/' < src/unitindex.md |
111 | tee -a "$RESOURCES_FILE" > /dev/null
112 | else
113 | for i in {1..16}; do
114 | printf "## Unit %s\n\n" "$i" >> "$RESOURCES_FILE"
115 | done
116 | fi
117 |
118 | if ! grep -qi -E "^## Misc$" "$RESOURCES_FILE"; then
119 | printf "## Misc\n" >> $RESOURCES_FILE
120 | fi
121 |
122 | }
123 |
124 | format-resources
125 | pull-links
126 |
--------------------------------------------------------------------------------
/src/SUMMARY.md:
--------------------------------------------------------------------------------
1 | # Summary
2 |
3 | - [Course Syallabus](./syllabus.md)
4 | - [Final Project Outline](./project.md)
5 | - [Earning the Certificaiton](./certify.md)
6 | - [Table of Contents](./unitindex.md)
7 | - [About ProLUG](./prolug.md)
8 | - [Unit 1](./u1intro.md)
9 | - [Work Sheet](./u1ws.md)
10 | - [Lab](./u1lab.md)
11 | - [Bonus](./u1b.md)
12 | - [Unit 2](./u2intro.md)
13 | - [Work Sheet](./u2ws.md)
14 | - [Lab](./u2lab.md)
15 | - [Unit 3](./u3intro.md)
16 | - [Work Sheet](./u3ws.md)
17 | - [Lab](./u3lab.md)
18 | - [Bonus](./u3b.md)
19 | - [Unit 4](./u4intro.md)
20 | - [Work Sheet](./u4ws.md)
21 | - [Lab](./u4lab.md)
22 | - [Unit 5](./u5intro.md)
23 | - [Work Sheet](./u5ws.md)
24 | - [Lab](./u5lab.md)
25 | - [Unit 6](./u6intro.md)
26 | - [Work Sheet](./u6ws.md)
27 | - [Lab](./u6lab.md)
28 | - [Bonus](./u6b.md)
29 | - [Unit 7](./u7intro.md)
30 | - [Work Sheet](./u7ws.md)
31 | - [Lab](./u7lab.md)
32 | - [Bonus](./u7b.md)
33 | - [Unit 8](./u8intro.md)
34 | - [Work Sheet](./u8ws.md)
35 | - [Lab](./u8lab.md)
36 | - [Bonus](./u8b.md)
37 | - [Unit 9](./u9intro.md)
38 | - [Work Sheet](./u9ws.md)
39 | - [Lab](./u9lab.md)
40 | - [Unit 10](./u10intro.md)
41 | - [Work Sheet](./u10ws.md)
42 | - [Lab](./u10lab.md)
43 | - [Bonus](./u10b.md)
44 | - [Unit 11](./u11intro.md)
45 | - [Work Sheet](./u11ws.md)
46 | - [Lab](./u11lab.md)
47 | - [Unit 12](./u12intro.md)
48 | - [Work Sheet](./u12ws.md)
49 | - [Lab](./u12lab.md)
50 | - [Unit 13](./u13intro.md)
51 | - [Work Sheet](./u13ws.md)
52 | - [Lab](./u13lab.md)
53 | - [Bonus](./u13b.md)
54 | - [Unit 14](./u14intro.md)
55 | - [Work Sheet](./u14ws.md)
56 | - [Lab](./u14lab.md)
57 | - [Unit 15](./u15intro.md)
58 | - [Work Sheet](./u15ws.md)
59 | - [Lab](./u15lab.md)
60 | - [Unit 16](./u16intro.md)
61 | - [Work Sheet](./u16ws.md)
62 | - [Lab](./u16lab.md)
63 | - [Outro](./outro.md)
64 | - [Resources](./resources.md)
65 | - [Contributors](./contributors.md)
66 | - [Contributing](./contributing.md)
67 | - [Local Testing](./development.md)
68 | - [Downloads](./downloads.md)
69 |
--------------------------------------------------------------------------------
/src/assets/deploy/ansible-playbook.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Deploy local ProLUG mdBook dev page machine/container
3 | hosts: # change targeted host/hosts here
4 | become: true
5 | gather_facts: true
6 |
7 | tasks:
8 | - name: Build ProLUG website for DNF Systems
9 | when: ansible_pkg_mgr == "dnf"
10 | block:
11 | - name: Install and initialize dependencies
12 | ansible.builtin.package:
13 | update_cache: true
14 | name:
15 | - httpd
16 | - git
17 | - gcc
18 | - rust
19 | - cargo
20 | state: present
21 |
22 | - name: Initialize httpd
23 | ansible.builtin.service:
24 | name: httpd
25 | state: started
26 | enabled: true
27 |
28 | - name: DNF - Installing mdbook
29 | ansible.builtin.command:
30 | argv:
31 | - /usr/bin/cargo
32 | - install
33 | - --locked
34 | - mdbook@0.4.48
35 |
36 | - name: Build ProLUG website LAC for APT systems
37 | when: ansible_pkg_mgr == "apt"
38 | block:
39 | - name: Install dependencies apt
40 | ansible.builtin.package:
41 | update_cache: true
42 | name:
43 | - apache2
44 | - git
45 | - gcc
46 | - rustc-1.80
47 | - cargo-1.80
48 | state: present
49 |
50 | - name: Initialize apache2
51 | ansible.builtin.service:
52 | name: apache2
53 | state: started
54 | enabled: true
55 |
56 | - name: APT - Installing mdbook
57 | ansible.builtin.command:
58 | argv:
59 | - /usr/bin/cargo-1.80
60 | - install
61 | - --locked
62 | - mdbook@0.4.48
63 |
64 | - name: Verifying presence of ProLUG repo
65 | ansible.builtin.command: ls /root/lac/
66 | register: contents_git
67 | ignore_errors: true
68 |
69 | - name: Cloning down ProLUG repo
70 | ansible.builtin.git:
71 | repo: "https://github.com/ProfessionalLinuxUsersGroup/lac"
72 | dest: /root/lac/
73 | clone: true
74 | when: contents_git.stdout == ""
75 |
76 | - name: DNF - Building mdbook
77 | ansible.builtin.command:
78 | chdir: /root/lac
79 | argv:
80 | - /root/.cargo/bin/mdbook
81 | - build
82 | - --dest-dir
83 | - /var/www/html
84 | when: ansible_pkg_mgr == "dnf"
85 | notify: Restart httpd
86 |
87 | - name: APT - Building mdbook
88 | ansible.builtin.command:
89 | chdir: /root/lac
90 | argv:
91 | - /root/.cargo/bin/mdbook
92 | - build
93 | - --dest-dir
94 | - /var/www/html
95 | when: ansible_pkg_mgr == "apt"
96 | notify: Restart apache2
97 |
98 | handlers:
99 | - name: Restart httpd
100 | ansible.builtin.service:
101 | name: httpd
102 | state: restarted
103 | - name: Restart apache2
104 | ansible.builtin.service:
105 | name: apache2
106 | state: restarted
107 |
--------------------------------------------------------------------------------
/src/assets/downloads/u1/u1_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u1/u1_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u1/u1_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u1/u1_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u1/u1_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u1/u1_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u1/u1_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 1 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 | Unit 1 Discussion Post 1: Using a 0-10 system, rate yourself on how well you think you know each topic in the image. (You do not have to post this rating). Answer these questions (here):
9 | 1. What do you hope to learn in this course?
10 | 2. What type of career path are you shooting for?
11 |
12 | Unit 1 Discussion Post 2:
13 | 1. Post a job that you are interested in from a local job website. (link or image)
14 | 2. What do you know how to do in the posting?
15 | 3. What don't you know how to do in the posting?
16 | 4. What are you doing to close the gap? What can you do to remedy the difference?
17 | Definitions/Terminology
18 | Kernel -
19 | OS Version -
20 | Kernel Args -
21 | Modules -
22 | Mount Points -
23 | Text Editor -
24 |
25 | Notes During Lecture/Class:
26 | Links:
27 |
28 | Terms:
29 |
30 | Useful tools:
31 |
32 | Lab and Assignment
33 | Unit1_ProLUG_LabEssentials - To be completed outside of lecture time
34 | Start thinking about your project ideas (more to come in future weeks):
35 | Topics:
36 | 1. System Stability
37 | 2. System Performance
38 | 3. System Security
39 | 4. System monitoring
40 | 5. Kubernetes
41 | 6. Programming/Automation
42 |
43 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
44 | Digging Deeper
45 | 1. Use vimtutor and see how far you get. What did you learn that you did not know about vi/vim?
46 |
47 | 2. Go to https://vim-adventures.com/ and see how far you get. What did you learn that you did not already know about vi/vim?
48 |
49 | 3. Go to https://www.youtube.com/watch?v=d8XtNXutVto and see how far you get with vim. What did you learn that you did not already know about vi/vim?
50 |
51 | Reflection Questions
52 | 1. What questions do you still have about this week?
53 |
54 |
55 | 2. How are you going to use what you’ve learned in your current role?
56 |
--------------------------------------------------------------------------------
/src/assets/downloads/u10/u10_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u10/u10_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u10/u10_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u10/u10_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u10/u10_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u10/u10_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u10/u10_worksheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u10/u10_worksheet.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u10/u10_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 10 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 | Unit 10 Discussion Post 1: Read this document: https://kubernetes.io/docs/concepts/overview/
9 |
10 | 1.What are the two most compelling reasons you see to implement Kubernetes in your organization?
11 | 2.When the article says Kubernetes is not a PaaS? What do they mean by that? What is a PaaS in comparison?
12 |
13 | Unit 10 Discussion Post 2: You get a ticket about your new test cluster. The team is unable to deploy some of their applications. They suspect there is a problem and send you over this output:
14 |
15 | [root@Test_Cluster1 ~]# kubectl version
16 | Client Version: v1.31.6+k3s3
17 | Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
18 | Server Version: v1.30.6+k3s1
19 | [root@rocky15 ~]# kubectl get nodes
20 | NAME STATUS ROLES AGE VERSION
21 | Test_Cluster1 Ready control-plane,master 17h v1.30.6+k3s1
22 | Test_Cluster2 NotReady worker 33m v1.29.6+k3s1
23 | Test_Cluster3 Ready worker 17h v1.28.6+k3s1
24 |
25 | 1.What are you checking on the cluster to validate you see their error?
26 | 2.What do you think the problem could be?
27 | 3.Do you think someone else has tried anything to fix this problem before you? Why or why not?
28 |
29 | Unit 10 Discussion Post 3: You are the network operations center (NOC) lead. Your team has recently started supporting the dev, test, and QA environments for your company’s K8s cluster. Write up a basic checkout procedure for your new NOC personnel to verify operation of the cluster before escalating on critical alerts.
30 |
31 | 1.What information online helped you figure this out? What blogs or tools did you use?
32 | 2.What did you learn in this process of writing this up?
33 |
34 | Definitions/Terminology
35 |
36 | Kubernetes/K8s
37 | K3s
38 | Controller Manager
39 | ETCD
40 | Kubelet
41 | Kube-proxy
42 | Controlplane
43 | Node
44 | Static Pod
45 | Scheduler
46 | API Server
47 |
48 | Notes During Lecture/Class:
49 |
50 | Links:
51 |
52 | Terms:
53 |
54 | Useful tools:
55 |
--------------------------------------------------------------------------------
/src/assets/downloads/u11/u11_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u11/u11_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u11/u11_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u11/u11_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u11/u11_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u11/u11_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u11/u11_worksheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u11/u11_worksheet.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u11/u11_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 11 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 |
9 | Unit 11 Discussion Post 1: You’ve heard the term “loose coupling” thrown around the office about a new monitoring solution coming down the pike. You find a good resource and read the section on “Prefer Loose Coupling” https://sre.google/workbook/monitoring/
10 |
11 | 1.What does “loose coupling” mean, if you had to summarize to your junior team members?
12 | 2.What is the advantage given for why you might want to implement this type of tooling in your monitoring? Do you agree? Why or why not?
13 | 3.They mention “exposing metrics” what does it mean to expose metrics? What happens to metrics that are exposed but never collected?
14 |
15 | Unit 11 Discussion Post 2: Your HPC team is asking for more information about how CPU0 is behaving on a set of servers. Your team has node exporter writing data out to Prometheus (Use this to simulate https://promlabs.com/promql-cheat-sheet/).
16 |
17 | 1.Can you see the usage of CPU0 and what is the query?
18 | 2.Can you see the usage of CPU0 for just the last 5 minutes and what is the query?
19 | 3.You know that CPU0 is excluded from Slurm, can you exclude that and only pull the user and system for the remaining CPUs and what is that query?
20 |
21 | Definitions/Terminology
22 |
23 | SLO
24 | SLA
25 | SLI
26 | KPI
27 | Span
28 | Trace
29 | Prometheus
30 | Node_Exporter
31 | Grafana
32 | Dashboard
33 | Heads up Display
34 |
35 | Notes During Lecture/Class:
36 |
37 | Links:
38 |
39 | Terms:
40 |
41 | Useful tools:
42 |
43 | Lab and Assignment
44 |
45 | Unit 11 Lab Monitoring
46 |
47 | Continue working on your project from the Project Guide
48 | Topics:
49 | 1.System Stability
50 | 2.System Performance
51 | 3.System Security
52 | 4.System monitoring
53 | 5.Kubernetes
54 | 6.Programming/Automation
55 |
56 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
57 |
58 | Digging Deeper (optional)
59 | 1.Read the rest of the chapter https://sre.google/workbook/monitoring/ and note anything else of interest when it comes to monitoring and dashboarding.
60 | 2.Look up the “ProLUG Prometheus Certified Associate Prep 2024” in Resources -> Presentations in our ProLUG Discord. Study that for a deep dive into Prometheus.
61 | 3.Complete the project section of “Monitoring Deep Dive Project Guide” from the prolug-projects section of the Discord. We have a Youtube video on that project as well. https://www.youtube.com/watch?v=54VgGHr99Qg
62 |
63 | Reflection Questions
64 | 1.What questions do you still have about this week?
65 | 2.How can you apply this now in your current role in IT? If you’re not in IT, how can you look to put something like this into your resume or portfolio?
--------------------------------------------------------------------------------
/src/assets/downloads/u12/u12_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u12/u12_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u12/u12_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u12/u12_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u12/u12_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u12/u12_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u12/u12_worksheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u12/u12_worksheet.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u12/u12_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 12 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 |
9 | Unit 12 Discussion Post 1: Your manager has come to you with another emergency. He has a meeting next week to discuss capacity planning and usage of the system with IT upper management. He doesn’t want to lose his budget, but he has to prove that the system utilization warrants spending more.
10 |
11 | 1.What information can you show your manager from your systems?
12 | 2.What type of data would prove system utilization? (Remember the big 4: compute, memory, disk, networking)
13 | 3.What would your report look like to your manager?
14 |
15 | Unit 12 Discussion Post 2: You are in a capacity planning meeting with a few of the architects. They have decided to add 2 more agents to your Linus sytems, Bacula Agent and an Avamar Agent . They expect these agents to run their work starting at 0400 every morning.
16 | 7 day view
17 | 24 hour view
18 |
19 | 1.What do these agents do? (May have to look them up)
20 | 2.Do you think there is a good reason not to use these agents at this timeframe?
21 | 3.Is there anything else you might want to point out to these architects about these agents they are installing?
22 |
23 | Unit 12 Discussion Post 3: Your team has recently tested at proof of concept of a new storage system. The vendor has published the blazing fast speeds that are capable of being run through this storage system. You have a set of systems connected to both the old storage system and the new storage system.
24 |
25 | 1.Write up a test procedure of how you may test these two systems.
26 | 2.How are you assuring these test are objective?
27 | a. What is meant by the term Ceteris Paribus, in this context?
28 |
29 | Definitions/Terminology
30 |
31 | Baseline
32 | Benchmark
33 | High watermark
34 | Scope
35 | Methodology
36 | Testing
37 | Control
38 | Experiment
39 | Analytics
40 | - Descriptive
41 | - Diagnostic
42 | - Predictive
43 | - Prescriptive
44 |
45 | Notes During Lecture/Class:
46 |
47 | Links:
48 |
49 | Terms:
50 |
51 | Useful tools:
52 | Spyder ide
53 |
54 | Lab and Assignment
55 | Unit 12 Lab Baselining and Benchmarking
56 |
57 | Continue working on your project from the Project Guide
58 |
59 | Topics:
60 | 1.System Stability
61 | 2.System Performance
62 | 3.System Security
63 | 4.System monitoring
64 | 5.Kubernetes
65 | 6.Programming/Automation
66 |
67 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
68 |
69 | Digging Deeper (optional)
70 |
71 | 1.Analyzing data may open up a new field of interest to you. Go through some of the free lessons on Kaggle, here: https://www.kaggle.com/learn
72 | a. What did you learn?
73 | b. How will you apply these lessons to data and monitoring you have already collected as a system administrator?
74 | 2.Find a blog or article that discusses the 4 types of data analytics.
75 | a. What did you learn about past operations?
76 | b. What did you learn about predictive operations?
77 | 3.Download Spyder IDE (Open source)
78 | a. Find a blog post or otherwise try to evaluate some data.
79 | b. Perform some Linear regression.
80 |
81 | My block of code (but this requires some additional libraries to be added. I can help with that if you need it.)
82 |
83 | import matplotlib.pyplot as plt
84 | from sklearn.linear_model import LinearRegression
85 | size = [[5.0], [5.5], [5.9], [6.3], [6.9], [7.5]]
86 | price =[[165], [200], [223], [250], [278], [315]]
87 | plt.title('Pizza Price plotted against the size')
88 | plt.xlabel('Pizza Size in inches')
89 | plt.ylabel('Pizza Price in cents')
90 | plt.plot(size, price, 'k.')
91 | plt.axis([5.0, 9.0, 99, 355])
92 | plt.grid(True)
93 | model = LinearRegression()
94 | model.fit(X = size, y = price)
95 | #plot the regression line
96 | plt.plot(size, model.predict(size), color='r')
97 |
98 | Reflection Questions
99 |
100 | 1.What questions do you still have about this week?
101 | 2.How can you apply this now in your current role in IT? If you’re not in IT, how can you look to put something like this into your resume or portfolio?
--------------------------------------------------------------------------------
/src/assets/downloads/u13/enable-now.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/enable-now.png
--------------------------------------------------------------------------------
/src/assets/downloads/u13/expanselogs.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/expanselogs.png
--------------------------------------------------------------------------------
/src/assets/downloads/u13/image2.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/image2.jpeg
--------------------------------------------------------------------------------
/src/assets/downloads/u13/image3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/image3.png
--------------------------------------------------------------------------------
/src/assets/downloads/u13/iptables.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/iptables.png
--------------------------------------------------------------------------------
/src/assets/downloads/u13/nginxbans.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/nginxbans.png
--------------------------------------------------------------------------------
/src/assets/downloads/u13/sshbans.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/sshbans.png
--------------------------------------------------------------------------------
/src/assets/downloads/u13/u13_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/u13_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u13/u13_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/u13_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u13/u13_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/u13_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u13/u13_worksheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u13/u13_worksheet.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u13/u13_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 13 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 |
9 | Unit 13 Discussion Post 1: Your security team comes to you with a discrepancy between the production security baseline and something that is running on one of your servers in production. There are 5 servers in a web cluster and only one of them is showing this behavior. They want you to account for why something is different.
10 |
11 | 1.How are you going to validate that the difference between the systems?
12 | 2.What are you going to look at to explain this?
13 | 3.What could be done to prevent this problem in the future?
