← Back to Course

GL-250

Linux Administration

Detailed Course Outline

Course Length

5 days

Course Description

This comprehensive course is designed to equip learners with a profound understanding of Linux system administration. The course kicks off with foundational concepts such as the Linux Kernel, device management, and the intricacies of systemd, setting the stage for deeper exploration into system boot processes, including GRUB2 and systemd boot. Each section progresses through detailed topics, including hardware discovery, kernel module configuration, and systemd service management, ensuring participants build a robust foundation in managing and configuring the core aspects of a Linux system.

As the course unfolds, it delves into advanced areas such as software maintenance, local and remote storage administration, user and group management, and the critical aspects of security through Pluggable Authentication Modules (PAM) and comprehensive security administration modules. These sections are crafted to cover the essentials of software management using RPM and DNF, the intricacies of LVM & RAID for storage, and the importance of security in system administration, including SELinux and firewall management. The practical application of these concepts is reinforced through targeted lab tasks, where learners apply knowledge to real-world scenarios, enhancing their problem-solving and system management skills.

The course also addresses the dynamic nature of networking and system maintenance, with chapters dedicated to basic and advanced networking concepts, log file administration, and the pivotal aspects of monitoring and troubleshooting. These sections are crucial for understanding how Linux systems interact within networked environments and how administrators can effectively monitor, diagnose, and resolve system issues. This course is designed not just to impart theoretical knowledge but to foster practical skills and critical thinking, preparing learners for the challenges of Linux system administration in real-world environments.

Prerequisites

Students should already be comfortable working in a Linux or Unix environment. Fundamentals such as the Linux filesystem, process management, and how to edit files will not be covered in class. An understanding of network concepts, and the TCP/IP protocol suite is helpful. These skills are taught in the GL120 "Linux Fundamentals" course.

Audience

  • Aspiring System Administrators: Individuals looking to start a career in system administration and seeking a solid foundation in Linux, one of the most popular and widely-used operating systems in server environments.
  • IT Professionals: Those already working in IT fields such as network administration, support, or database management who want to expand their skill set to include Linux system administration to enhance their career prospects and job performance.
  • Developers: Software developers who wish to gain a deeper understanding of the Linux environment, which can help in optimizing applications, managing development environments, or working more effectively with DevOps practices.
  • DevOps Engineers: Professionals in the DevOps space who require a thorough understanding of Linux systems to improve collaboration between development and operations, automate processes, and ensure the reliability and scalability of services.
  • Technology Enthusiasts: Tech enthusiasts or hobbyists interested in deepening their knowledge of Linux internals, system management, and administration to manage personal projects, contribute to open source, or simply satisfy their intellectual curiosity.
  • Cybersecurity Professionals: Security analysts and professionals who need to understand system administration, particularly in Linux, to better secure and manage their organization's IT infrastructure.

Benefits

  • Comprehensive Understanding of Linux Systems: This course offers an in-depth exploration of Linux system administration, particularly focusing on RHEL9, providing students with a broad and detailed understanding of various components, from kernel and device management to advanced networking and security.
  • Hands-on Experience: With lab tasks integrated into each chapter, participants gain practical experience by applying theoretical knowledge to real-world scenarios. This hands-on approach enhances problem-solving skills, familiarizes students with common issues they might face, and teaches them how to troubleshoot effectively.
  • Career Advancement Opportunities: Proficiency in Linux system administration, especially in widely used distributions like RHEL, is highly sought after in the tech industry. Completing this course equips individuals with the skills needed to manage and maintain Linux systems, opening up numerous opportunities in IT infrastructure, cloud services, cybersecurity, and more.
  • Security Expertise: With dedicated modules on security administration and Pluggable Authentication Modules (PAM), learners will develop a strong understanding of security principles, SELinux, firewall management, and security best practices.
  • Networking and Storage Management Skills: The course covers essential networking concepts, storage administration, LVM, RAID, and remote storage solutions, which are critical for designing, implementing, and maintaining scalable and reliable infrastructure.