14 |
15 | Unit 13 Discussion Post 2: Your team has been giving you more and more engineering responsibilities. You are being asked to build out the next set of servers to integrate into the development environment. Your team is going from RHEL 8 to Rocky 9.4.
16 |
17 | 1.How might you start to plan out your migration?
18 | 2.What are you going to check on the existing systems to baseline your build?
19 | 3.What kind of validation plan might you use for your new Rocky 9.4 systems?
20 |
21 | Definitions/Terminology
22 |
23 | Hardening
24 | Pipeline
25 | Change management (IT)
26 | Security Standard
27 | Security Posture
28 | Acceptable Risk
29 | NIST 800-53
30 | STIG
31 | CIS Benchmark
32 | OpenSCAP
33 | SCC Tool
34 | HIDS
35 | HIPS
36 |
37 | Notes During Lecture/Class:
38 |
39 | Links:
40 |
41 | Terms:
42 |
43 | Useful tools:
44 |
45 | Lab and Assignment
46 | Unit 13 Lab System Hardening
47 |
48 | Continue working on your project from the Project Guide
49 |
50 | Topics:
51 | 1.System Stability
52 | 2.System Performance
53 | 3.System Security
54 | 4.System monitoring
55 | 5.Kubernetes
56 | 6.Programming/Automation
57 |
58 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
59 |
60 | Digging Deeper (optional)
61 | 1.Run through this lab: https://killercoda.com/het-tanis/course/Linux-Labs/107-server-startup-process
62 | a. How does this help you better understand the discussion 13-2 question?
63 | 2.Run through this lab: https://killercoda.com/het-tanis/course/Linux-Labs/203-updating-golden-image
64 | a. How does this help you better understand the process of hardening systems?
65 |
66 | Reflection Questions
67 | 1.What questions do you still have about this week?
68 | 2.How can you apply this now in your current role in IT? If you’re not in IT, how can you look to put something like this into your resume or portfolio?
--------------------------------------------------------------------------------
/src/assets/downloads/u14/u14_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u14/u14_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u14/u14_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u14/u14_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u14/u14_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u14/u14_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u14/u14_worksheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u14/u14_worksheet.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u14/u14_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 14 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 |
9 | Unit 14 Discussion Post 1: Refer to your Unit 5 scan of the systems. You know that Ansible is a tool that you want to maintain in the environment. Review this online documentation: https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html
10 |
11 | 1.Make an inventory of the servers, grouped any way you like.
12 | 2.What format did you choose to use for your inventory?
13 | 3.What other things might you include later in your inventory to make it more useful?
14 |
15 | Unit 14 Discussion Post 2: You have been noticing drift on your server configurations, so you want a way to generate a report on them every day to validate the configurations are the same. Use any lab in here to find ideas: https://killercoda.com/het-tanis/course/Ansible-Labs Use this webhook to send your relevant data out to our sandbox. https://discord.com/api/webhooks/1317659221604433951/uyKpuq8fNNNSEyCra4n33PakIBk-XtTn1WrwTpHs9BcgkIu7URPV_Gd5HJCRX0_EJVUT
16 |
17 | Unit 14 Discussion Post 3: Using ansible module for git, pull down this repo: https://github.com/het-tanis/HPC_Deploy.git
18 |
19 | 1.How is the repo setup?
20 | 2.What is in the roles directory?
21 | 3.How are these playbooks called, and how do roles differ from tasks?
22 |
23 | Definitions/Terminology
24 |
25 | Automation
26 | Consistency
27 | Dev/Ops
28 | Timeliness
29 | Git
30 | Repository
31 | Ad-hoc
32 | Playbook
33 | Task
34 | Role
35 | SSH
36 | WinRM
37 |
38 | Notes During Lecture/Class:
39 |
40 | Links:
41 |
42 | Terms:
43 |
44 | Useful tools:
45 | - Spyder ide
46 |
47 | Lab and Assignment
48 | Unit 14 Lab Automation
49 |
50 | Continue working on your project from the Project Guide
51 |
52 | Topics:
53 | 1.System Stability
54 | 2.System Performance
55 | 3.System Security
56 | 4.System monitoring
57 | 5.Kubernetes
58 | 6.Programming/Automation
59 |
60 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
61 |
62 | Digging Deeper (optional)
63 |
64 | 1.I have a large amount of labs to get you started on your Ansible Journey (all free): https://killercoda.com/het-tanis/course/Ansible-Labs
65 | 2.Find projects from our channel Ansible-Code, in Discord and find something that is interesting to you.
66 | 3.Use Ansible to access secrets from Hashicorp Vault: https://killercoda.com/het-tanis/course/Hashicorp-Labs/004-vault-read-secrets-ansible
67 |
68 | Reflection Questions
69 |
70 | 1.What questions do you still have about this week?
71 | 2.How can you apply this now in your current role in IT? If you’re not in IT, how can you look to put something like this into your resume or portfolio?
--------------------------------------------------------------------------------
/src/assets/downloads/u15/u15_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u15/u15_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u15/u15_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u15/u15_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u15/u15_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u15/u15_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u15/u15_worksheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u15/u15_worksheet.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u15/u15_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 15 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 |
9 | Unit 15 Discussion Post 1: Your management is all fired up about implementing some Six Sigma processes around the company. You decide to familiarize yourself and get some basic understanding to pass along to your team: https://www.sixsigmacouncil.org/wp-content/uploads/2018/08/Six-Sigma-A-Complete-Step-by-Step-Guide.pdf
10 |
11 | 1.Page 56 - What about the “5S” methodology might help us as a team of system administrators? (Think of your virtual or software workspaces)
12 | 2.Page 94 - What are the four layers of process definition? How would you explain them to your junior engineers?
13 |
14 | Unit 15 Discussion Post 2: Your team looks at a lot of visual data. You decide to write up an explanation for them to explain what they look at.
15 |
16 | 1.What is a high water mark? Why might it be good to know in utilization of systems?
17 | 2.What is an upper and lower control limit in a system output? While this isn’t exactly what we’re looking at, why might it be good to explain to your junior engineers?
18 |
19 | Definitions/Terminology
20 |
21 | Incident
22 | Problem
23 | FMEA
24 | Six Sigma
25 | TQM
26 | Post Mortem
27 | Scientific Method
28 | Iterative
29 | Discrete data
30 | Ordinal
31 | Nominal (binary - attribute)
32 | Continuous data
33 | Risk Priority Number (RPN)
34 | 5 Whys
35 | Fishbone Diagram (Ishikawa)
36 | Fault Tree Analysis (FTA)
37 | PDCA
38 | SIPOC
39 |
40 | Notes During Lecture/Class:
41 |
42 | Links:
43 |
44 | Terms:
45 |
46 | Useful tools:
47 |
48 | Lab and Assignment
49 | Unit 15 - No Lab - Christmas Miracle
50 |
51 | Continue working on your project from the Project Guide
52 |
53 | Topics:
54 |
55 | 1.System Stability
56 | 2.System Performance
57 | 3.System Security
58 | 4.System monitoring
59 | 5.Kubernetes
60 | 6.Programming/Automation
61 |
62 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
63 |
64 | Digging Deeper (optional)
65 |
66 | 1.Spend more time in https://www.sixsigmacouncil.org/wp-content/uploads/2018/08/Six-Sigma-A-Complete-Step-by-Step-Guide.pdf
67 | a. Page 243 - Starts looking at visual data analysis.
68 | 2.Get your White belt (Free) Six Sigma Certification.
69 |
70 | Reflection Questions
71 |
72 | 1.What questions do you still have about this week?
73 | 2.How can you apply this now in your current role in IT? If you’re not in IT, how can you look to put something like this into your resume or portfolio?
--------------------------------------------------------------------------------
/src/assets/downloads/u16/u16_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u16/u16_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u16/u16_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u16/u16_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u16/u16_lab.txt:
--------------------------------------------------------------------------------
1 | ProLUG – Incident Answers
2 |
3 | You have the answers here, if they ask, you may give them hints. Otherwise, you can help them find the
4 | right solution any way you want to.
5 |
6 | Required Materials
7 | Putty
8 | Rocky Server
9 | Root or sudo command access
10 |
11 | LAB
12 |
13 | ---
14 |
15 | Scenario 1:
16 | Connect to tshoot1@prolug.asuscomm.com
17 | Password:
18 |
19 | A ticket has come in that the web server is not running on the web server.
20 | To complete this event the following three must be correct.
21 | Web server must be running.
22 |
23 | HINT: `systemctl status httpd`
24 |
25 | Answer: `systemctl enable --now httpd` or some variation of that must have been run
26 |
27 | Web server must respond on port 80.
28 |
29 | HINT: Can you check the open ports?
30 | Answer: `ss -ntulp` will show port 80.
31 |
32 | The server is currently set on 8087 and needs to be fixed
33 | in /etc/httpd/conf/http.conf. The “Listen 8087” line must be changed to “Listen 80” and the
34 | service restarted `systemctl restart httpd`
35 |
36 | Ensure that the server can be reached by external connection attempts on port 80.
37 |
38 | HINT: is the firewall running? `systemctl status firewalld`
39 |
40 | Answer: Easiest is to turn off the firewall `systemctl stop firewalld`.
41 | If they want to open the port, they can do that too.
42 |
43 | REBOOT THE LAB MACHINE WHEN FINISHED
44 |
45 |
46 | ---
47 |
48 |
49 | Scenario 2:
50 |
51 | Connect to tshoot2@prolug.asuscomm.com
52 | Password:
53 |
54 | A ticket has come in that a mount point /space is not working correctly. The team expected a
55 | 9GB partition to be built there on the 3 attached disks, but found that it was not a separate
56 | partition.
57 | Verify that /space is not set up correctly.
58 |
59 | To complete this event the following two must be correct.
60 |
61 | HINT: They may want to revisit lab 3 of the course for this one. This is a challenge here.
62 | The three disks must be properly set up in LVM.
63 |
64 | HINT: use your pvs, vgs, lvs tools
65 |
66 | Answer: First identify all disks: `fdisk -l | grep -i xvd`. Then `pvcreate /dev/xvd`.
67 | Then `vgcreate space /dev/xvd /dev/xvd /dev/xvd`.
68 | Then `lvcreate -n space -l +100%FREE space_vg`
69 |
70 | EXT4 or XFS must be installed on the logical volume.
71 |
72 | HINT: use mkfs to make a filesystem.
73 |
74 | Answer: mkfs.ext4 /dev/mapper/
75 |
76 | /space must be created and mounted off on this filesystem.
77 |
78 | Hint: Make the directory
79 |
80 | Answer: `mkdir /space` `vi /etc/fstab` add an entry like this:
81 |
82 | /dev/mapper/ /space defaults 1 2
83 |
84 | /etc/fstab or systemd must have an entry for /space (do not reboot during the lab, as this will not work.)
85 | As above
86 |
87 | REBOOT THE LAB MACHINE WHEN FINISHED
88 |
89 |
90 | ---
91 |
92 |
93 | Scenario 3:
94 |
95 | Connect to tshoot3@prolug.asuscomm.com
96 | Password:
97 |
98 | Your team is trying to update your servers during a maintenance window. Your junior
99 | administrator kicks you over a server that they cannot get to update.
100 | To complete this event the following two must be correct.
101 |
102 | Fix the system to be able to update via dnf.
103 |
104 | HINT: DNF isn’t updating, so where are the repos that it looks for?
105 |
106 | Answer: vi /etc/yum.repos.d/rocky.repo and look for enabled=0. This needs to be fixed back to
107 |
108 | - If they need a reference, the original is over in /etc/yum.repos.d/rocky.repo.orig. The EPEL
109 | repo is busted the same way, as it needs to be enabled.
110 | Verify that kernel updates are happening.
111 |
112 | HINT: Where can updates be excluded in DNF or Yum?
113 |
114 | Answer: They need to comment out the line in /etc/yum.conf about “exclude=kernel*” because this is
115 | stopping any kernel updates from happening.
116 |
117 |
--------------------------------------------------------------------------------
/src/assets/downloads/u2/u2_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u2/u2_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u2/u2_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u2/u2_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u2/u2_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u2/u2_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u2/u2_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 2 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 | Unit 1 Discussion Post 1: Think about how week 1 went for you.
9 | 1. Do you understand everything that needs to be done?
10 | 2. Do you need to allocate more time to the course, and if so, how do you plan to do it?
11 | 3. How well did you take notes during the lecture? Do you need to improve this?
12 |
13 | Unit 1 Discussion Post 2:
14 | Read a blog, check a search engine, or ask an AI about SELINUX. What is the significance of contexts? What are the significance of labels?
15 |
16 | You follow your company instructions to add a new user to a set of 10 Linux servers. They cannot access just one (1) of the servers. When you review the differences in the servers you see that the server they cannot access is running SELINUX. On checking other users have no problem getting into the system. You find nothing in the documentation (typical) about this different system or how these users are accessing it. What do you do? Where do you check? (you may use any online resources to help you answer this. This is not a trick and it is not a “one answer solution”. This is for you to think through.)
17 | Definitions/Terminology
18 | Uptime -
19 | Standard input -
20 | Standard output -
21 | Standard error -
22 | Mandatory Access Control -
23 | Discretionary Access Control -
24 | Security contexts (SELINUX) -
25 | SELINUX operating modes -
26 |
27 | Notes During Lecture/Class:
28 | Links:
29 |
30 | Terms:
31 |
32 | Useful tools:
33 |
34 | Lab and Assignment
35 | Unit2_ProLUG_LabEssentials2 - To be completed outside of lecture time
36 | Compare SELINUX to Apparmor, following the below 2 tasks:
37 | a. Read this article: https://www.redhat.com/sysadmin/apparmor-selinux-isolation
38 | b. Do this lab: https://killercoda.com/killer-shell-cks/scenario/apparmor
39 | Start thinking about your project ideas (more to come in future weeks):
40 | Topics:
41 | 1. System Stability
42 | 2. System Performance
43 | 3. System Security
44 | 4. System monitoring
45 | 5. Kubernetes
46 | 6. Programming/Automation
47 |
48 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
49 | Digging Deeper
50 | 1. How does troubleshooting differ between system administration and system engineering? To clarify, how might you troubleshoot differently if you know a system was running v. if you’re building a new system out?
51 |
52 | 2. Investigate a troubleshooting methodology, by either google or AI search. Does the methodology fit for you in an IT sense, why or why not?
53 |
54 | Reflection Questions
55 | 1. What questions do you still have about this week?
56 |
57 |
58 | 2. How are you going to use what you’ve learned in your current role?
59 |
60 |
61 |
62 |
--------------------------------------------------------------------------------
/src/assets/downloads/u3/u3_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u3/u3_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u3/u3_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u3/u3_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u3/u3_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u3/u3_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u3/u3_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 3 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 | Unit 3 Discussion Post 1: What does the term triage mean to you? Have you ever had to triage something?
9 | 1. Scan the chapter here https://google.github.io/building-secure-and-reliable-systems/raw/ch17.html for keywords and pull out what you think will help you to better understand how to triage an incident.
10 | 2. Read the section called “Operation Security” in this same chapter: https://google.github.io/building-secure-and-reliable-systems/raw/ch17.html
11 | what important concepts do you learn about how we behave during an operational response to an incident?
12 | Unit 3 Discussion Post 2:
13 | Ask google, find a blog, or ask an AI about high availability. (Here’s one if you need it: https://docs.aws.amazon.com/pdfs/whitepapers/latest/real-time-communication-on-aws/real-time-communication-on-aws.pdf#high-availability-and-scalability-on-aws)
14 | 1. What are some important terms you read about?
15 | 2. Why do you think understanding HA will help you better in the context of triaging incidents?
16 |
17 |
18 | Definitions/Terminology
19 | Five 9’s -
20 | Single point of failure -
21 | Key Performance Indicators -
22 | SLI -
23 | SLO -
24 | SLA -
25 | Active-Standby -
26 | Active-Active -
27 | MTTD -
28 | MTTR -
29 | MTBF -
30 |
31 |
32 | Notes During Lecture/Class:
33 | Links:
34 |
35 | Terms:
36 |
37 | Useful tools:
38 |
39 | Lab and Assignment
40 | Unit3_ProLUG_LVM_and_RAID - To be completed outside of lecture time
41 | Start thinking about your project ideas (more to come in future weeks):
42 | Topics:
43 | 1. System Stability
44 | 2. System Performance
45 | 3. System Security
46 | 4. System monitoring
47 | 5. Kubernetes
48 | 6. Programming/Automation
49 |
50 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
51 | Digging Deeper
52 | 1. If uptime is so important to us, why is it so important to us to also understand how our systems can fail? Why would we focus on the thing that does not drive uptime?
53 |
54 | 2. Start reading about SLOs: https://sre.google/workbook/implementing-slos/
55 | How does this help you operationally? Does it make sense that keeping systems within defined parameters will help keep them operating longer?
56 |
57 |
58 | Reflection Questions
59 | 1. What questions do you still have about this week?
60 |
61 |
62 | 2. How are you going to use what you’ve learned in your current role?
63 |
64 |
65 |
66 |
--------------------------------------------------------------------------------
/src/assets/downloads/u4/u4_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u4/u4_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u4/u4_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u4/u4_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u4/u4_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u4/u4_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u4/u4_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 4 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 | Unit 4 Discussion Post 1: Read this article: https://cio-wiki.org/wiki/Operations_Bridge
9 | 1. What terms and concepts are new to you?
10 | 2. Which pro seems the most important to you? Why?
11 | 3. Which con seems the most costly, or difficult to overcome to you? Why?
12 | Unit 4 Discussion Post 2: Your team has no documentation around how to check out a server during an incident. Write out a procedure of what you think an operations person should be doing on the system they suspect is not working properly. This may help, to get you started (https://zeltser.com/media/docs/security-incident-survey-cheat-sheet.pdf?msc=Cheat+Sheet+Blog) You may use AI for this, but let us know if you do.
13 |
14 | Definitions/Terminology
15 | Detection
16 | Response
17 | Mitigation
18 | Reporting
19 | Recovery
20 | Remediation
21 | Lessons Learned
22 | After action review
23 | Operations Bridge
24 |
25 |
26 | Notes During Lecture/Class:
27 | Links:
28 |
29 | Terms:
30 |
31 | Useful tools:
32 |
33 | Lab and Assignment
34 | Unit4_Lab_Operate_Running_Systems - To be completed outside of lecture time
35 | Begin working on your project from the Project Guide
36 | Topics:
37 | 1. System Stability
38 | 2. System Performance
39 | 3. System Security
40 | 4. System monitoring
41 | 5. Kubernetes
42 | 6. Programming/Automation
43 |
44 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
45 | Digging Deeper
46 | 1. Read about battle drills here (https://en.wikipedia.org/wiki/Battle_drill)
47 | Why might it be important to practice incident handling before an incident occurs?
48 | Why might it be important to understand your tools before an incident occurs?
49 |
50 |
51 | Reflection Questions
52 | 1. What questions do you still have about this week?
53 |
54 |
55 | 2. How much better has your note taken gotten since you started? What do you still need to work on? Have you started using a different tool? Have you taken more notes?
56 |
57 |
58 |
59 |
--------------------------------------------------------------------------------
/src/assets/downloads/u5/u5_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u5/u5_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u5/u5_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u5/u5_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u5/u5_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u5/u5_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u5/u5_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 5 Worksheet
3 |
4 | Instructions
5 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
6 |
7 | Discussion Questions:
8 | Unit 5 Discussion Post 1: Review the page: https://attack.mitre.org/
9 | 1. What terms and concepts are new to you?
10 | 2. Why, as a system administrator and not directly in security, do you think it’s so important to understand how your systems can be attacked? Isn’t it someone else’s problem to think about that?
11 | 3. What impact to the organization is data exfiltration? Even if you’re not a data owner or data custodian, why is it so important to understand the data on your systems?
12 |
13 | Unit 5 Discussion Post 2: Find a blog or article on the web that discusses the user environment in Linux. You may want to search for .bashrc or (dot) environment files in Linux.
14 | 1. What types of customizations might you setup for your environment? Why?
15 | 2. What problems can you anticipate around helping users with their dot files?
16 | Definitions/Terminology
17 | Footprinting
18 | Scanning
19 | Enumeration
20 | System Hacking
21 | Escalation of Privilege
22 | - Rule of least privilege
23 | Covering Tracks
24 | Planting Backdoors
25 |
26 | Notes During Lecture/Class:
27 | Links:
28 |
29 | Terms:
30 |
31 | Useful tools:
32 |
33 | Lab and Assignment
34 | Unit 5 Manage Users and Groups - To be completed outside of lecture time
35 | Map the Internal ProLUG Network (192.168.200.0/24):
36 | 1. Map the network from one of the rocky nodes.
37 | Using a template that you build or find from the internet, provide a 1 page summary of what you find in the network.
38 |
39 | Begin working on your project from the Project Guide
40 | Topics:
41 | 1. System Stability
42 | 2. System Performance
43 | 3. System Security
44 | 4. System monitoring
45 | 5. Kubernetes
46 | 6. Programming/Automation
47 |
48 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
49 | Digging Deeper
50 | 1. Read
51 |
52 | Reflection Questions
53 | 1. What questions do you still have about this week?
54 |
55 |
56 | 2.
57 |
58 |
59 |
60 |
--------------------------------------------------------------------------------
/src/assets/downloads/u6/u6_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u6/u6_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u6/u6_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u6/u6_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u6/u6_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u6/u6_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u6/u6_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 6 Worksheet
3 | Instructions
4 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
5 | Discussion Questions:
6 | Unit 5 Discussion Post 1: A ticket has come in from an application team. Some of the servers your team built for them last week have not been reporting up to enterprise monitoring and they need it to be able to troubleshoot a current issue, but they have no data. You jump on the new servers and find that your engineer built everything correctly and the agents for node_exporter, ceph_exporter and logstash exporter that your teams use. But, they also have adhered to the new company standard of firewalld must be running. No one has documented the ports that need to be open, so you’re stuck between the new standards and fixing this problem on live systems.
7 | 1. As you’re looking this up, what terms and concepts are new to you?
8 | 2. What are the ports that you need to expose? How did you find the answer?
9 | 3. What are you going to do to fix this on your firewall?
10 | Unit 5 Discussion Post 2: A manager heard you were the one that saved the new application by fixing the firewall. They get your manager to approach you with a request to review some documentation from a vendor that is pushing them hard to run a WAF in front of their web application. You are “the firewall” guy now, and they’re asking you to give them a review of the differences between the firewalls you set up (which they think should be enough to protect them) and what a WAF is doing.
11 | 1. What do you know about the differences now?
12 | 2. What are you going to do to figure out more?
13 | 3. Prepare a report for them comparing it to the firewall you did in the first discussion.
14 | Definitions/Terminology
15 | Firewall
16 | Zone
17 | Service
18 | DMZ
19 | Proxy
20 | Stateful packet filtering
21 | Stateless packet filtering
22 | WAF
23 | NGFW
24 | Notes During Lecture/Class:
25 | Links:
26 |
27 | Terms:
28 |
29 | Useful tools:
30 |
31 | Lab and Assignment
32 | Unit 6 Firewalls - To be completed outside of lecture time
33 | - (Alternate assignment to lab, if you have no Rocky) https://killercoda.com/het-tanis/course/Linux-Labs/205-setting-up-uncomplicated-firewall-UFW
34 | Begin working on your project from the Project Guide
35 | Topics:
36 | 1. System Stability
37 | 2. System Performance
38 | 3. System Security
39 | 4. System monitoring
40 | 5. Kubernetes
41 | 6. Programming/Automation
42 |
43 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
44 | Digging Deeper
45 | 1. Read https://docs.rockylinux.org/zh/guides/security/firewalld-beginners/
46 | What new things did you learn that you didn’t learn in the lab?
47 | What functionality of firewalld are you likely to use in your professional work?
48 |
49 | Reflection Questions
50 | 1. What questions do you still have about this week?
51 |
52 |
53 | 2. How does security as a system administrator differ from what you expected?
54 |
55 |
56 |
57 |
--------------------------------------------------------------------------------
/src/assets/downloads/u7/u7_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u7/u7_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u7/u7_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u7/u7_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u7/u7_lab.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 7 Worksheet
3 | Instructions
4 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
5 | Discussion Questions:
6 | Unit 7 Discussion Post 1: Why is software versioning so important to software security? Can you find 3 reasons, from the internet, AI, or your peers?
7 | Unit 7 Discussion Post 2: You are new to a Linux team. A ticket has come in from an application team and has already been escalated to your manager. They want software installed on one of their servers but you cannot find any documentation and your security team is out to lunch and not responding. You remember from some early documentation that you read that all the software in the internal repos you currently have are approved for deployment on servers. You want to also verify by checking other servers that this software exists. This is an urgent ask and your manager is hovering.
8 | 1. How can you check all the repos on your system to see which are active?
9 | 2. How would you check another server to see if the software was installed there?
10 | 3. If you find the software, how might you figure out when it was installed? (Time/Date)
11 | Unit 7 Discussion Post 3: (After you have completed the lab) - Looking at the concept of group install from DNF or Yum. Why do you think an administrator may never want to use that in a running system? Why might an engineer want to or not want to use that? This is a thought exercise, so it’s not a “right or wrong” answer it’s for you to think about.
12 | 1. What is the concept of software bloat, and how do you think it relates?
13 | 2. What is the concept of a security baseline, and how do you think it relates?
14 | 3. How do you think something like this affects performance baselines?
15 | Definitions/Terminology
16 | Yum
17 | DNF
18 | Repo
19 | GPG Key
20 | Software dependency
21 | Software version
22 | Semantic Version
23 | Notes During Lecture/Class:
24 | Links:
25 |
26 | Terms:
27 |
28 | Useful tools:
29 |
30 | Lab and Assignment
31 | Unit 7 Security Patching and Package Management
32 | Begin working on your project from the Project Guide
33 | Topics:
34 | 1. System Stability
35 | 2. System Performance
36 | 3. System Security
37 | 4. System monitoring
38 | 5. Kubernetes
39 | 6. Programming/Automation
40 |
41 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
42 | Digging Deeper
43 | 1. What is semantic versioning? https://semver.org/
44 |
45 |
46 | Reflection Questions
47 | 1. What questions do you still have about this week?
48 |
49 |
50 | 2. How does security as a system administrator differ from what you expected?
51 |
52 |
53 |
54 |
--------------------------------------------------------------------------------
/src/assets/downloads/u7/u7_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u7/u7_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u7/u7_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 7 Worksheet
3 | Instructions
4 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
5 |
6 | Discussion Questions:
7 | Unit 7 Discussion Post 1: Why is software versioning so important to software security? Can you find 3 reasons, from the internet, AI, or your peers?
8 | Unit 7 Discussion Post 2: You are new to a Linux team. A ticket has come in from an application team and has already been escalated to your manager. They want software installed on one of their servers but you cannot find any documentation and your security team is out to lunch and not responding. You remember from some early documentation that you read that all the software in the internal repos you currently have are approved for deployment on servers. You want to also verify by checking other servers that this software exists. This is an urgent ask and your manager is hovering.
9 | 1. How can you check all the repos on your system to see which are active?
10 | 2. How would you check another server to see if the software was installed there?
11 | 3. If you find the software, how might you figure out when it was installed? (Time/Date)
12 | Unit 7 Discussion Post 3: (After you have completed the lab) - Looking at the concept of group install from DNF or Yum. Why do you think an administrator may never want to use that in a running system? Why might an engineer want to or not want to use that? This is a thought exercise, so it’s not a “right or wrong” answer it’s for you to think about.
13 | 1. What is the concept of software bloat, and how do you think it relates?
14 | 2. What is the concept of a security baseline, and how do you think it relates?
15 | 3. How do you think something like this affects performance baselines?
16 | Definitions/Terminology
17 | Yum
18 | DNF
19 | Repo
20 | GPG Key
21 | Software dependency
22 | Software version
23 | Semantic Version
24 | Notes During Lecture/Class:
25 | Links:
26 |
27 | Terms:
28 |
29 | Useful tools:
30 |
31 | Lab and Assignment
32 | Unit 7 Security Patching and Package Management
33 | Begin working on your project from the Project Guide
34 | Topics:
35 | 1. System Stability
36 | 2. System Performance
37 | 3. System Security
38 | 4. System monitoring
39 | 5. Kubernetes
40 | 6. Programming/Automation
41 |
42 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
43 | Digging Deeper
44 | 1. What is semantic versioning? https://semver.org/
45 |
46 |
47 | Reflection Questions
48 | 1. What questions do you still have about this week?
49 |
50 |
51 | 2. How does security as a system administrator differ from what you expected?
52 |
53 |
54 |
55 |
--------------------------------------------------------------------------------
/src/assets/downloads/u8/u8_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u8/u8_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u8/u8_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u8/u8_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u8/u8_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u8/u8_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u8/u8_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 8 Worksheet
3 | Instructions
4 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
5 |
6 | Discussion Questions:
7 | Unit 8 Discussion Post 1: It’s a 2 week holiday in your country and most of the engineers and architects who designed the system are out of town. You’ve noticed a pattern of logs filling up on a set of web servers from increased traffic. Your research shows, and then you verify, that the logs are being sent off real time to Splunk. Your team has just been deleting the logs every few days, but one of the 3rd shift engineers didn’t read the notes and your team suffered downtime. How might you implement a simple fix to stop gap the problem before all the engineering resources come back next week?
8 | 1. What resources helped you answer this?
9 | 2. Why can’t you just make a design fix and add space in /var/log on all these systems?
10 | 3. Why can’t you just make a design change and logrotate more often so this doesn’t happen?
11 | 4. For 2,3 if you are ok with that, explain your answer. (This isn’t a trick, maybe there is a valid reason.)
12 | Unit 8 Discussion Post 2: You are the only Linux Administrator at a small healthcare company. The engineer/admin before you left you a lot of scripts to untangle. This is one of our many tasks as administrators, so you set out to accomplish it. You start to notice that he only ever uses nested if statements in bash. You also notice that every loop is a conditional `while true` and then he breaks the loop after a decision test each loop. You know his stuff works, but you think it could be more easily written for supportability, for you and future admins. You decide to write up some notes by reading some google, AI, and talking to your peers.
13 | 1. Compare the use of nested if versus case statement in bash.
14 | 2. Compare the use of conditional and counting loops. Under what circumstances would you use one or the other?
15 | Definitions/Terminology
16 | Variables
17 | Interpreted program
18 | Compiled program
19 | Truth table
20 | And/or logic
21 | Single/Dual/Multiple alternative logic
22 | Notes During Lecture/Class:
23 | Links:
24 |
25 | Terms:
26 |
27 | Useful tools:
28 |
29 | Lab and Assignment
30 | Unit 8 Scripting and system checks
31 | Begin working on your project from the Project Guide
32 | Topics:
33 | 1. System Stability
34 | 2. System Performance
35 | 3. System Security
36 | 4. System monitoring
37 | 5. Kubernetes
38 | 6. Programming/Automation
39 |
40 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
41 | Digging Deeper
42 | 1. Read https://tldp.org/LDP/Bash-Beginners-Guide/html/sect_07_01.html
43 | https://tldp.org/LDP/Bash-Beginners-Guide/html/sect_07_02.html
44 | https://tldp.org/LDP/Bash-Beginners-Guide/html/sect_07_03.html
45 | What did you learn about capabilities of bash that can help you in your scripting?
46 | 2. If you want to dig more into truth tables and logic, this is a good start: https://en.wikipedia.org/wiki/Truth_table
47 |
48 | Reflection Questions
49 | 1. What questions do you still have about this week?
50 |
51 |
52 | 2. Just knowing a lot about scripting doesn’t help much against actually doing it in a practical sense. What things are you doing currently at work or in a lab that you can apply some of this logic to?
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/src/assets/downloads/u9/u9_lab.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u9/u9_lab.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u9/u9_lab.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u9/u9_lab.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u9/u9_worksheet.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u9/u9_worksheet.docx
--------------------------------------------------------------------------------
/src/assets/downloads/u9/u9_worksheet.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/downloads/u9/u9_worksheet.pdf
--------------------------------------------------------------------------------
/src/assets/downloads/u9/u9_worksheet.txt:
--------------------------------------------------------------------------------
1 | ProLUG 101
2 | Unit 9 Worksheet
3 | Instructions
4 | Fill out this sheet as you progress through the lab and discussions. Hold onto all of your work to send to me at the end of the course.
5 | Discussion Questions:
6 | Unit 9 Discussion Post 1: It’s a slow day in the NOC and you have heard that a new system of container deployments are being used by your developers. Do some reading about containers, docker, and podman.
7 | 1. What resources helped you answer this?
8 | 2. What did you learn about that you didn’t know before?
9 | 3. What seems to be the major benefit of containers?
10 | 4. What seems to be some obstacles to container deployment?
11 | Unit 9 Discussion Post 2: You get your first ticket about a problem with containers. One of the engineers is trying to move his container up to the Dev environment shared server. He sends you over this information about the command he’s trying to run.
12 | [developer1@devserver read]$ podman ps
13 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
14 | [developer1@devserver read]$ podman images
15 | REPOSITORY TAG IMAGE ID CREATED SIZE
16 | localhost/read_docker latest 2c0728a1f483 5 days ago 68.2 MB
17 | docker.io/library/python 3.13.0-alpine3.19 9edd75ff93ac 3 weeks ago 47.5 MB
18 | [developer1@devserver read]$ podman run -dt -p 8080:80/tcp docker.io/library/httpd
19 | You decide to check out the server
20 | [developer1@devserver read] ss -ntulp
21 | Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
22 | udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=166693,fd=13))
23 | tcp LISTEN 0 80 127.0.0.1:3306 0.0.0.0:* users:(("mariadbd",pid=234918,fd=20))
24 | tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=166657,fd=3))
25 | tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=166693,fd=14))
26 | tcp LISTEN 0 4096 *:8080 *:* users:(("node_exporter",pid=662,fd=3))
27 | 1. What do you think the problem might be?
28 | a. How will you test this?
29 | 2. The developer tells you that he’s pulling a local image, do you find this to be true, or is something else happening in their run command?
30 | Definitions/Terminology
31 | Container
32 | Docker
33 | Podman
34 | CI/CD
35 | Dev/Prod Environments
36 | Dockerfile
37 | Docker/Podman images
38 | Repository
39 | Notes During Lecture/Class:
40 | Links:
41 |
42 | Terms:
43 |
44 | Useful tools:
45 |
46 | Lab and Assignment
47 | Unit 9 containers and k3s
48 | https://killercoda.com/k3s/scenario/intro #Run scenario and play with K3s
49 |
50 | Continue working on your project from the Project Guide
51 | Topics:
52 | 1. System Stability
53 | 2. System Performance
54 | 3. System Security
55 | 4. System monitoring
56 | 5. Kubernetes
57 | 6. Programming/Automation
58 |
59 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
60 | Digging Deeper
61 | 1. Find a blog on deployment of some service or application in a container that interests you. See if you can get the deployment working in the lab.
62 | a. What worked well?
63 | b. What did you have to troubleshoot?
64 | c. What documentation can you make to be able to do this faster next time?
65 |
66 | Reflection Questions
67 | 1. What questions do you still have about this week?
68 |
69 |
70 | 2. How can you apply this now in your current role in IT? If you’re not in IT, how can you look to put something like this into your resume or portfolio?
71 |
72 |
73 |
--------------------------------------------------------------------------------
/src/assets/images/addkey.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/addkey.png
--------------------------------------------------------------------------------
/src/assets/images/flow.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/flow.png
--------------------------------------------------------------------------------
/src/assets/images/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/logo.png
--------------------------------------------------------------------------------
/src/assets/images/permissions.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/permissions.png
--------------------------------------------------------------------------------
/src/assets/images/squashing.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/squashing.png
--------------------------------------------------------------------------------
/src/assets/images/syllabus-lab.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/syllabus-lab.png
--------------------------------------------------------------------------------
/src/assets/images/syncfork.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/syncfork.png
--------------------------------------------------------------------------------
/src/assets/images/verified.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/verified.png
--------------------------------------------------------------------------------
/src/assets/images/workflow.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionalLinuxUsersGroup/lac/c80731df8f2b7f2f2b5c10e3fb43d1d00ff7c1af/src/assets/images/workflow.png
--------------------------------------------------------------------------------
/src/certify.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Qualifying for the Certification
5 |
6 |
7 |
8 | ---
9 |
10 | Each course run through the Professional Linux Users Group (ProLUG) allows you to earn
11 | a certification upon completion.
12 |
13 | Certificates are awarded to those who complete the course within the timeframe that
14 | it is being run through the ProLUG Discord.
15 |
16 | - To see when courses are running, join the ProLUG Discord server and check the
17 | Events section.
18 |
19 | If you aim to earn the certification for completing this course, you must follow the
20 | guidelines set forth in this document.
21 |
22 | There are four main components to earning the certification.
23 |
24 | 1. Worksheet Completion
25 |
26 | 2. Discussion Questions
27 |
28 | 3. Lab Completion
29 |
30 | 4. Final Project
31 |
32 | ## Worksheet Completion
33 |
34 | ---
35 |
36 | Each unit has a corresponding worksheet.
37 | On this worksheet are discussion questions, terms/definitions, **optional** "digging
38 | deeper" sections, and reflection questions.
39 |
40 | These worksheets must be filled out and kept until the end of the course.
41 | Upon reaching the end, they are to be submitted to the instructor (Scott Champine).
42 |
43 | ### Worksheet Submission Format
44 |
45 | ---
46 |
47 | The format in which you submit these worksheets is up to you.
48 |
49 | Some students prefer to keep them in a GitHub repository, others prefer to just keep
50 | them as files on their machines and submit via email.
51 |
52 | ## Discussion Questions
53 |
54 | ---
55 |
56 | Each unit's worksheet contains multiple discussion questions.
57 | Each discussion question has its own thread in the ProLUG Discord server, in the
58 | `#prolug-projects` channel.
59 |
60 | To qualify for certification:
61 |
62 | - You must post your answer to each discussion question in the correct thread.
63 | - You must respond to another student's answer in the same thread.
64 |
65 | The goal of this is not to create busywork, but to spark discussions and see things
66 | from other points of view.
67 |
68 | ## Lab Completion
69 |
70 | ---
71 |
72 | Each unit has a lab that is to be completed.
73 |
74 | The labs, like the worksheets, should be also completed and saved until the end of
75 | the course.
76 |
77 | These labs should be turned in along with the worksheets in the same format of your choice.
78 |
79 | ## Final Project
80 |
81 | ---
82 |
83 | Each ProLUG course has students complete a capstone project.
84 |
85 | This is a requirement for earning a ProLUG course certification.
86 |
87 | The project must meet the standards set forth in the Final Project Outline (or
88 | otherwise be approved by the instructor, Scott Champine).