Distributions

Red Hat Enterprise Linux 9

Detailed Course Outline

Module 1: Linux Kernel & Devices

  • Hardware Discovery Tools, Configuring New Hardware with hwinfo
  • Kernel Hardware Info /sys/, /sys/ Structure, udev
  • Managing Linux Device Files, List Block Devices
  • SCSI Devices, USB Devices, USB Configuration
  • Kernel Modules, Configuring Kernel Components and Modules
  • Handling Module Dependencies, Configuring the Kernel via /proc/
  • Console, Virtual Terminals, Keyboard & locale configuration
  • Serial Ports, Random Numbers and /dev/random

Lab Tasks: Adjusting Kernel Options, Linux Kernel Driver Compilation, Introduction to Troubleshooting Labs, Troubleshooting Practice: Kernel Modules

Module 2: System Overview

  • System Boot Method Overview
  • systemd System and Service Manager
  • Modifying systemd services, Systemd Service Sandboxing Features
  • systemd Targets, Using systemd
  • Linux Runlevels Aliases, Legacy Support for SysV init

Lab Tasks: Managing Services With Systemd's systemctl, Creating a systemd unit file

Module 3: GRUB2/Systemd Boot Process

  • Booting Linux on PCs, GRUB 2, GRUB 2 Configuration
  • The Boot Loader Specification, GRUB 2 Security
  • Boot Parameters, Initial RAM Filesystem, init
  • Systemd local-fs.target and sysinit.target
  • Systemd basic.target and multi-user.target
  • Legacy local bootup script support
  • System Configuration Files
  • RHEL9 Configuration Utilities, SLES15 Configuration Utilities
  • Shutdown and Reboot

Lab Tasks: Boot Process, Booting directly to a bash shell, GRUB Command Line, Basic GRUB Security, Troubleshooting Practice: Boot Process

Module 4: Software Maintenance

  • Managing Software, RPM Features, RPM Architecture
  • RPM Package Files, Working With RPMs
  • Querying and Verifying with RPM, Updating the Kernel RPM
  • Dealing With RPM & YUM Digest Changes
  • DNF Plugins & RHSM Subscription Manager
  • DNF Version Lock Plugin, DNF Repositories
  • DNF Repository Groups
  • Compiling/Installing from Source, Manually Installed Shared Libraries
  • Rebuilding Source RPM Packages

Lab Tasks: Managing Software with RPM, Creating a Custom RPM Repository, Querying the RPM Database, Installing Software via RPM & Source and Rebuilding SRPMs, Troubleshooting Practice: Package Management

Module 5: Local Storage Administration

  • Partitioning Disks with fdisk & gdisk
  • Resizing a GPT Partition with gdisk
  • Partitioning Disks with parted
  • Non-Interactive Disk Partitioning with sfdisk
  • Filesystem Creation, Persistent Block Devices
  • Mounting Filesystems, Resizing Filesystems
  • Filesystem Maintenance, Managing an XFS Filesystem
  • Swap, Filesystem Structures
  • Determining Disk Usage With df and du
  • Configuring Disk Quotas, Setting Quotas
  • Viewing and Monitoring Quotas, XFS Project quotas
  • Filesystem Attributes

Lab Tasks: Creating and Managing Filesystems, Hot Adding Swap, XFS Copy-on-Write, Setting User Quotas, Creating XFS Project Quotas

Module 6: LVM & RAID

  • Logical Volume Management, Implementing LVM
  • Creating Logical Volumes, Activating LVM VGs
  • Exporting and Importing a VG, Examining LVM Components
  • Changing LVM Components, Advanced LVM Overview
  • Advanced LVM: Components & Object Tags
  • Advanced LVM: Automated Storage Tiering
  • Advanced LVM: Thin Provisioning
  • Advanced LVM: Striping & Mirroring, Advanced LVM: RAID Volumes
  • SLES Graphical Disk Tool
  • RAID Concepts, Array Creation with mdadm
  • Software RAID Monitoring, Software RAID Control and Display

Lab Tasks: Creating and Managing LVM Volumes, Creating LVM Thin Volumes, Using Boom to Boot to an LVM Snapshot, Troubleshooting Practice: LVM, Creating and Managing a RAID-5 Array

Module 7: Remote Storage Administration

  • Remote Storage Overview, Remote Filesystem Protocols
  • Remote Block Device Protocols
  • File Sharing via NFS, NFSv4+, NFS Clients
  • NFS Server Configuration, YaST NFS Server Administration
  • Implementing NFSv4, AutoFS, AutoFS Configuration
  • Accessing Windows/Samba Shares from Linux
  • SAN Multipathing, Multipath Configuration
  • Multipathing Best Practices
  • iSCSI Architecture, Open-iSCSI Initiator Implementation
  • iSCSI Initiator Discovery, iSCSI Initiator Node Administration
  • Mounting iSCSI Targets at Boot, iSCSI Multipathing Considerations

Lab Tasks: Using autofs, NFS Server Configuration, iSCSI Initiator Configuration, Multipathing with iSCSI