89 |
--------------------------------------------------------------------------------
/src/contributors.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Contributors
5 |
6 |
7 |
8 | This book was made possible by a small group of dedicated contributors who worked diligently to create an accessible resource for future students enrolled in courses offered by the Professional Linux User Group.
9 |
10 | The group met weekly to organize efforts, manage contributions, and onboard new volunteers. Using Git for version control and GitHub for project management, they converted existing courseware into Markdown and HTML. The content was then compiled with mdBook into a fast, searchable, multimedia learning resource.
11 |
12 | ## Organizing Contributors:
13 |
14 | - Chris McKee
15 | - Connor Wilkins
16 | - Trevor Smale
17 | - Shane Dugas
18 |
19 | ## Writing Contributors:
20 |
21 | - Chris McKee
22 | - Connor Wilkins
23 | - Trevor Smale
24 | - Shane Dugas
25 | - Maro Boneza
26 | - Enzo Barcellos
27 | - Thong Huynh
28 | - Marlon Mejia
29 | - Chigozie Umeh
30 | - Joey Rockhold
31 | - Trafficking*
32 | - Mohamadou Sall
33 | - AntonJJ*
--------------------------------------------------------------------------------
/src/outro.md:
--------------------------------------------------------------------------------
1 |
7 |
8 | Students aiming to complete the Linux Systems Administration course are expected to
9 | devise and complete a capstone project, to be turned in at the end of the course.
10 |
11 | The instructions, expectations, and deliverables for the project are listed on this
12 | page.
13 |
14 | ## Instructions
15 |
16 | 1. Select a topic to research about a project that you are going to build.
17 |
18 | Topics:
19 |
20 | 1. System Stability
21 | 2. System Performance
22 | 3. System Security
23 | 4. System monitoring
24 | 5. Kubernetes
25 | 6. Programming/Automation
26 |
27 | 2. Plan the project
28 | - Find documentation or similar projects and build off of what was done there.
29 | 3. Document
30 | - First pass, what does it take to build this?
31 | 4. Diagram
32 | - Draw the thing
33 | 1. [Excalidraw.com](https://excalidraw.com)
34 | 2. [Draw.io](https://draw.io)
35 | 5. Build
36 | - Get screen shots
37 | - Make a video?
38 | - Basically prove you built it.
39 | 6. Finalize documentation
40 | - Redline the documentation
41 | 7. Prepare to Present ([overleaf.com](https://www.overleaf.com/) is a great alternative to Powerpoint)
42 |
43 | - Setup a 15-20 slide deck on what you did
44 | 1. Project purpose
45 | 2. Diagram
46 | 3. Build Process
47 | 4. What did you learn?
48 | 5. How are you going to apply this?
49 |
50 | 8. Do any of you want to present?
51 | - Let me (Scott) know and we’ll get you a slot in the last few weeks.
52 |
53 | ## Deliverables
54 |
55 | 1. Build Documentation for your project that works in either the ProLUG labs, or in
56 | the Killercoda environment.
57 |
58 | 2. A diagram of what you built. This should be both a physical and a logical
59 | representation of the system (if applicable).
60 |
61 | 3. Examples of the running system, screen shots, or other proof that you built it and
62 | show it in a running state.
63 |
64 | 4. A 15-20 slide presentation of the above material that you would present to a group (presenting
65 | to us is voluntary, but definitely possible.)
66 |
--------------------------------------------------------------------------------
/src/resources.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Resources
5 |
6 |
7 |
8 | This file is dynamically generated at build time using GitHub Actions.
9 |
10 | To see what it looks like, run `./scripts/generate_resources.sh` from the **root
11 | directory** of the project (e.g., `cd ~/lac && ./scripts/generate_resources.sh`).
12 |
--------------------------------------------------------------------------------
/src/u10b.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 10 Bonus - Kubernetes
5 |
6 |
7 |
8 | > **NOTE:** This is an **optional** bonus section. You **do not** need to read it, but if you're interested in digging deeper, this is for you.
9 |
10 | This section provides **advanced troubleshooting techniques**, **security best practices**, and **real-world challenges** to strengthen your Kubernetes knowledge.
11 |
12 | ## Step 1: Troubleshooting Kubernetes Cluster Issues
13 |
14 | ---
15 |
16 | When things go wrong, **systematic troubleshooting** is key. Here’s how you diagnose **common Kubernetes issues**.
17 |
18 | ### Node Not Ready
19 |
20 | **Check node status**
21 |
22 | ```sh
23 | kubectl get nodes
24 | kubectl describe node
25 | ```
26 |
27 | **Investigate Kubelet logs**
28 |
29 | ```sh
30 | journalctl -u k3s -n 50 --no-pager
31 | ```
32 |
33 | **Verify system resources**
34 |
35 | ```sh
36 | free -m # Check available memory
37 | df -h # Check disk space
38 | htop # Monitor CPU usage
39 | ```
40 |
41 | **Possible Fixes**
42 |
43 | - Restart K3s on the failing node:
44 | ```sh
45 | systemctl restart k3s
46 | ```
47 | - Ensure network connectivity:
48 | ```sh
49 | ping
50 | ```
51 |
52 | ### Pods Stuck in "Pending" or "CrashLoopBackOff"
53 |
54 | **Check pod status**
55 |
56 | ```sh
57 | kubectl get pods -A
58 | kubectl describe pod
59 | kubectl logs
60 | ```
61 |
62 | **Possible Fixes**
63 |
64 | - If **insufficient resources**, scale up the cluster.
65 | - If **missing images**, check container registry authentication.
66 | - If **misconfigured storage**, inspect volumes:
67 | ```sh
68 | kubectl get pvc
69 | ```
70 |
71 | ## Step 2: Securing Kubernetes Deployments
72 |
73 | ---
74 |
75 | Security is crucial in enterprise environments. Here are **quick wins** for a more **secure Kubernetes cluster**.
76 |
77 | ### Limit Pod Privileges
78 |
79 | **Disable privileged containers**
80 |
81 | ```yaml
82 | securityContext:
83 | privileged: false
84 | ```
85 |
86 | **Enforce read-only file system**
87 |
88 | ```yaml
89 | securityContext:
90 | readOnlyRootFilesystem: true
91 | ```
92 |
93 | ### Restrict Network Access
94 |
95 | **Use Network Policies to restrict pod communication**
96 |
97 | ```yaml
98 | apiVersion: networking.k8s.io/v1
99 | kind: NetworkPolicy
100 | metadata:
101 | name: deny-all
102 | spec:
103 | podSelector: {}
104 | policyTypes:
105 | - Ingress
106 | ```
107 | Use [NetworkPolicy Editor](https://editor.networkpolicy.io/) to create and edit your network policies.
108 |
109 | ### Use Pod Security Admission (PSA)
110 |
111 | Enable PSA to enforce security levels:
112 |
113 | ```sh
114 | kubectl label --overwrite ns my-namespace pod-security.kubernetes.io/enforce=restricted
115 | ```
116 |
117 | ## Step 3: Performance Optimization Tips
118 |
119 | ---
120 |
121 | **Enhance Kubernetes efficiency with these quick optimizations**:
122 |
123 | ### Optimize Resource Requests & Limits
124 |
125 | Set appropriate **CPU & Memory limits** in deployments:
126 |
127 | ```yaml
128 | resources:
129 | requests:
130 | cpu: "250m"
131 | memory: "256Mi"
132 | limits:
133 | cpu: "500m"
134 | memory: "512Mi"
135 | ```
136 |
137 | **Why?** Prevents a single pod from consuming excessive resources.
138 |
139 | ### Enable Horizontal Pod Autoscaling (HPA)
140 |
141 | Auto-scale pods **based on CPU or memory usage**:
142 |
143 | ```sh
144 | kubectl autoscale deployment my-app --cpu-percent=50 --min=2 --max=10
145 | ```
146 |
147 | ## Step 4: Bonus Challenge - Build a Secure, Scalable App
148 |
149 | ---
150 |
151 | **Challenge:**
152 |
153 | - **Create a secure containerized app**
154 | - **Deploy it in Kubernetes**
155 | - **Implement Network Policies**
156 | - **Apply Pod Security Standards**
157 |
158 | **Helpful Resources**:
159 |
160 | - [Pod Security Standards](https://kubernetes.io/docs/concepts/security/pod-security-standards/)
161 | - [Kubernetes Hardening Guide](https://www.cisa.gov/kubernetes-hardening-guide)
162 | - [Kubernetes Security Best Practices](https://kubernetes.io/docs/concepts/security/)
163 |
164 | ## Conclusion
165 |
166 | ---
167 |
168 | This **bonus section** strengthens **your Kubernetes troubleshooting, security, and performance tuning skills**. Apply these principles in real-world deployments!
169 |
170 | ## Downloads
171 |
--------------------------------------------------------------------------------
/src/u10intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 10 - Kubernetes
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | This unit introduces **Kubernetes (K8s)**, an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. The unit covers:
13 |
14 | - **Understanding Kubernetes Architecture** - Nodes, Control Plane, and Cluster Components.
15 | - **Installing K3s** - A lightweight Kubernetes distribution optimized for resource efficiency.
16 | - **Interacting with Kubernetes** - Using `kubectl` to manage and troubleshoot clusters.
17 | - **Deploying Applications** - Creating and managing **Pods, Deployments, and Services**.
18 | - **Security and Best Practices** - Implementing security measures and troubleshooting issues.
19 |
20 | Kubernetes plays a critical role in **modern enterprise infrastructure**, enabling **scalability, high availability, and automation** in cloud-native applications.
21 |
22 | ## Learning Objectives
23 |
24 | ---
25 |
26 | By the end of this unit, learners will:
27 |
28 | 1. **Understand the Core Concepts of Kubernetes:**
29 |
30 | - Define Kubernetes and explain its role in container orchestration.
31 | - Differentiate between **Kubernetes vs. PaaS (Platform as a Service)**.
32 |
33 | 2. **Deploy and Manage Kubernetes Clusters:**
34 |
35 | - Install **K3s** and verify its functionality.
36 | - Manage cluster resources using `kubectl`.
37 |
38 | 3. **Perform Basic Kubernetes Operations:**
39 |
40 | - Create and manage **Pods, Deployments, and Services**.
41 | - Understand the role of **Namespaces, ConfigMaps, and Secrets**.
42 |
43 | 4. **Troubleshoot Kubernetes Clusters:**
44 |
45 | - Identify common cluster issues and validate node status.
46 | - Diagnose networking and pod scheduling problems.
47 |
48 | 5. **Apply Security Best Practices in Kubernetes:**
49 |
50 | - Secure containerized applications using best practices.
51 | - Implement **Kubernetes Pod Security Standards**.
52 |
53 | ## Relevance & Context
54 |
55 | ---
56 |
57 | Kubernetes is a **foundational technology in modern DevOps and cloud computing**. Understanding it is critical for system administrators, DevOps engineers, and site reliability engineers (SREs) for several reasons:
58 |
59 | - **Scalability & Automation** - Automates containerized application deployments, scaling, and management.
60 | - **Resource Efficiency** - Optimizes workload distribution across multiple nodes.
61 | - **Infrastructure as Code (IaC)** - Kubernetes configurations can be defined declaratively using YAML.
62 | - **Cross-Cloud Compatibility** - Supports deployment across on-premises, hybrid, and multi-cloud environments.
63 | - **High Availability & Self-Healing** - Detects and replaces failed instances automatically.
64 |
65 | ## Prerequisites
66 |
67 | ---
68 |
69 | Before beginning this unit, learners should have:
70 |
71 | - A working knowledge of **Linux system administration**.
72 | - Experience using the **command line (`bash`, `ssh`, `vim`)**.
73 | - Familiarity with **containers** and tools like Docker.
74 | - Basic **networking knowledge**, including IP addressing and port management.
75 |
76 | ## Key Terms and Definitions
77 |
78 | ---
79 |
80 | **Kubernetes (K8s)**
81 |
82 | **K3s**
83 |
84 | **Control Plane**
85 |
86 | **Nodes**
87 |
88 | **Pods**
89 |
90 | **Deployments**
91 |
92 | **Services**
93 |
94 | **Kubelet**
95 |
96 | **Scheduler**
97 |
98 | **ETCD**
99 |
100 | **Kube-proxy**
101 |
102 | **Static Pod**
103 |
--------------------------------------------------------------------------------
/src/u11intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 11 - Monitoring
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | In this unit, we focus on Linux system monitoring, using modern tools like **Grafana, Prometheus, Node Exporter, and Loki**. As Linux administrators, monitoring is essential to ensure system stability, performance, and security across environments.
13 |
14 | We will explore how to collect, analyze, and visualize system metrics, and discuss best practices for monitoring and dashboard design that can improve troubleshooting and proactive system management.
15 |
16 | ## Learning Objectives
17 |
18 | ---
19 |
20 | **By the end of this unit, you will be able to**:
21 |
22 | - Explain core monitoring concepts like metrics, logs, SLOs, SLIs, and KPIs
23 | - Set up Prometheus and Node Exporter to collect system metrics
24 | - Use Grafana to create dashboards for visualizing system health and performance
25 | - Write and execute PromQL queries to analyze system data
26 | - Interpret monitoring data to diagnose system issues and support teams with actionable insights
27 |
28 | ## Relevance & Context
29 |
30 | ---
31 |
32 | Monitoring is a **core responsibility** of Linux system administration, ensuring you know what’s happening under the hood before issues escalate. Modern IT environments rely on monitoring to track system performance, security events, and overall stability — whether in production, development, or cloud environments.
33 |
34 | This unit focuses on Grafana for visualization and Prometheus with Node Exporter for **telemetry and metrics collection** — tools commonly used in enterprise, cloud, and HPC (High-Performance Computing) environments.
35 |
36 | Whether you're in a NOC, SysAdmin, or DevOps role, understanding monitoring and telemetry makes you a key contributor to system reliability and performance.
37 |
38 | ## Prerequisites
39 |
40 | ---
41 |
42 | **Before starting Unit 11, you should have**:
43 |
44 | - Basic understanding of **Linux system administration and networking**
45 | - Familiarity with **system processes, performance metrics, and logs**
46 | - **Root or sudo** access to a Linux system (Rocky 9 or equivalent)
47 | - Internet access to run labs via **Killercoda** and online resources
48 | - **_(Optional but recommended)_**: Exposure to containers and services like Grafana or Prometheus
49 |
50 | ## Key Terms and Definitions
51 |
52 | ---
53 |
54 | **SLO (Service Level Objective)**
55 |
56 | **SLA (Service Level Agreement)**
57 |
58 | **SLI (Service Level Indicator)**
59 |
60 | **KPI (Key Performance Indicator)**
61 |
62 | **MTTD (Mean Time to Detect)**
63 |
64 | **MTTR (Mean Time to Repair)**
65 |
--------------------------------------------------------------------------------
/src/u11lab.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 11 Lab - Monitoring
5 |
6 |
7 |
8 | > If you are unable to finish the lab in the ProLUG lab environment we ask you `reboot`
9 | > the machine from the command line so that other students will have the intended environment.
10 |
11 | ### Resources / Important Links
12 |
13 | - [Killercoda Labs](https://killercoda.com/learn)
14 |
15 | ### Required Materials
16 |
17 | - Rocky 9.4+ - ProLUG Lab
18 | - Or comparable Linux box
19 | - root or sudo command access
20 |
21 | #### Downloads
22 |
23 | The lab has been provided for convenience below:
24 |
25 | - 📥 u11_lab(`.pdf`)
26 | - 📥 u11_lab(`.docx`)
27 |
28 | ### Setup monitoring with Grafana
29 |
30 | ---
31 |
32 | 1. Run through each of the three labs below in Killercoda:
33 |
34 | -
35 | -
36 | -
37 |
38 | 2. While completing each lab think about the following:
39 |
40 | - a. How does it tie into the diagram below?
41 | - b. What could you improve, or what would you change based on your previous administration experience.
42 |
43 | 
44 |
45 | ### Conclusion
46 |
47 | ---
48 |
49 | In the end monitoring is more an art than engineering. Sure, we can design all the systems to track all
50 | the things, but there’s no equation on what is the one right answer for any of this. You have to spend
51 | time with the systems, know what is important and what is an indicator of problems. Then, you have to
52 | consider your audience and how to best show them what they need to see.
53 |
54 | > Be sure to `reboot` the lab machine from the command line when you are done.
55 |
--------------------------------------------------------------------------------
/src/u11ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 11 Worksheet - Monitoring
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [How to easily monitor your Linux server | Grafana Labs](https://grafana.com/solutions/linux-node/monitor/)
18 | - [30 Linux System Monitoring Tools Every SysAdmin Should Know](https://www.cyberciti.biz/tips/top-linux-monitoring-tools.html)
19 | - [Monitoring Linux Using SNMP - Nagios](https://www.nagios.com/solutions/linux-monitoring/)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document(s) can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u11_worksheet(`.txt`)
28 | - 📥 u11_worksheet(`.docx`)
29 |
30 | ### Unit 11 Recording
31 |
32 |
42 |
43 | #### Discussion Post #1
44 |
45 |
46 |
47 | You’ve heard the term “loose coupling” thrown around the
48 | office about a new monitoring solution coming down the pike. You find a good resource and
49 | read the section on “Prefer Loose Coupling” .
50 |
51 |
52 |
53 | 1. What does “loose coupling” mean, if you had to summarize to your junior team
54 | members?
55 |
56 | 2. What is the advantage given for why you might want to implement this type of
57 | tooling in your monitoring? Do you agree? Why or why not?
58 |
59 | 3. They mention “exposing metrics” what does it mean to expose metrics? What
60 | happens to metrics that are exposed but never collected?
61 |
62 | #### Discussion Post #2
63 |
64 |
65 |
66 | Your HPC team is asking for more information about how CPU0
67 | is behaving on a set of servers. Your team has node exporter writing data out to Prometheus
68 | (Use this to simulate ).
69 |
70 |
71 |
72 | 1. Can you see the usage of CPU0 and what is the query?
73 |
74 | 2. Can you see the usage of CPU0 for just the last 5 minutes and what is the query?
75 |
76 | 3. You know that CPU0 is excluded from Slurm, can you exclude that and only pull the
77 | user and system for the remaining CPUs and what is that query?
78 |
79 |
80 | Submit your input by following the link below.
81 |
82 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
83 |
84 |
85 |
86 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
87 |
88 | ## Definitions
89 |
90 | ---
91 |
92 | SLO
93 |
94 | SLA
95 |
96 | SLIKPI
97 |
98 | Span
99 |
100 | Trace
101 |
102 | Prometheus
103 |
104 | Node_Exporter
105 |
106 | Grafana
107 |
108 | Dashboard
109 |
110 | Heads up Display
111 |
112 | ## Digging Deeper
113 |
114 | ---
115 |
116 | 1. Read the rest of the chapter
117 | and note anything else of interest when it comes to monitoring and dashboarding.
118 |
119 | 2. Look up the “ProLUG Prometheus Certified Associate Prep 2024” in Resources ->
120 | Presentations in our ProLUG Discord. Study that for a deep dive into Prometheus.
121 |
122 | 3. Complete the project section of “Monitoring Deep Dive Project Guide” from the
123 | prolug-projects section of the Discord. We have a Youtube video on that project as
124 | well.
125 |
126 | ## Reflection Questions
127 |
128 | ---
129 |
130 | 1. What questions do you still have about this week?
131 |
132 | 2. How can you apply this now in your current role in IT? If you’re not in IT, how can you
133 | look to put something like this into your resume or portfolio?
134 |
--------------------------------------------------------------------------------
/src/u12intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 12 - Baselines & Benchmarks
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | In this unit, we focus on **baselining, benchmarking, testing methodology, and data analytics** — all essential skills for Linux system administrators. These topics allow us to understand the current state of our systems, measure performance under varying loads, and validate improvements with real data.
13 |
14 | We’ll explore how to gather accurate system information using tools like **iostat, sar, stress, and iperf3**, and learn how to develop test plans that can support decision-making and capacity planning. Whether you're justifying budget increases or validating a new storage solution, knowing how to gather and present performance data makes you a more effective administrator.
15 |
16 | ## Learning Objectives
17 |
18 | ---
19 |
20 | **By the end of this unit, you will be able to**:
21 |
22 | - Define and use key concepts: **baseline, benchmark, high watermark, scope, and methodology**
23 | - Use tools like **sar, iostat, stress**, and **iperf3** to collect performance data
24 | - Create and execute test plans to evaluate system behavior under different loads
25 | - Apply data analytics concepts: **descriptive, diagnostic, predictive, and prescriptive**
26 | - Communicate system performance clearly with stakeholders through objective evidence
27 |
28 | ## Relevance & Context
29 |
30 | ---
31 |
32 | Understanding how your systems behave under normal and stressful conditions is a cornerstone of professional Linux administration. In today’s environments, decisions about agents, updates, or infrastructure changes require proof — not guesswork.
33 |
34 | This unit prepares you to be the voice of data in meetings with architects and management. From proving system utilization for budget requests to testing performance claims from vendors, these skills help you become a confident, evidence-driven engineer.
35 |
36 | ## Prerequisites
37 |
38 | ---
39 |
40 | **Before starting Unit 12, you should have**:
41 |
42 | - Basic Linux administration skills and terminal comfort
43 | - Familiarity with resource categories: **CPU, memory, disk, and networking**
44 | - Access to a Rocky 9 (or similar) Linux system with **sudo or root access**
45 | - Ability to install and use CLI tools (`dnf install`, `rpm`, etc.)
46 |
47 | ## Key Terms and Definitions
48 |
49 | ---
50 |
51 | **Baseline**
52 |
53 | **Benchmark**
54 |
55 | **High Watermark**
56 |
57 | **Scope**
58 |
59 | **Methodology**
60 |
61 | **Testing**
62 |
63 | **Control**
64 |
65 | **Experiment**
66 |
67 | **Analytics**
68 |
69 | - **Descriptive**
70 | - **Diagnostic**
71 | - **Predictive**
72 | - **Prescriptive**
73 |
--------------------------------------------------------------------------------
/src/u13intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 13 - System Hardening
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | In this unit, we focus on **system hardening** — the process of configuring Linux systems to meet defined security standards. As threats evolve, system administrators play a key role in ensuring confidentiality, integrity, and availability by reducing attack surfaces and enforcing secure configurations.
13 |
14 | We will explore industry benchmarks like **STIGs and CIS**, implement hardening techniques for services like SSH, identify unneeded software, and analyze system security posture using tools like the **SCC Tool**. You’ll also revisit baselining and documentation as part of security validation and compliance.
15 |
16 | ## Learning Objectives
17 |
18 | ---
19 |
20 | **By the end of this unit, you will be able to**:
21 |
22 | - Define system hardening and understand its role in securing Linux servers
23 | - Scan systems using the **SCC Tool** to assess security compliance
24 | - Apply remediation steps based on **STIG** reports
25 | - Harden services such as **SSHD**, remove unnecessary software, and lock down ports
26 | - Rescan and verify improvements in your system’s security posture
27 | - Understand the importance of documentation and change management in security
28 |
29 | ## Relevance & Context
30 |
31 | ---
32 |
33 | Security hardening helps ensure that systems are not only functional but also resilient against misuse and attacks. Whether aligning with **PCI DSS, CIS benchmarks, or STIGs**, hardening turns general-purpose Linux installs into mission-ready infrastructure.
34 |
35 | This unit emphasizes **security vs. accessibility**, change management, and shared responsibility between security and operations. You’ll experience real-world practices like scanning, remediating, and verifying — essential skills for any administrator tasked with system security.
36 |
37 | ## Prerequisites
38 |
39 | ---
40 |
41 | **Before starting Unit 13, you should have**:
42 |
43 | - A solid understanding of **Linux system administration and services**
44 | - Comfort using the terminal and managing services with `systemctl`
45 | - Ability to inspect ports, services, and installed software
46 | - Familiarity with tools like `ss`, `rpm`, `dnf`, and `ssh`
47 | - Access to a **Rocky Linux system with root/sudo privileges**
48 | - **_(Optional but recommended)_**: Experience from Unit 12 on baselining and benchmarking
49 |
50 | ## Key Terms and Definitions
51 |
52 | ---
53 |
54 | **Hardening**
55 |
56 | **Pipeline**
57 |
58 | **Change Management**
59 |
60 | **Security Standard**
61 |
62 | **Security Posture**
63 |
64 | **Acceptable Risk**
65 |
66 | - **NIST 800-53**
67 |
68 | **STIG**
69 |
70 | **CIS Benchmark**
71 |
72 | **OpenSCAP**
73 |
74 | **SCC Tool**
75 |
76 | **HIDS**
77 |
78 | **HIPS**
79 |
--------------------------------------------------------------------------------
/src/u13lab.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 13 Lab - System Hardening
5 |
6 |
7 |
8 | > If you are unable to finish the lab in the ProLUG lab environment we ask you `reboot`
9 | > the machine from the command line so that other students will have the intended environment.
10 |
11 | ### Resources / Important Links
12 |
13 | -
14 | -
15 | -
16 |
17 | ### Required Materials
18 |
19 | - Rocky 9.4+ - ProLUG Lab
20 | - Or comparable Linux box
21 | - root or sudo command access
22 |
23 | #### Downloads
24 |
25 | The lab has been provided for convenience below:
26 |
27 | - 📥 u13_lab(`.pdf`)
28 | - 📥 u13_lab(`.docx`)
29 |
30 | ## Pre-Lab Warm-Up
31 |
32 | ---
33 |
34 | **EXERCISES** (Warmup to quickly run through your system and familiarize yourself)
35 |
36 | 1. `ss -ntulp`
37 |
38 | - What ports are open on this server?
39 | - What is open on port 9080?
40 | - What does this service do?
41 |
42 | 2. `systemctl --failed`
43 |
44 | - Are there any failed units?
45 |
46 | 3. `systemctl list-units --state=active`
47 |
48 | - About how many active units are there?
49 | - `systemctl list-units --state=active | wc -l`
50 |
51 | 4. `rpm -qa | wc -l`
52 |
53 | - Approximately how many software packages do you have?
54 |
55 | 5. `rpm -qa | grep -i ssh`
56 |
57 | - How many ssh packages do you have?
58 | - What is the version of openssh?
59 | - Do you know if there are any known vulnerabilities for that version?
60 | -
61 |
62 | ## Lab 🧪
63 |
64 | ---
65 |
66 | There will be three basic tasks for today’s labs:
67 |
68 | 1. You will scan a server for a SCC Report and get a STIG Score
69 | 2. You will remediate some of the items from the scan
70 | 3. You will rescan and verify a better score.
71 |
72 | ### SCC Report:
73 |
74 | This lab portion can be done in the ProLUG Rocky servers, or in killercoda at this location:
75 |
76 |
77 | Testing hardening on the ProLUG Lab may take over an hour. You are welcome to perform the
78 | test there, but make sure you have some time.
79 |
80 | `ssh` into a Rocky sever
81 |
82 | ```bash
83 | cd /opt/scc
84 | time ./cscc
85 |
86 | # ---- Wait over an hour ------
87 |
88 | cd /root/SCC/sessions #find the most recent run
89 | ```
90 |
91 | Look in the results to see output.
92 |
93 | ### Harden the system
94 |
95 | 1. Harden sshd
96 |
97 |
98 |
99 | - Is your system hardened in this capacity?
100 | - How did you check?
101 | - Did the fix check work for you?
102 | - How did you check?
103 |
104 | 2. Remove unneeded Software
105 |
106 | - Read about cowsay – `man cowsay`
107 | - Remove cowsay – `dnf remove cowsay`
108 |
109 |
110 |
111 | #### Rescan to validate change
112 |
113 | `ssh` into a Rocky sever
114 |
115 | ```bash
116 | cd /opt/scc
117 | time ./cscc
118 |
119 | # ---- Wait over an hour ------
120 |
121 | cd /root/SCC/sessions #find the most recent run
122 | ```
123 |
124 | Look in the results to see output.
125 |
126 | > Be sure to `reboot` the lab machine from the command line when you are done.
127 |
--------------------------------------------------------------------------------
/src/u13ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 13 Worksheet - System Hardening
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Killercoda Lab - Server Startup Process](https://killercoda.com/het-tanis/course/Linux-Labs/107-server-startup-process)
18 | - [Killercoda Lab - Updating a Golden Image](https://killercoda.com/het-tanis/course/Linux-Labs/203-updating-golden-image)
19 |
20 | #### Downloads
21 |
22 | The worksheet has been provided below. The document(s) can be transposed to
23 | the desired format so long as the content is preserved. For example, the `.txt`
24 | could be transposed to a `.md` file.
25 |
26 | - 📥 u13_worksheet(`.txt`)
27 | - 📥 u13_worksheet(`.docx`)
28 |
29 | ### Unit 13 Recording
30 |
31 |
41 |
42 | #### Discussion Post #1
43 |
44 | Scenario:
45 |
46 |
47 |
48 | Your security team comes to you with a discrepancy between
49 | the production security baseline and something that is running on one of your servers in
50 | production. There are 5 servers in a web cluster and only one of them is showing this
51 | behavior. They want you to account for why something is different.
52 |
53 |
54 |
55 | 1. How are you going to validate that the difference between the systems?
56 |
57 | 2. What are you going to look at to explain this?
58 |
59 | 3. What could be done to prevent this problem in the future?
60 |
61 | #### Discussion Post #2
62 |
63 | Scenario:
64 |
65 |
66 |
67 | Your team has been giving you more and more engineering responsibilities.
68 | You are being asked to build out the next set of servers to integrate into the
69 | development environment. Your team is going from RHEL 8 to Rocky 9.4.
70 |
71 |
72 |
73 | 1. How might you start to plan out your migration?
74 |
75 | 2. What are you going to check on the existing systems to baseline your build?
76 |
77 | 3. What kind of validation plan might you use for your new Rocky 9.4 systems?
78 |
79 |
80 | Submit your input by following the link below.
81 |
82 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
83 |
84 |
85 |
86 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
87 |
88 | ## Definitions
89 |
90 | ---
91 |
92 | Hardening:
93 |
94 | Pipeline:
95 |
96 | Change management (IT):
97 |
98 | Security Standard:
99 |
100 | Security Posture:
101 |
102 | Acceptable Risk:
103 |
104 | NIST 800-53:
105 |
106 | STIG:
107 |
108 | CIS Benchmark:
109 |
110 | OpenSCAP:
111 |
112 | SCC Tool:
113 |
114 | HIDS:
115 |
116 | HIPS:
117 |
118 | ## Digging Deeper (Optional)
119 |
120 | ---
121 |
122 | 1. Run through this lab:
123 |
124 | - How does this help you better understand the discussion 13-2 question?
125 |
126 | 2. Run through this lab:
127 | - How does this help you better understand the process of hardening systems?
128 |
129 | ## Reflection Questions
130 |
131 | ---
132 |
133 | 1. What questions do you still have about this week?
134 |
135 | 2. How can you apply this now in your current role in IT?
136 | If you’re not in IT, how can you look to put something like this into your resume or
137 | portfolio?
138 |
--------------------------------------------------------------------------------
/src/u14b.md:
--------------------------------------------------------------------------------
1 |
8 |
9 | ## Objective
10 | Expand your Ansible skills by creating a self-documenting automation system that:
11 | - Collects system information from multiple servers
12 | - Stores the results in timestamped reports
13 | - Sends the output via a webhook to simulate automation integration with external systems (like Slack, Discord, or CI/CD pipelines)
14 |
15 | ---
16 |
17 | ## Part 1: System Info Playbook
18 |
19 | Create a new file `collect_info.yaml` with the following content:
20 |
21 | ```yaml
22 | ---
23 | - name: Collect system info and log results
24 | hosts: servers
25 | gather_facts: yes
26 | vars:
27 | outdir: /tmp/ansible_reports
28 | tasks:
29 | - name: Ensure output directory exists
30 | file:
31 | path: "{{ outdir }}"
32 | state: directory
33 | mode: '0755'
34 |
35 | - name: Create system report
36 | copy:
37 | content: |
38 | Hostname: {{ ansible_hostname }}
39 | IP: {{ ansible_default_ipv4.address }}
40 | Uptime: {{ ansible_uptime_seconds }} seconds
41 | Memory: {{ ansible_memtotal_mb }} MB
42 | dest: "{{ outdir }}/report_{{ inventory_hostname }}_{{ ansible_date_time.iso8601_basic_short }}.txt"
43 | ```
44 |
45 | Run the playbook with:
46 |
47 | ```bash
48 | ansible-playbook -i hosts -k collect_info.yaml
49 | ```
50 |
51 | ---
52 |
53 | ## Part 2: Webhook Integration
54 |
55 | Send a short success message to a Discord webhook when the job completes.
56 |
57 | Append this task to the end of your `tasks:` list in `collect_info.yaml`:
58 |
59 | ```yaml
60 | - name: Notify via webhook
61 | uri:
62 | url: https://discord.com/api/webhooks/your_webhook_url
63 | method: POST
64 | headers:
65 | Content-Type: "application/json"
66 | body_format: json
67 | body:
68 | content: "Ansible report job completed for {{ inventory_hostname }} at {{ ansible_date_time.iso8601 }}"
69 | ```
70 |
71 | Replace `your_webhook_url` with your actual Discord webhook.
72 |
73 | ---
74 |
75 | ## Bonus Challenge
76 |
77 | - Modify the playbook to install a package (`htop`, `tree`, or `vim`) **only if it’s missing**.
78 | - Schedule the playbook to run nightly using `cron` or a `systemd` timer.
79 |
--------------------------------------------------------------------------------
/src/u14intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 14 - Ansible Automation
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | This unit introduces **Ansible Automation**, a powerful open-source tool used for IT automation, configuration management, and application deployment. By the end of this unit, you will understand how to implement Ansible in enterprise environments to manage Linux infrastructure efficiently.
13 |
14 | 1. **Configuration Management:** Automate system configurations across multiple hosts.
15 | 2. **Infrastructure as Code (IaC):** Define infrastructure using Ansible playbooks.
16 | 3. **Automation:** Execute tasks across multiple systems in an efficient, repeatable manner.
17 |
18 | ## Learning Objectives
19 |
20 | ---
21 |
22 | By the end of this unit, you should be able to:
23 |
24 | - Set up and configure Ansible on a Linux system.
25 | - Understand Ansible inventory and playbooks.
26 | - Automate common administrative tasks.
27 | - Use ad-hoc commands and Ansible modules effectively.
28 |
29 | ## Relevance & Context
30 |
31 | ---
32 |
33 | 1. **Consistency:** Automate repetitive tasks to ensure uniform configurations.
34 | 2. **Scalability:** Manage thousands of servers with minimal manual intervention.
35 | 3. **Security & Compliance:** Enforce policies and reduce misconfigurations.
36 |
37 | ## Prerequisites
38 |
39 | ---
40 |
41 | Before beginning this unit, ensure you understand:
42 |
43 | 1. Basic Linux command-line operations.
44 | 2. SSH and remote system management.
45 | 3. YAML syntax and basic scripting.
46 |
47 | ## Key Terms and Definitions
48 |
49 | ---
50 |
51 | **Playbook**
52 |
53 | **Task**
54 |
55 | **Inventory**
56 |
57 | **Ad-hoc Commands**
58 |
59 | **Roles**
60 |
--------------------------------------------------------------------------------
/src/u14lab.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 14 Lab - Ansible Automation
5 |
6 |
7 |
8 | > If you are unable to finish the lab in the ProLUG lab environment we ask you `reboot`
9 | > the machine from the command line so that other students will have the intended environment.
10 |
11 | ### Resources / Important Links
12 |
13 | - [Ansible Documentation](https://docs.ansible.com/)
14 | - [Killercoda - Ansible Labs](https://killercoda.com/het-tanis/course/Ansible-Labs)
15 | - [HPC_Deploy Repo](https://github.com/het-tanis/HPC_Deploy.git)
16 |
17 | ### Required Materials
18 |
19 | - Rocky 9.4+ - ProLUG Lab
20 | - Or comparable Linux box
21 | - root or sudo command access
22 |
23 | #### Downloads
24 |
25 | The lab has been provided for convenience below:
26 |
27 | - 📥 u14_lab(`.pdf`)
28 | - 📥 u14_lab(`.docx`)
29 |
30 | ### Warmup Exercises
31 |
32 | Quickly run through your system and familiarize yourself:
33 |
34 | ```bash
35 | mkdir /root/ansible_madness
36 | cd /root/ansible_madness
37 | dnf whatprovides ansible # Where is Ansible installed from?
38 | ansible --version # What version of Ansible is installed?
39 | ansible- # What other ansible-* tools are available?
40 | ansible localhost -m shell -a uptime # Compare with standalone `uptime`
41 | ansible -vvv localhost -m shell -a uptime # What extra info does -vvv show?
42 | ```
43 |
44 | ### Lab Exercises
45 |
46 | #### Create an Inventory File
47 |
48 | While in `/root/ansible_madness`, create a file called `hosts`:
49 |
50 | ```bash
51 | vi /root/ansible_madness/hosts
52 | ```
53 |
54 | Add the following contents:
55 |
56 | ```ini
57 | [servers]
58 | 192.168.200.101
59 | 192.168.200.102
60 | 192.168.200.103
61 | ```
62 |
63 | ### Run Ad Hoc Commands
64 |
65 | #### Test connectivity into the servers:
66 |
67 | ```bash
68 | ansible servers -i hosts -u inmate -k -m shell -a uptime
69 | ```
70 |
71 | - Use password: `LinuxR0cks1!`
72 |
73 | Verbose version:
74 |
75 | ```bash
76 | ansible -vvv servers -i hosts -u inmate -k -m shell -a uptime
77 | ```
78 |
79 | #### Create a Playbook to Push Files
80 |
81 | 1. Create a test file:
82 |
83 | ```bash
84 | echo "This is my file " > somefile
85 | ```
86 |
87 | 2. Create `deploy.yaml`:
88 |
89 | ```yaml
90 | ---
91 | - name: Start of push playbook
92 | hosts: servers
93 | vars:
94 | gather_facts: True
95 | become: False
96 | tasks:
97 | - name: Copy somefile over at {{ ansible_date_time.iso8601_basic_short }}
98 | copy:
99 | src: /root/ansible_madness/somefile
100 | dest: /tmp/somefile.txt
101 | ```
102 |
103 | 3. Run the playbook:
104 |
105 | ```bash
106 | ansible-playbook -i hosts -k deploy.yaml
107 | ```
108 |
109 | 4. Verify the file was pushed everywhere:
110 |
111 | ```bash
112 | ansible servers -i hosts -u inmate -k -m shell -a "ls -l /tmp/somefile"
113 | ```
114 |
115 | #### Pull Down a GitHub Repo
116 |
117 | ```bash
118 | git clone https://github.com/het-tanis/HPC_Deploy.git
119 | cd HPC_Deploy
120 | ```
121 |
122 | Then reflect:
123 |
124 | - What do you see in here?