Module 8: User/Group Administration

  • User and Group Concepts, User Administration
  • Modifying Accounts, Group Administration
  • Password Aging, Default User Files
  • Controlling Login Sessions
  • system-config-authentication, SLES DS Client Configuration
  • System Security Services Daemon (SSSD)

Lab Tasks: User and Group Administration, Using LDAP for Centralized User Accounts, Troubleshooting Practice: Account Management

Module 9: Pluggable Authentication Modules (PAM)

  • PAM Overview, PAM Module Types
  • PAM Order of Processing, PAM Control Statements
  • PAM Modules: pam_unix, pam_nologin.so
  • pam_limits.so, pam_wheel.so, pam_xauth.so

Lab Tasks: Restricting superuser access to wheel group membership, Using pam_nologin to Restrict Logins, Setting Limits with the pam_limits Modules, Using pam_limits to Restrict Simultaneous Logins

Module 10: Security Administration

  • Security Concepts, Tightening Default Security
  • SuSE Security Checker, Security Advisories
  • File Access Control Lists, Manipulating FACLs
  • Viewing FACLs, Backing Up FACLs
  • File Creation Permissions with umask
  • User Private Group Scheme, Alternatives to UPG
  • AppArmor, SELinux Security Framework
  • SELinux Modes, SELinux Commands
  • Choosing an SELinux Policy, SELinux Booleans
  • Permissive Domains, SELinux Policy Tools
  • SUSE Basic Firewall Configuration, FirewallD

Lab Tasks: User Private Groups, Using Filesystem ACLs, Exploring AppArmor, Exploring SELinux Modes, SELinux File Contexts, SELinux Contexts in Action

Module 11: Basic Networking

  • IPv4 Fundamentals, TCP/UDP Fundamentals
  • Linux Network Interfaces, Ethernet Hardware Tools
  • Network Configuration with ip Command
  • Configuring Routing Tables, IP to MAC Address Mapping with ARP
  • Starting and Stopping Interfaces, NetworkManager
  • DNS Clients, DHCP Clients
  • SUSE YaST Network Configuration Tool
  • Network Diagnostics, Information from ss and netstat
  • Hardware and System Clock, Continual Time Sync with NTP
  • Time Synchronization with Chronyd

Lab Tasks: Network Discovery, Using nmcli, Chrony Client Configuration

Module 12: Advanced Networking

  • Multiple IP Addresses, Configuring a DHCP server
  • IPv6, Interface Aggregation
  • Interface Bonding, Network Teaming
  • Interface Bridging, 802.1q VLANS
  • Tuning Kernel Network Settings, TCP Congestion Control

Lab Tasks: Multiple IP Addresses Per Network Interface, Configuring IPv6, TCP Congestion Control, Troubleshooting Practice: Networking

Module 13: Log File Administration

  • System Logging, Systemd Journal
  • systemd Journal's journalctl
  • Secure Logging with Journal's Log Sealing
  • Cockpit - Logs, Rsyslog, /etc/rsyslog.conf
  • Log Management, Log Anomaly Detector
  • Sending logs from the shell

Lab Tasks: Using the systemd Journal, Setting up a Full Debug Logfile, Remote Syslog Configuration, Remote Rsyslog TLS Configuration

Module 14: Monitoring & Troubleshooting

  • System Status - Memory, System Status - I/O
  • System Status - CPU, Performance Trending with sar
  • Determining Service to Process Mapping
  • Realtime Monitoring of Resources – Cgroups
  • Troubleshooting Basics: The Process
  • Troubleshooting Basics: The Tools
  • strace and ltrace, Common Problems
  • Troubleshooting Incorrect File Permissions
  • Inability to Boot, Typos in Configuration Files
  • Corrupt Filesystems
  • RHEL9 Rescue Environment, SUSE Rescue Environment

Lab Tasks: System Activity Reporter

Appendices

  • Appendix A: Pre-Installation Considerations - Hardware compatibility, multi-OS booting, partition and filesystem planning
  • Appendix B: Installing RHEL9 - Anaconda installer, kickstart automation, PXE network booting
  • Appendix C: Installing SLES15 - YaST installer, AutoYaST automation, network installation
  • Appendix D: Manage Virtual Machines - libvirt, virsh, virt-install, libguestfs
  • Appendix E: Backups - Backup software, optical media, tape drives, rsync, tar, cpio, dump/restore
Download PDF Course OutlineRegistrationRequest Private Training

Our Courses

Kubernetes, Cloud-nativeGenerative AIOpenStack, Ceph with OpenStackDevOps: CI/CD, GO, Python