125 | - What do you need to learn more about to deploy some of these tools?
126 | - Can you execute some of these? Why or why not?
127 |
128 | > Be sure to `reboot` the lab machine from the command line when you are done.
129 |
--------------------------------------------------------------------------------
/src/u14ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 14 Worksheet - Ansible Automation
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Official Ansible Documentation](https://docs.ansible.com/)
18 | - [Ansible GitHub Repository](https://github.com/ansible/ansible)
19 | - [YAML Syntax Guide](https://yaml.org/)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document(s) can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u14_worksheet(`.txt`)
28 | - 📥 u14_worksheet(`.docx`)
29 |
30 | ### Unit 14 Recording
31 |
32 |
42 |
43 | #### Discussion Post 1
44 |
45 | Refer to your Unit 5 scan of the systems.
46 |
47 |
48 |
49 | You know that Ansible is a tool that you want to maintain in the environment. Review this
50 | online documentation:
51 |
52 |
53 |
54 |
55 |
56 | 1. Make an inventory of the servers, grouped any way you like.
57 | 2. What format did you choose to use for your inventory?
58 | 3. What other things might you include later in your inventory to make it more useful?
59 |
60 | #### Discussion Post 2
61 |
62 |
63 |
64 | You have been noticing drift on your server configurations, so you want a way to generate a report on them every day to validate the configurations are the same.
65 |
66 |
67 |
68 | Use any lab in here to find ideas:
69 |
70 | #### Discussion Post 3
71 |
72 | Using ansible module for git, pull down this repo:
73 |
74 | 1. How is the repo setup?
75 | 2. What is in the roles directory?
76 | 3. How are these playbooks called, and how do roles differ from tasks?
77 |
78 |
79 | Submit your input by following the link below.
80 |
81 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
82 |
83 |
84 |
85 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
86 |
87 | ## Definitions
88 |
89 | Automation:
90 |
91 | Consistency:
92 |
93 | Dev/Ops:
94 |
95 | Timelines:
96 |
97 | Git:
98 |
99 | Repository:
100 |
101 | Ad-hoc:
102 |
103 | Playbook:
104 |
105 | Task:
106 |
107 | Role:
108 |
109 | SSH (Secure Shell):
110 |
111 | WinRM (Windows Remote Management):
112 |
113 | ## Digging Deeper (Optional)
114 |
115 | 1. I have a large amount of labs to get you started on your Ansible Journey (all free):
116 |
117 |
118 | 2. Find projects from our channel Ansible-Code, in Discord and find something that is interesting to you.
119 |
120 | 3. Use Ansible to access secrets from Hashicorp Vault:
121 |
122 |
123 | ## Reflection Questions
124 |
125 | 1. What questions do you still have about this week?
126 |
127 | 2. How can you apply this now in your current role in IT?
128 |
129 | 3. If you’re not in IT, how can you look to put something like this into your resume or portfolio?
130 |
--------------------------------------------------------------------------------
/src/u15intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 15 - Troubleshooting
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | In this unit, we focus on **incident management, root cause analysis, and troubleshooting frameworks**. These are foundational skills for Linux administrators who are responsible for maintaining system reliability and responding effectively to issues.
13 |
14 | You’ll explore structured approaches like the **Scientific Method**, **5 Whys**, **FMEA**, and **PDCA**, as well as methodologies like **Six Sigma**, **TQM**, and systems thinking. We’ll also look at tools for visual problem solving, including the **Fishbone Diagram** and **Fault Tree Analysis**, and discuss how data types play a role in investigations.
15 |
16 | ## Learning Objectives
17 |
18 | ---
19 |
20 | **By the end of this unit, you will be able to**:
21 |
22 | - Apply the **Scientific Method** to real-world troubleshooting scenarios
23 | - Understand and use structured methods like **FMEA**, **5 Whys**, and **PDCA**
24 | - Differentiate between **continuous and discrete data** in diagnostics
25 | - Use visual tools like **Fishbone Diagrams** and **Fault Tree Analysis** to trace causes
26 | - Explain the **OSI model** as it applies to layered troubleshooting
27 | - Leverage concepts from **Six Sigma** and **5S methodology** to organize your workflows
28 | - Document and communicate incidents effectively with post-mortem writeups
29 |
30 | ## Relevance & Context
31 |
32 | ---
33 |
34 | Troubleshooting is not guesswork — it’s a discipline. Whether you’re debugging a failed deployment or analyzing a high watermark in system performance, incident management requires both technical skill and structured reasoning.
35 |
36 | This unit bridges **engineering troubleshooting** and **administrative troubleshooting**, providing multiple models to approach problems methodically. These frameworks are used by professionals across industries to maintain uptime, solve complex problems, and continuously improve system reliability.
37 |
38 | ## Prerequisites
39 |
40 | ---
41 |
42 | **Before starting Unit 15, you should have**:
43 |
44 | - A working knowledge of **Linux system administration**
45 | - Familiarity with logs, alerts, and system metrics
46 | - Understanding of basic **monitoring and baseline performance concepts**
47 | - Comfort using Linux command-line tools and interpreting output
48 |
49 | ## Key Terms and Definitions
50 |
51 | ---
52 |
53 | **Incident**
54 |
55 | **Problem**
56 |
57 | **FMEA**
58 |
59 | **Six Sigma**
60 |
61 | **TQM**
62 |
63 | **Post Mortem**
64 |
65 | **Scientific Method**
66 |
67 | **Iterative**
68 |
69 | **Discrete data**
70 | - Ordinal
71 | - Nominal (binary - attribute)
72 |
73 | **Continuous data**
74 |
75 | **Risk Priority Number (RPN)**
76 |
77 | **5 Whys**
78 |
79 | **Fishbone Diagram (Ishikawa)**
80 |
81 | **Fault Tree Analysis (FTA)**
82 |
83 | **PDCA**
84 |
85 | **SIPOC**
86 |
--------------------------------------------------------------------------------
/src/u15lab.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 15 Lab - Troubleshooting
5 |
6 |
7 |
8 |
9 | ## No lab for unit 15. Work on your [projects](./project.md).
10 |
11 | ### Required Materials
12 |
13 | - Rocky 9.4+ - ProLUG Lab
14 | - Or comparable Linux box
15 | - root or sudo command access
16 |
17 |
--------------------------------------------------------------------------------
/src/u15ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 15 Worksheet - Process Imporovment
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Six Sigma Intro](https://www.sixsigmacouncil.org/wp-content/uploads/2018/08/Six-Sigma-A-Complete-Step-by-Step-Guide.pdf)
18 |
19 | #### Downloads
20 |
21 | The worksheet has been provided below. The document(s) can be transposed to
22 | the desired format so long as the content is preserved. For example, the `.txt`
23 | could be transposed to a `.md` file.
24 |
25 | - 📥 u15_worksheet(`.txt`)
26 | - 📥 u15_worksheet(`.docx`)
27 |
28 | ### Unit 2 Recording
29 |
30 |
39 |
40 | #### Unit 2 Discussion Post #1
41 |
42 | Scenario:
43 |
44 |
45 |
46 | Your management is all fired up about implementing some Six Sigma processes around the company. You decide to familiarize yourself and get some basic understanding to pass along to your team
47 | [Six Sigma Intro](https://www.sixsigmacouncil.org/wp-content/uploads/2018/08/Six-Sigma-A-Complete-Step-by-Step-Guide.pdf)
48 |
49 |
50 |
51 | 1. Page 56 – What about the “5S” methodology might help us as a team of system administrators? (Think of your virtual or software workspaces)
52 | 2. Page 94 - What are the four layers of process definition? How would you explain them to your junior engineers?
53 |
54 |
55 | Submit your input by following the link below.
56 |
57 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
58 |
59 |
60 |
61 | - [Link to Discussion Post 1](https://discord.com/channels/611027490848374811/1365776270800977962)
62 |
63 | #### Unit 2 Discussion Post #2
64 |
65 | Your team looks at a lot of visual data. You decide to write up an explanation for them to explain what they look at.
66 |
67 | 1. What is a high water mark? Why might it be good to know in utilization of systems?
68 | 2. What is an upper and lower control limit in a system output? While this isn’t exactly
69 | what we’re looking at, why might it be good to explain to your junior engineers
70 |
71 |
72 | Submit your input by following the link below.
73 |
74 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
75 |
76 |
77 |
78 | - [Link to Discussion Post 2](https://discord.com/channels/611027490848374811/1320140864303140916)
79 |
80 | ## Definitions
81 |
82 | ---
83 |
84 | Incident:
85 |
86 | Problem:
87 |
88 | FMEA:
89 |
90 | Six Sigma:
91 |
92 | TQM:
93 |
94 | Post Mortem:
95 |
96 | Scientific Method:
97 |
98 | Iterative:
99 |
100 | Discrete data:
101 |
102 | Ordinal:
103 |
104 | Nominal (binary – attribute):
105 |
106 | Continuous data:
107 |
108 | Risk Priority Number (RPN):
109 |
110 | 5 Whys:
111 |
112 | Fishbone Diagram (Ishikawa):
113 |
114 | Fault Tree Analysis (FTA):
115 |
116 | PDCA:
117 |
118 | SIPOC:
119 |
120 | ## Digging Deeper
121 |
122 | ---
123 |
124 | 1. Spend more time in [Six Sigma Intro](https://www.sixsigmacouncil.org/wp-content/uploads/2018/08/Six-Sigma-A-Complete-Step-by-Step-Guide.pdf)
125 | a. Page 243 – Starts looking at visual data analysis.
126 | 2. Get your White belt (Free) Six Sigma Certification.
127 |
128 | ## Reflection Questions
129 |
130 | ---
131 |
132 | 1. What questions do you still have about this week?
133 | 2. How can you apply this now in your current role in IT? If you’re not in IT, how can you look to put something like this into your resume or portfolio?
134 |
--------------------------------------------------------------------------------
/src/u16intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 16 - Incident Response
5 |
6 |
7 |
8 | ## Under Construction
9 |
--------------------------------------------------------------------------------
/src/u16ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 16 Worksheet - Incident Response
5 |
6 |
7 |
8 | ## Under Construction
9 |
--------------------------------------------------------------------------------
/src/u1ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 1 Worksheet - Linux File Operations
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [What is Vim?](https://github.com/vim/vim)
18 | - [The Linux Foundation](https://www.linux.org/pages/download/)
19 | - [Linux CLI Cheatsheets](https://www.digitalocean.com/community/tutorials/linux-commands)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document(s) can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u1_worksheet(`.txt`)
28 | - 📥 u1_worksheet(`.docx`)
29 |
30 | ### Unit 1 Recording
31 |
32 |
42 |
43 | #### Discussion Post #1
44 |
45 | Using a 0-10 system, rate yourself on how well you think you know each topic in the table below. (You do not have to post this rating).
46 |
47 |
64 |
65 | Next, answer these questions here:
66 |
67 | 1. What do you hope to learn in this course?
68 |
69 | 2. What type of career path are you shooting for?
70 |
71 | #### Discussion Post #2
72 |
73 | 1. Post a job that you are interested in from a local job website. (link or image)
74 |
75 | 2. What do you know how to do in the posting?
76 |
77 | 3. What don't you know how to do in the posting?
78 |
79 | 4. What are you doing to close the gap? What can you do to remedy the difference?
80 |
81 |
82 | Submit your input by following the link below.
83 |
84 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
85 |
86 |
87 |
88 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1098309490681598072)
89 |
90 | ### Start thinking about your project ideas (more to come in future weeks):
91 |
92 | Topics:
93 |
94 | 1. System Stability
95 | 2. System Performance
96 | 3. System Security
97 | 4. System monitoring
98 | 5. Kubernetes
99 | 6. Programming/Automation
100 |
101 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
102 |
103 | ## Definitions
104 |
105 | ---
106 |
107 | Kernel:
108 |
109 | Kernel Args:
110 |
111 | OS Version:
112 |
113 | Modules:
114 |
115 | Mount Points:
116 |
117 | Text Editor:
118 |
119 | ## Digging Deeper
120 |
121 | ---
122 |
123 | 1. Use vimtutor and see how far you get. What did you learn that you did not know about vi/vim?
124 |
125 | 2. Go to and see how far you get. What did you learn that you did not already know about vi/vim?
126 |
127 | 3. Go to and see how far you get with vim. What did you learn that you did not already know about vi/vim?
128 |
129 | ## Reflection Questions
130 |
131 | ---
132 |
133 | 1. What questions do you still have about this week?
134 |
135 | 2. How are you going to use what you’ve learned in your current role?
136 |
--------------------------------------------------------------------------------
/src/u2intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 2 - Essential Tools
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | This unit centers on a focus on security and troubleshooting.
13 |
14 | - The use of **SELinux** for implementing mandatory access controls, managing file permissions with **ACLs (Access Control Lists)**,
15 | - Understanding operational methodologies for incident triage.
16 |
17 | ## Learning Objectives
18 |
19 | ---
20 |
21 | 1. **Understand and Configure SELinux:**
22 |
23 | - Grasp the core concepts of SELinux, including security contexts, labels, and its role in enforcing mandatory access control.
24 | - Learn how to configure and troubleshoot SELinux settings to ensure system security and compliance.
25 |
26 | 2. **Master Access Control Lists (ACLs):**
27 |
28 | - Recognize the limitations of traditional Unix permissions and how ACLs provide granular control over file and directory access.
29 | - Develop skills in applying and managing ACLs in a complex Linux environment.
30 |
31 | 3. **Develop Effective Troubleshooting Methodologies:**
32 |
33 | - Acquire techniques to diagnose and resolve system access issues, particularly those arising from SELinux policies and ACL misconfigurations.
34 | - Apply structured troubleshooting strategies to ensure minimal downtime and maintain high availability.
35 |
36 | 4. **Integrate Theoretical Knowledge with Practical Application:**
37 |
38 | - Engage with interactive exercises, discussion prompts, and real-world scenarios to reinforce learning.
39 | - Utilize external resources, such as technical documentation and instructional videos, to supplement hands-on practice.
40 |
41 | 5. **Enhance Collaborative Problem-Solving Skills:**
42 |
43 | - Participate in peer discussions and reflective exercises to compare different approaches to system administration challenges.
44 | - Learn to articulate and document troubleshooting processes and system configurations for continuous improvement.
45 |
46 | 6. **Build a Foundation for Advanced Security Practices:**
47 | - Understand how SELinux and ACLs fit into the broader context of system security and operational stability.
48 | - Prepare for more advanced topics by reinforcing the fundamental skills needed to manage and secure Red Hat Enterprise Linux environments.
49 |
50 | These objectives aim to ensure that learners not only acquire specific technical skills but also develop a holistic understanding of how to secure and manage Linux systems in enterprise settings.
51 |
52 | ## Relevance & Context
53 |
54 | ---
55 |
56 | For Linux administrators and engineers, mastering SELinux and ACLs is essential because these tools add critical layers of security and control over system resources. By understanding how to use security contexts and labels, professionals can:
57 |
58 | - **Enhance System Security:** Implementing SELinux helps mitigate vulnerabilities by enforcing strict access controls.
59 |
60 | - **Troubleshoot Access Issues:** Knowledge of ACLs and SELinux enables the identification and resolution of permission-related issues, which are common in complex, multi-user environments.
61 |
62 | - **Improve System Reliability:** Understanding these concepts supports the broader goal of maintaining high availability and operational stability, especially when systems must operate under varying security configurations.
63 |
64 | ## Prerequisites
65 |
66 | ---
67 |
68 | Before engaging with this unit, readers should have a foundational understanding of:
69 |
70 | - **Basic Linux Commands and File System Structure:** Familiarity with navigating Linux directories, managing files, and using the terminal.
71 |
72 | - **Traditional Unix Permissions:** A solid grasp of the standard user/group/other permission model.
73 |
74 | - **Fundamental Security Principles:** An introductory knowledge of concepts like Discretionary Access Control (DAC) and Mandatory Access Control (MAC), which provide the groundwork for understanding SELinux.
75 |
76 | - **Basic Troubleshooting Techniques:** Experience with diagnosing and resolving common system issues will be beneficial when applying the methodologies discussed in the unit.
77 |
78 | ## Key terms and Definitions
79 |
80 | ---
81 |
82 | **SELinux (Security-Enhanced Linux)**
83 |
84 | **Access Control Lists (ACLs)**
85 |
86 | **Security Contexts**
87 |
88 | **Mandatory Access Control (MAC)**
89 |
90 | **Discretionary Access Control (DAC)**
91 |
92 | **Uptime**
93 |
94 | **Standard Streams (stdin, stdout, stderr)**
95 |
96 | **High Availability (HA)**
97 |
98 | **Service Level Objectives (SLOs)**
99 |
100 | **Troubleshooting Methodologies**
101 |
--------------------------------------------------------------------------------
/src/u2ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 2 Worksheet - Essential Tools
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Bash Reference Manual](https://www.gnu.org/software/bash/manual/bash.html)
18 | - [Security Enhanced Linux](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/using_selinux/getting-started-with-selinux_using-selinux#getting-started-with-selinux_using-selinux)
19 |
20 | #### Downloads
21 |
22 | The worksheet has been provided below. The document(s) can be transposed to
23 | the desired format so long as the content is preserved. For example, the `.txt`
24 | could be transposed to a `.md` file.
25 |
26 | - 📥 u2_worksheet(`.txt`)
27 | - 📥 u2_worksheet(`.docx`)
28 |
29 | ### Unit 2 Recording
30 |
31 |
40 |
41 | #### Unit 2 Discussion Post #1
42 |
43 | Think about how week 1 went for you.
44 |
45 | 1. Do you understand everything that needs to be done?
46 |
47 | 2. Do you need to allocate more time to the course, and if so, how do you plan to do it?
48 |
49 | 3. How well did you take notes during the lecture? Do you need to improve this?
50 |
51 | #### Unit 2 Discussion Post #2
52 |
53 | Read a blog, check a search engine, or ask an AI about SELinux.
54 | What is the significance of contexts? What are the significance of labels?
55 |
56 | Scenario:
57 |
58 |
59 |
60 | You follow your company instructions to add a new user to a set of 10 Linux
61 | servers. They cannot access just one of the servers.
62 |
63 | When you review the differences in the servers you see that the server they
64 | cannot access is running SELINUX. On checking other users have no problem
65 | getting into the system.
66 |
67 | You find nothing in the documentation (typical) about this different system or
68 | how these users are accessing it.
69 |
70 |
71 |
72 | What do you do?
73 | Where do you check?
74 |
75 | You may use any online resources to help you answer this. This is not a trick
76 | and it is not a “one answer solution”. This is for you to think through.
77 |
78 |
79 | Submit your input by following the link below.
80 |
81 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
82 |
83 |
84 |
85 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1098309490681598072)
86 |
87 | ### Start thinking about your project ideas (more to come in future weeks):
88 |
89 | Topics:
90 |
91 | 1. System Stability
92 | 2. System Performance
93 | 3. System Security
94 | 4. System monitoring
95 | 5. Kubernetes
96 | 6. Programming/Automation
97 |
98 | You will research, design, deploy, and document a system that improves your administration of Linux systems in some way.
99 |
100 | ## Definitions
101 |
102 | ---
103 |
104 | Uptime:
105 |
106 | Standard input (stdin):
107 |
108 | Standard output (stdout):
109 |
110 | Standard error (stderr):
111 |
112 | Mandatory Access Control (MAC):
113 |
114 | Discretionary Access Control (DAC):
115 |
116 | Security contexts (SELinux):
117 |
118 | SELinux operating modes:
119 |
120 | ## Digging Deeper
121 |
122 | ---
123 |
124 | 1. How does troubleshooting differ between system administration and system
125 | engineering? To clarify, how might you troubleshoot differently if you know a
126 | system was previously running correctly. If you’re building a new system out?
127 |
128 | 2. Investigate a troubleshooting methodology, by either Google or AI search.
129 | Does the methodology fit for you in an IT sense, why or why not?
130 |
131 | ## Reflection Questions
132 |
133 | ---
134 |
135 | 1. What questions do you still have about this week?
136 |
137 | 2. How are you going to use what you’ve learned in your current role?
138 |
--------------------------------------------------------------------------------
/src/u3ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 3 Worksheet - LVM and Raid
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Google SRE Book - Implementing SLOs](https://sre.google/workbook/implementing-slos/)
18 | - [AWS High Availability Architecture Guide](https://docs.aws.amazon.com/pdfs/whitepapers/latest/real-time-communication-on-aws/real-time-communication-on-aws.pdf)
19 | - [Red Hat High Availability Cluster Configuration](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/configuring_and_managing_high_availability_clusters/index)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u3_worksheet(`.txt`)
28 | - 📥 u3_worksheet(`.docx`)
29 |
30 | ### Unit 3 Recording
31 |
32 |
42 |
43 | #### Discussion Post #1
44 |
45 | Scan the chapter [here](https://google.github.io/building-secure-and-reliable-systems/raw/ch17.html) for keywords and pull out what you think will help you to better understand how to triage an incident.
46 |
47 | Read the section called "Operation Security" in this same chapter: [Building Secure and Reliable Systems](https://google.github.io/building-secure-and-reliable-systems/raw/ch17.html)
48 |
49 | 1. What important concepts do you learn about how we behave during an
50 | operational response to an incident?
51 |
52 | #### Discussion Post #2
53 |
54 | Ask Google, find a blog, or ask an AI about high availability. (Here's one if you need it: [AWS Real-Time Communication Whitepaper](https://docs.aws.amazon.com/pdfs/whitepapers/latest/real-time-communication-on-aws/real-time-communication-on-aws.pdf#high-availability-and-scalability-on-aws)
55 |
56 | 1. What are some important terms you read about? Why do you think understanding
57 | HA will help you better in the context of triaging incidents?
58 |
59 |
60 | Submit your input by following the link below.
61 |
62 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
63 |
64 |
65 |
66 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1098309490681598072)
67 |
68 | ## Definitions
69 |
70 | ---
71 |
72 | Five 9's:
73 |
74 | Single Point of Failure (SPOF):
75 |
76 | Key Performance Indicators (KPIs):
77 |
78 | Service Level Indicator (SLI):
79 |
80 | Service Level Objective (SLO):
81 |
82 | Service Level Agreement (SLA):
83 |
84 | Active-Standby:
85 |
86 | Active-Active:
87 |
88 | Mean Time to Detect (MTTD):
89 |
90 | Mean Time to Recover/Restore (MTTR):
91 |
92 | Mean Time Between Failures (MTBF):
93 |
94 | ## Digging Deeper
95 |
96 | ---
97 |
98 | 1. If uptime is so important to us, why is it so important to us to also understand how our systems can fail? Why would we focus on the thing that does not drive uptime?
99 |
100 | 2. Start reading about SLOs: [Implementing SLOs](https://sre.google/workbook/implementing-slos/)
101 | How does this help you operationally?
102 | Does it make sense that keeping systems within defined parameters will help keep
103 | them operating longer?
104 |
105 | ## Reflection Questions
106 |
107 | ---
108 |
109 | 1. What questions do you still have about this week?
110 |
111 | 2. How are you going to use what you've learned in your current role?
112 |
--------------------------------------------------------------------------------
/src/u4intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 4 - Operating Running Systems
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | This unit concentrates on the core tasks involved in **operating running systems** in a Linux environment, particularly with Red Hat Enterprise Linux (RHEL). It covers:
13 |
14 | - Understanding resource usage CPU, memory, disk I/O.
15 |
16 | - Become familiar with service management frameworks.
17 |
18 | ## Learning Objectives
19 |
20 | ---
21 |
22 | 1. **Monitor and Manage System Resources:**
23 |
24 | - Learn to track CPU, memory, disk, and network usage.
25 | - Understand how to troubleshoot performance bottlenecks.
26 |
27 | 2. **Master Service and Process Control:**
28 |
29 | - Gain proficiency with systemd for managing services and understanding dependency trees.
30 | - Acquire the ability to identify, start, stop, and restart services and processes as needed.
31 |
32 | 3. **Configure and Interpret System Logs:**
33 |
34 | - Explore journald and syslog-based logging to collect and store vital system events.
35 | - Develop techniques to analyze log files for troubleshooting and security assessments.
36 |
37 | 4. **Implement Scheduling and Automation:**
38 | Use `cron`, `at`, and `systemd` timers to automate recurring tasks.
39 | Understand how automated job scheduling improves reliability and reduces manual intervention.
40 |
41 | These objectives ensure learners can sustain, troubleshoot, and improve actively running Linux systems
42 | within enterprise environments, reducing downtime and increasing system reliability.
43 |
44 | ## Relevance & Context
45 |
46 | ---
47 |
48 | Operating running systems is central to any Linux administrator’s responsibilities for several reasons:
49 |
50 | **System Stability and Performance:**
51 |
52 | - Continuous monitoring and immediate remediation of issues ensure critical services remain available and performant.
53 |
54 | **Proactive Problem Resolution:**
55 |
56 | - Effective log management and automation allow administrators to detect anomalies early, schedule essential maintenance, and minimize disruptions.
57 |
58 | **Security and Compliance:**
59 |
60 | - Logs are often the first line of evidence in security auditing and breach investigations.
61 | - Regularly reviewing and correlating logs is crucial to maintaining a secure environment.
62 |
63 | **Enterprise Uptime and Reliability:**
64 |
65 | - In production environments, even brief outages can lead to significant operational and financial impacts.
66 | - Proper management of running systems ensures high availability and robust service delivery.
67 |
68 | ## Prerequisites
69 |
70 | ---
71 |
72 | Before tackling the tasks of operating running systems, learners should possess:
73 |
74 | - **Command-Line Proficiency:**
75 | Familiarity with fundamental shell commands, directory structures, and file management is critical to executing system operations efficiently.
76 |
77 | - **Basic text editing skills:**
78 | Ability to utilize `vi`, `vim`, or comparable text editing tool. Understanding of vi, vim, or comparable editing tool shortcuts and commands.
79 |
80 | - **Aware of system components:**
81 | Familiarity with computer hardware concepts such as computer processors, memory, and storage.
82 |
83 | ## Key Terms and Definitions
84 |
85 | ---
86 |
87 | **Systemd**
88 |
89 | **Journalctl**
90 |
91 | **Cron / At / Systemd Timers**
92 |
93 | **Daemon**
94 |
--------------------------------------------------------------------------------
/src/u4ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 4 Worksheet - Operating Running Systems
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Operations Bridge](https://cio-wiki.org/wiki/Operations_Bridge)
18 | - [Security Incident Cheatsheet](https://zeltser.com/media/docs/security-incident-survey-cheat-sheet.pdf?msc=Cheat+Sheet+Blog)
19 | - [Battle Drills](https://en.wikipedia.org/wiki/Battle_drill)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document(s) can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u4_worksheet(`.txt`)
28 | - 📥 u4_worksheet(`.docx`)
29 |
30 | ### Unit 4 Recording
31 |
32 |
42 |
43 | #### Discussion Post #1
44 |
45 | Read this article:
46 |
47 | 1. What terms and concepts are new to you?
48 |
49 | 2. Which pro seems the most important to you? Why?
50 |
51 | 3. Which con seems the most costly, or difficult to overcome to you? Why?
52 |
53 | #### Discussion Post #2
54 |
55 | Scenario:
56 |
57 |
58 |
59 | Your team has no documentation around how to check out a server during an incident.
60 | Write out a procedure of what you think an operations person should be doing on the
61 | system they suspect is not working properly.
62 |
63 |
64 |
65 | This may help, to get you started
66 | You may use AI for this, but let us know if you do.
67 |
68 |
69 | Submit your input by following the link below.
70 |
71 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
72 |
73 |
74 |
75 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1098309490681598072)
76 |
77 | ## Definitions
78 |
79 | ---
80 |
81 | Detection:
82 |
83 | Response:
84 |
85 | Mitigation:
86 |
87 | Reporting:
88 |
89 | Recovery:
90 |
91 | Remediation:
92 |
93 | Lessons Learned:
94 |
95 | After action review:
96 |
97 | Operations Bridge:
98 |
99 | ## Digging Deeper
100 |
101 | ---
102 |
103 | 1. Read about battle drills here
104 |
105 | 2. Why might it be important to practice incident handling before an incident occurs?
106 |
107 | 3. Why might it be important to understand your tools before an incident occurs?
108 |
109 | ## Reflection Questions
110 |
111 | ---
112 |
113 | 1. What questions do you still have about this week?
114 |
115 | 2. How much better has your note taken gotten since you started?
116 | What do you still need to work on? Have you started using a different tool?
117 | Have you taken more notes?
118 |
--------------------------------------------------------------------------------
/src/u5intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 5 Lab - Managing Users and Groups
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | This unit focuses on managing user's environments and scanning and enumerating Systems.
13 |
14 | - Become familiar with networking scanning tools
15 | - Understand the functionality systems files and customized .(dot) files.
16 |
17 | ## Learning Objectives
18 |
19 | ---
20 |
21 | 1. **Become familiar with Networking mapping:**
22 |
23 | - Learn how to find your network inventory by using nmap.
24 | - Grasp the basics of targeted scans by scanning virtual boxes and creating a report.
25 |
26 | 2. **Explore the system files:**
27 |
28 | - Understand the structure of the /etc/passwd file by using the cat command.
29 | - Customize the /etc/skel file to create a default shell environment for the users.
30 |
31 | ## Prerequisites
32 |
33 | ---
34 |
35 | - Basic understanding of networking.
36 | - Familiarity with nmap.
37 | - Intermediate understanding of file manipulation commands.
38 | - General idea of bash scripting.
39 |
40 | ## Key Terms and Definitions
41 |
42 | ---
43 |
44 | **Footprinting**
45 |
46 | **Scanning**
47 |
48 | **Enumeration**
49 |
50 | **System Hacking**
51 |
52 | **Escalation of Privilege**
53 |
54 | **Rule of Least Privilege**
55 |
56 | **Covering Tracks**
57 |
58 | **Planting Backdoors**
59 |
--------------------------------------------------------------------------------
/src/u5ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 5 Worksheet - Managing Users and Groups
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [OWASP Top Ten](https://owasp.org/www-project-top-ten/)
18 | - [attack.mitre.org](https://attack.mitre.org/)
19 | - [Attack Vectors](https://www.cobalt.io/blog/defending-against-23-common-attack-vectors)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document(s) can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u5_worksheet(`.txt`)
28 | - 📥 u5_worksheet(`.docx`)
29 |
30 | ### Unit 5 Recording
31 |
32 |
42 |
43 | #### Discussion Post #1
44 |
45 | Review the page:
46 |
47 | 1. What terms and concepts are new to you?
48 |
49 | 2. Why, as a system administrator and not directly in security, do you think it’s so important to understand how your systems can be attacked? Isn’t it someone else’s problem to think about that?
50 |
51 | 3. What impact to the organization is data exfiltration? Even if you’re not a data owner or data custodian, why is it so important to understand the data on your systems?
52 |
53 | #### Discussion Post #2
54 |
55 | Find a blog or article on the web that discusses the user environment in Linux.
56 | You may want to search for `.bashrc` or (dot) environment files in Linux.
57 |
58 | 1. What types of customizations might you setup for your environment? Why?
59 |
60 | 2. What problems can you anticipate around helping users with their dot files?
61 |
62 |
63 | Submit your input by following the link below.
64 |
65 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
66 |
67 |
68 |
69 | [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
70 |
71 | ## Definitions
72 |
73 | ---
74 |
75 | Footprinting:
76 |
77 | Scanning:
78 |
79 | Enumeration:
80 |
81 | System Hacking:
82 |
83 | Escalation of Privilege:
84 |
85 | Rule of least privilege:
86 |
87 | Covering Tracks:
88 |
89 | Planting Backdoors:
90 |
91 | ## Digging Deeper
92 |
93 | ---
94 |
95 | Map the Internal ProLUG Network (`192.168.200.0/24`):
96 |
97 | 1. Map the network from one of the rocky nodes.
98 | Using a template that you build or find from the internet, provide a 1 page summary
99 | of what you find in the network.
100 |
101 | 2. Read this page:
102 |
103 | - What is the OWASP Top Ten?
104 | - Why is this important to know as a system administrator?
105 |
106 | 3. Read this article:
107 |
108 | - What is an attack vector?
109 | - Why might it be a good idea to keep up to date with these?
110 |
111 | ## Reflection Questions
112 |
113 | ---
114 |
115 | 1. What questions do you still have about this week?
116 | 2. How are you going to use what you’ve learned in your current role?
117 |
--------------------------------------------------------------------------------
/src/u6b.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 6 Bonus - Terminal Multiplexors
5 |
6 |
7 |
8 | > **NOTE:** This is an **optional** bonus section. You **do not** need to read it, but if you're interested in digging deeper, this is for you.
9 |
10 | Enhance productivity by enabling the management of multiple sessions and windows from a single remote session.
11 |
12 | ## Key Features of Terminal Multiplexors
13 |
14 | ---
15 |
16 | ### Create Multiple Windows/Panes 🪟
17 |
18 | Split your terminal into panes (or windows) so you can run different commands or tasks simultaneously.
19 |
20 | ### Detach and Reattach Sessions 🪝
21 |
22 | You can detach from a session (e.g., when you log out of a remote server), and later reattach to it exactly as you left it.
23 |
24 | ### Persistence of Long-Running Tasks
25 |
26 | If your network connection drops, the tasks keep running on the server, and you can reattach to them later.
27 |
28 | ### Collaborate
29 |
30 | Some terminal multiplexers allow multiple users to connect to the same session, enabling collaborative work on a single system.
31 |
32 | ## Popular Terminal Multiplexors
33 |
34 | ---
35 |
36 | ### Tmux
37 |
38 | - Is widely used by developers and system administrators for its flexible configuration and vibrant community support.
39 | - Its popularity also stems from its straightforward scripting capabilities, making it highly useful for automation.
40 |
41 | #### Tmux Resources
42 |
43 | Tmux, a terminal multiplexer written in C, emerged around 2007, noted for its customizable configuration and scripting. Despite its popularity and flexibility, users occasionally report stability issues and complex scripting. Tmux, crafted in 2007 by Nicholas Marriott in C, marked an evolution from GNU Screen. Its flexible configuration appeals to system admins, despite some users finding the setup syntax intricate. Tmux, created by Nicholas Marriott in 2007, is a C-based terminal multiplexer famous for its configuration flexibility and scripting prowess, but newcomers often find its syntax intricate.
44 |
45 | - [Tmux Wiki](https://github.com/tmux/tmux/wiki)
46 | - [Tmux Cheatsheet](https://tmuxcheatsheet.com/)
47 |
48 | ### GNU Screen
49 |
50 | GNU Screen, created by Oliver Laumann in 1987 and written in C, became one of the first mainstream terminal multiplexers, remaining a staple in many Linux distributions. Praised for its stability and included by default in numerous systems, it can still be considered less intuitive in configuration compared to newer options like tmux.
51 |
52 | - is one of the original terminal multiplexers and remains popular due to its reliable, time-tested features.
53 | - It continues to be bundled with many Linux distributions by default, contributing to its enduring user base.
54 |
55 | #### GNU Screen Resources
56 |
57 | - [GNU Screen Site](https://www.gnu.org/software/screen/)
58 | - [GNU Screen Manual](https://www.gnu.org/software/screen/manual/screen.html)
59 |
60 | ### Zellij
61 |
62 | Zellij, first released in 2020 and written in Rust, is a newcomer to the terminal multiplexer space that focuses on an intuitive UI and easy collaboration. While its modern approach and built-in layout management offer clear advantages over older tools, its relatively small community and limited ecosystem may pose challenges for widespread adoption.
63 |
64 | - Although not yet included in the default repositories of all distributions, Zellij is rapidly gaining visibility because of its modern design and user-friendly layout management.
65 | - Its growing ecosystem of plugins and emphasis on collaboration make it an attractive choice for developers seeking a more advanced terminal multiplexer.
66 |
67 | #### Zellij Resources
68 |
69 | - [Zellij Site](https://zellij.dev/)
70 |
71 | ## Downloads
72 |
--------------------------------------------------------------------------------
/src/u6intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 6 - Firewalls
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | This unit focuses on Nohup environments and firewalls.
13 |
14 | - We will cover Nohup tools and how to properly use Nohup environments.
15 | - We will explore different types of firewalls and learn the use cases for each firewall type.
16 |
17 | ## Learning Objectives
18 |
19 | ---
20 |
21 | 1. **Become familiar with the `nohup` command:**
22 |
23 | - Learn real-life use cases of the `nohup` command.
24 | - Understand the correlation between jump boxes and Nohup environments, including `screen` and `tmux`.
25 |
26 | 2. **Implement and manage Nohup environments:**
27 |
28 | - Learn how `nohup` allows processes to continue running after a user logs out, ensuring that long-running tasks are not interrupted.
29 | - Develop skills in managing background processes effectively using `nohup`, `screen`, and `tmux`.
30 |
31 | 3. **Develop effective troubleshooting methodologies:**
32 | - Acquire systematic approaches to diagnosing firewall misconfigurations, network connectivity issues, and unauthorized access attempts.
33 | - Apply structured troubleshooting strategies to minimize downtime and maintain high availability.
34 |
35 | ## Prerequisites
36 |
37 | ---
38 |
39 | - A basic understanding of how processes work.
40 | - Familiarity with the `firewalld` service.
41 | - The ability to understand `.xml` files.
42 |
43 | ## Key Terms and Definitions
44 |
45 | ---
46 |
47 | **Firewall**
48 |
49 | **Zone**
50 |
51 | **Service**
52 |
53 | **DMZ (Demilitarized Zone)**
54 |
55 | **Proxy**
56 |
57 | **Stateful Packet Filtering**
58 |
59 | **Stateless Packet Filtering**
60 |
61 | **WAF (Web Application Firewall)**
62 |
63 | **NGFW (Next-Generation Firewall)**:
64 |
--------------------------------------------------------------------------------
/src/u6ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 6 Worksheet - Firewalls
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Official Firewalld Documentation](https://firewalld.org/documentation/)
18 | - [RedHat Firewalld Documentation](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_firewalls_and_packet_filters/using-and-configuring-firewalld_firewall-packet-filters)
19 | - [Official UFW Documentation](https://help.ubuntu.com/community/UFW)
20 | - [Wikipedia entry for Next-Gen Firewalls](https://en.wikipedia.org/wiki/Next-generation_firewall)
21 |
22 | #### Downloads
23 |
24 | The worksheet has been provided below. The document(s) can be transposed to
25 | the desired format so long as the content is preserved. For example, the `.txt`
26 | could be transposed to a `.md` file.
27 |
28 | - 📥 u6_worksheet(`.txt`)
29 | - 📥 u6_worksheet(`.docx`)
30 |
31 | ### Unit 6 Recording
32 |
33 |
43 |
44 | #### Discussion Post #1
45 |
46 | Scenario:
47 |
48 |
49 |
50 | A ticket has come in from an application team. Some of the servers your team built for them last week
51 | have not been reporting up to enterprise monitoring and they need it to be able to troubleshoot a current
52 | issue, but they have no data. You jump on the new servers and find that your engineer built everything
53 | correctly and the agents for node_exporter, ceph_exporter and logstash exporter that your teams use. But,
54 | they also have adhered to the new company standard of firewalld must be running. No one has documented the
55 | ports that need to be open, so you’re stuck between the new standards and fixing this problem on live systems.
56 |
57 |
58 |
59 | Next, answer these questions here:
60 |
61 | 1. As you’re looking this up, what terms and concepts are new to you?
62 |
63 | 2. What are the ports that you need to expose? How did you find the answer?
64 |
65 | 3. What are you going to do to fix this on your firewall?
66 |
67 | #### Discussion Post #2
68 |
69 | Scenario:
70 |
71 |
72 |
73 | A manager heard you were the one that saved the new application by fixing the firewall. They get your manager
74 | to approach you with a request to review some documentation from a vendor that is pushing them hard to run a
75 | WAF in front of their web application. You are “the firewall” guy now, and they’re asking you to give them a
76 | review of the differences between the firewalls you set up (which they think should be enough to protect them)
77 | and what a WAF is doing.
78 |
79 |
80 |
81 | 1. What do you know about the differences now?
82 |
83 | 2. What are you going to do to figure out more?
84 |
85 | 3. Prepare a report for them comparing it to the firewall you did in the first discussion.
86 |
87 |
88 | Submit your input by following the link below.
89 |
90 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
91 |
92 |
93 |
94 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
95 |
96 | ## Definitions
97 |
98 | ---
99 |
100 | Firewall:
101 |
102 | Zone:
103 |
104 | Service:
105 |
106 | DMZ:
107 |
108 | Proxy:
109 |
110 | Stateful packet filtering:
111 |
112 | Stateless packet filtering:
113 |
114 | WAF:
115 |
116 | NGFW:
117 |
118 | ## Digging Deeper
119 |
120 | ---
121 |
122 | 1. Read
123 | What new things did you learn that you didn’t learn in the lab?
124 | What functionality of firewalld are you likely to use in your professional work?
125 |
126 | ## Reflection Questions
127 |
128 | ---
129 |
130 | 1. What questions do you still have about this week?
131 | 2. How are you going to use what you’ve learned in your current role?
132 |
--------------------------------------------------------------------------------
/src/u7intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 7 - Package Management & Patching
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | Managing software on a Linux system involves two essential practices: package management and patching. Together, they ensure that systems remain functional, up-to-date, and secure by handling software installation, updates, and vulnerability remediation.
13 |
14 | - **Package Management:** the system used to install, upgrade, configure, and remove software packages while automatically resolving dependencies and maintaining system consistency.
15 |
16 | - **Patching:** the process of applying updates to software packages or the kernel to fix bugs, close security vulnerabilities, or improve performance.
17 |
18 | -
19 |
20 | ## Learning Objectives
21 |
22 | ---
23 |
24 | 1. **Become Familiar with Package Management:**
25 |
26 | - In this unit you will see what comprises a RPM, YUM, and RPM package and how professional administrators carefully choose what is installed on a system.
27 |
28 | 2. **Become Familiar with Patching:**
29 |
30 | - Learn about general patching cycles.
31 | - Understand why it matters to inpsect packages and associated dependancies.
32 | - Get hands on with inspecting packages.
33 |
34 | ## Relevance & Context
35 |
36 | ---
37 |
38 | The skills taught in this unit are indispensable for several reasons:
39 |
40 | - **Efficient System Management:**
41 | The RHEL environment is typically managed via the command line. Proficiency in the CLI, along with an in-depth understanding of the file system, is crucial for daily tasks like system configuration, package management (using tools such as YUM or DNF), and remote troubleshooting.
42 |
43 | - **Security and Stability:**
44 | Editing configuration files, managing system services, and monitoring logs are all critical tasks that ensure the secure and stable operation of RHEL systems. A robust understanding of these basics is necessary to mitigate risks and ensure compliance with enterprise security standards.
45 |
46 | - **Professional Certification & Career Growth:**
47 | For those pursuing certifications like the Red Hat Certified System Administrator (RHCSA) or Red Hat Certified Engineer (RHCE), these foundational skills are not only testable requirements but also a stepping stone for more advanced topics such as automation (using Ansible), container management (with Podman or OpenShift), and performance tuning.
48 |
49 | - **Operational Excellence:**
50 | In enterprise settings where uptime and rapid incident response are paramount, having a solid grasp of these fundamentals enables administrators to quickly diagnose issues, apply fixes, and optimize system performance—thereby directly impacting business continuity and service quality.
51 |
52 | ## Prerequisites
53 |
54 | ---
55 |
56 | - Lab Access
57 | - Basic understanding of install or update software using DNF.
58 | - Familiarity with terminal commands and accessing `man` pages.
59 | - Basic understanding of editing config files using vi.
60 |
61 | ## Key terms and Definitions
62 |
63 | ---
64 |
65 | **Yum**
66 |
67 | **DNF**
68 |
69 | **Repo**
70 |
71 | **GPG Key**
72 |
73 | **Software dependency**
74 |
75 | **Software version**
76 |
77 | **Semantic Version**
78 |
--------------------------------------------------------------------------------
/src/u7ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 7 Worksheet - Package Management & Patching
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Semantic Versioning](https://semver.org/)
18 | - [Rocky Documentation](https://docs.rockylinux.org/)
19 | - [Rocky DNF Guidance](https://docs.rockylinux.org/guides/package_management/dnf_package_manager/)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document(s) can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u7_worksheet(`.txt`)
28 | - 📥 u7_worksheet(`.docx`)
29 |
30 | ### Unit 7 Recording
31 |
32 |
42 |
43 | #### Discussion Post #1
44 |
45 | 1. Why is software versioning so important to software security?
46 |
47 | 2. Can you find 3 reasons, from the internet, AI, or your peers?
48 |
49 | #### Discussion Post #2
50 |
51 | Scenario:
52 |
53 |
54 |
55 | You are new to a Linux team. A ticket has come in from an application team and has
56 | already been escalated to your manager.
57 |
58 | They want software installed on one of their servers but you cannot find any
59 | documentation. Your security team is out to lunch and not responding.
60 |
61 | You remember from some early documentation that you read that all the software in the
62 | internal repos you currently have are approved for deployment on servers.
63 | You want to also verify by checking other servers that this software exists.
64 |
65 | This is an urgent task and your manager is hovering.
66 |
67 |
68 |
69 | 1. How can you check all the repos on your system to see which are active?
70 |
71 | 2. How would you check another server to see if the software was installed there?
72 |
73 | 3. If you find the software, how might you figure out when it was installed? (Time/Date)
74 |
75 | #### Discussion Post #3
76 |
77 | Scenario:
78 |
79 |
80 |
81 | Looking at the concept of group install from DNF or Yum.
82 | Why do you think an administrator may never want to use that in a running system?
83 | Why might an engineer want to or not want to use that?
84 | This is a thought exercise, so it’s not a “right or wrong” answer it’s for you to think about.
85 |
86 |
87 |
88 | 1. What is the concept of software bloat, and how do you think it relates?
89 |
90 | 2. What is the concept of a security baseline, and how do you think it relates?
91 |
92 | 3. How do you think something like this affects performance baselines?
93 |
94 |
95 | Submit your input by following the link below.
96 |
97 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
98 |
99 |
100 |
101 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
102 |
103 | ## Definitions
104 |
105 | ---
106 |
107 | Yum:
108 |
109 | DNF:
110 |
111 | Repo:
112 |
113 | GPG Key:
114 |
115 | Software dependency:
116 |
117 | Software version:
118 |
119 | Semantic Version:
120 |
121 | ## Digging Deeper
122 |
123 | ---
124 |
125 | 1. What is semantic versioning?
126 |
127 | ## Reflection Questions
128 |
129 | ---
130 |
131 | 1. What questions do you still have about this week?
132 |
133 | 2. How does security as a system administrator differ from what you expected?
134 |
--------------------------------------------------------------------------------
/src/u8ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 8 Worksheet - Scripting
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [TLDP Bash Beginner's Guide](https://tldp.org/LDP/Bash-Beginners-Guide/html/chap_01.html)
18 | - [devhints.io - Bash Scripting Cheatsheet](https://devhints.io/bash)
19 | - [Bash Hacker's Wiki](https://web.archive.org/web/20230406205817/https://wiki.bash-hackers.org/)
20 |
21 | #### Downloads
22 |
23 | The worksheet has been provided below. The document(s) can be transposed to
24 | the desired format so long as the content is preserved. For example, the `.txt`
25 | could be transposed to a `.md` file.
26 |
27 | - 📥 u8_worksheet(`.txt`)
28 | - 📥 u8_worksheet(`.docx`)
29 |
30 | ### Unit 8 Recording
31 |
32 |
42 |
43 | #### Discussion Post #1
44 |
45 | Scenario:
46 |
47 |
48 |
49 | It’s a 2 week holiday in your country and most of the engineers and architects who designed the system are out of town.
50 |
51 | You’ve noticed a pattern of logs filling up on a set of web servers from increased traffic.
52 | Your research shows, and then you verify, that the logs are being sent off real time to Splunk.
53 | Your team has just been deleting the logs every few days, but one of the 3rd shift engineers didn’t
54 | read the notes and your team suffered downtime.
55 |
56 | How might you implement a simple fix to stop gap the problem before all the engineering resources come back next week?
57 |
58 |
59 |
60 | 1. What resources helped you answer this?
61 |
62 | 2. Why can’t you just make a design fix and add space in /var/log on all these systems?
63 |
64 | 3. Why can’t you just make a design change and logrotate more often so this doesn’t happen?
65 |
66 | 4. For 2,3 if you are ok with that, explain your answer. (This isn’t a trick, maybe there is a valid reason.)
67 |
68 | #### Discussion Post #2
69 |
70 | Scenario:
71 |
72 |
73 |
74 | You are the only Linux Administrator at a small healthcare company.
75 | The engineer/admin before you left you a lot of scripts to untangle.
76 | This is one of our many tasks as administrators, so you set out to accomplish it.
77 | You start to notice that he only ever uses nested `if` statements in bash.
78 |
79 | You also notice that every loop is a conditional `while true`, and then he breaks the loop after a decision test each loop.
80 | You know his stuff works, but you think it could be more easily written for supportability, for you and future admins.
81 | You decide to write up some notes by reading some google, AI, and talking to your peers.
82 |
83 |
84 |
85 | 1. Compare the use of nested if versus case statement in bash.
86 |
87 | 2. Compare the use of conditional and counting loops. Under what circumstances would you use one or the other?
88 |
89 |
90 | Submit your input by following the link below.
91 |
92 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
93 |
94 |
95 |
96 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
97 |
98 | ## Definitions
99 |
100 | ---
101 |
102 | Variables:
103 |
104 | Interpreted program:
105 |
106 | Compiled program:
107 |
108 | Truth table:
109 |
110 | AND/OR logic:
111 |
112 | Single/Dual/Multiple alternative logic:
113 |
114 | ## Digging Deeper
115 |
116 | ---
117 |
118 | 1. Read:
119 |
120 | -
121 | -
122 | -
123 |
124 | What did you learn about capabilities of bash that can help you in your scripting?
125 |
126 | 2. If you want to dig more into truth tables and logic, this is a good start:
127 |
128 | ## Reflection Questions
129 |
130 | ---
131 |
132 | 1. What questions do you still have about this week?
133 |
134 | 2. Just knowing a lot about scripting doesn’t help much against actually doing it in
135 | a practical sense.
136 | What things are you doing currently at work or in a lab that you can apply some of
137 | this logic to?
138 |
--------------------------------------------------------------------------------
/src/u9intro.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 9 - Containerization on Linux
5 |
6 |
7 |
8 | ## Overview
9 |
10 | ---
11 |
12 | In this unit, we dive into the modern world of containerization, focusing on **Podman**—an open-source, daemon-less container engine. As Linux administrators, understanding containerization is crucial for supporting developers, managing production systems, and deploying services efficiently.
13 |
14 | We’ll explore what containers are, how to manage them, and how to build container images.
15 |
16 | ## Relevance & Context
17 |
18 | Containerization is a critical part of modern IT, powering development pipelines **(CI/CD)**, cloud deployments, and microservices. As Linux system administrators, we are expected to support and troubleshoot containers, manage container infrastructure, and ensure smooth operations across development and production environments.
19 |
20 | This unit focuses on **Podman**, a secure, rootless, and daemon-less alternative to Docker, widely used in enterprise environments like Red Hat and Rocky Linux. Whether you work in a NOC, DevOps, or traditional SysAdmin role, understanding containerization is essential to being an effective part of any IT team.
21 |
22 | ## Learning Objectives
23 |
24 | ---
25 |
26 | By the end of this unit, you will be able to:
27 |
28 | - Explain what containers are and how they fit into modern Linux system administration
29 | - Run and manage Podman containers, including starting, stopping, and inspecting containers
30 | - Build custom container images using Dockerfiles and Podman
31 | - Analyze container processes, logs, and network interactions for troubleshooting
32 |
33 | ## Prerequisites
34 |
35 | ---
36 |
37 | Before starting Unit 9, you should have:
38 |
39 | - Basic understanding of Linux command line and shell operations
40 | - Familiarity with package management and system services on RHEL-based systems (Rocky/Red Hat)
41 | - Root or sudo access to a Linux system (Rocky 9 or equivalent)
42 | - Completed previous units on system administration fundamentals (file permissions, processes, networking)
43 | - Optional but recommended: Initial exposure to virtualization or application deployment concepts
44 |
45 | ## Key Terms and Definitions
46 |
47 | ---
48 |
49 | **Containers**
50 |
51 | **Virtual Machines**
52 |
53 | **Podman**
54 |
55 | **Images**
56 |
57 | **Dockerfiles**
58 |
59 | **Virtualization**
60 |
61 | **Daemon-less**
62 |
--------------------------------------------------------------------------------
/src/u9ws.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
Unit 9 Worksheet - Containerization on Linux
5 |
6 |
7 |
8 | ## Instructions
9 |
10 | ---
11 |
12 | Fill out the worksheet as you progress through the lab and discussions.
13 | Hold your worksheets until the end to turn them in as a final submission packet.
14 |
15 | ### Resources / Important Links
16 |
17 | - [Dockerfile Reference Page](https://docs.docker.com/reference/dockerfile/)
18 | - [Podman Command List](https://docs.podman.io/en/latest/Commands.html)
19 |
20 | #### Downloads
21 |
22 | The worksheet has been provided below. The document(s) can be transposed to
23 | the desired format so long as the content is preserved. For example, the `.txt`
24 | could be transposed to a `.md` file.
25 |
26 | - 📥 u9_worksheet(`.txt`)
27 | - 📥 u9_worksheet(`.docx`)
28 |
29 | ### Unit 9 Recording
30 |
31 |
41 |
42 | #### Discussion Post #1
43 |
44 | It’s a slow day in the NOC and you have heard that a new system of container deployments are being used by your developers. Do some reading about containers, docker, and podman.
45 |
46 | 1. What resources helped you answer this?
47 |
48 | 2. What did you learn about that you didn’t know before?
49 |
50 | 3. What seems to be the major benefit of containers?
51 |
52 | 4. What seems to be some obstacles to container deployment?
53 |
54 | #### Discussion Post #2
55 |
56 | Scenario:
57 |
58 |
59 |
60 | You get your first ticket about a problem with containers. One of the engineers is trying to move his container up to the Dev environment shared server. He sends you over this information about the command he’s trying to run.
61 |
62 | ```plaintext
63 | [developer1@devserver read]$ podman ps
64 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
65 | [developer1@devserver read]$ podman images
66 | REPOSITORY TAG IMAGE ID CREATED SIZE
67 | localhost/read_docker latest 2c0728a1f483 5 days ago 68.2 MB
68 | docker.io/library/python 3.13.0-alpine3.19 9edd75ff93ac 3 weeks ago 47.5 MB
69 | [developer1@devserver read]$ podman run -dt -p 8080:80/tcp docker.io/library/httpd
70 | ```
71 |
72 | You decide to check out the server
73 |
74 | ```plaintext
75 | [developer1@devserver read] ss -ntulp
76 | Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
77 | udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=166693,fd=13))
78 | tcp LISTEN 0 80 127.0.0.1:3306 0.0.0.0:* users:(("mariadbd",pid=234918,fd=20))
79 | tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=166657,fd=3))
80 | tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=166693,fd=14))
81 | tcp LISTEN 0 4096 *:8080 *:* users:(("node_exporter",pid=662,fd=3))
82 | ```
83 |
84 |
85 |
86 | 1. What do you think the problem might be?
87 |
88 | - How will you test this?
89 |
90 | 2. The developer tells you that he’s pulling a local image. Do you find this to be
91 | true, or is something else happening in their `run` command?
92 |
93 |
94 | Submit your input by following the link below.
95 |
96 | The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
97 |
98 |
99 |
100 | - [Link to Discussion Posts](https://discord.com/channels/611027490848374811/1365776270800977962)
101 |
102 | ## Definitions
103 |
104 | ---
105 |
106 | Container:
107 |
108 | Docker:
109 |
110 | Podman:
111 |
112 | CI/CD:
113 |
114 | Dev/Prod Environments (Development/Production Environments):
115 |
116 | Dockerfile:
117 |
118 | Docker/Podman images:
119 |
120 | Repository:
121 |
122 | ## Digging Deeper
123 |
124 | ---
125 |
126 | 1. Find a blog on deployment of some service or application in a container that interests you.
127 | See if you can get the deployment working in the lab.
128 |
129 | - What worked well?
130 | - What did you have to troubleshoot?
131 | - What documentation can you make to be able to do this faster next time?
132 |
133 | 2. Run this scenario and play with K3s:
134 |
135 | ## Reflection Questions
136 |
137 | ---
138 |
139 | 1. What questions do you still have about this week?
140 |
141 | 2. How can you apply this now in your current role in IT? If you’re not in IT, how
142 | can you look to put something like this into your resume or portfolio?
143 |
--------------------------------------------------------------------------------
/src/unitindex.md:
--------------------------------------------------------------------------------
1 |
3 | 
98 |
99 | - Is your system hardened in this capacity?
100 | - How did you check?
101 | - Did the fix check work for you?
102 | - How did you check?
103 |
104 | 2. Remove unneeded Software
105 |
106 | - Read about cowsay – `man cowsay`
107 | - Remove cowsay – `dnf remove cowsay`
108 |
109 | 
110 |
111 | #### Rescan to validate change
112 |
113 | `ssh` into a Rocky sever
114 |
115 | ```bash
116 | cd /opt/scc
117 | time ./cscc
118 |
119 | # ---- Wait over an hour ------
120 |
121 | cd /root/SCC/sessions #find the most recent run
122 | ```
123 |
124 | Look in the results to see output.
125 |
126 | > Be sure to `reboot` the lab machine from the command line when you are done.
127 |
--------------------------------------------------------------------------------
/src/u13ws.md:
--------------------------------------------------------------------------------
1 | 
55 |
56 | 1. Make an inventory of the servers, grouped any way you like.
57 | 2. What format did you choose to use for your inventory?
58 | 3. What other things might you include later in your inventory to make it more useful?
59 |
60 | #### Discussion Post 2
61 |
62 |