Linux usage and administration fundamentals, ver 2.0 – part 2

O tečaju:

Napomena: Tečaj je nastavak tečaja Linux usage and administration fundamentals, ver 2.0 – part 1. Obrađuju se teme koje s temama iz “part 1″ čine jedinstvenu cjelinu, bitne su za sveobuhvatno inicijalno znanje a vremenski nisu stale u taj tečaj.

Korištenje linuxa danas je gotovo univerzalno – koriste ga aplikativaci, developeri, mrežnih inženjeri, običnih korisnika koji npr deployaju docker containere i ostali. S druge strane, često se nedovoljno poznaje linux okolina i njene mogućnosti te stoga se korisnici ne usjećaju “ugodno” kao npr u Windows okruženju.

Cilj ovog tečaja i njegovog prvog dijela (Linux usage and administration fundamentals, ver 2.0 – part1) je pružiti korisniku dovoljno znanje da podignu linux, naprave osnovnu administraciju, nauče koristiti tipične toolove, servise i mogućnosti te time steknu sigurnost za rad u linux okruženju i dodatne prilagodbe. Također, njegovo poznavanje preduvjet je za neke ostale tečajeve vezane za linux, kao npr Understanding and using linux containers and Kubernetes ver 1.1.

Trajanje: 4 dana

Sadržaj:

Lab preparation

Disk partitioning, file systems, booting
• Partitioning MBR disk
• Setting fs type on partition on MBR disk
• Creating filesystem on partition
• Mounting filesystem
• Partitioning GPT disks, creating filesystem on partition, mounting partition
• Using LVM
– Creating partition to be used as PV
– Creating PV, VG, LV
– Creating filesystem on LV, mounting
– Extending VG, LV, FS

BIOS and UEFI booting, grub
• BIOS booting, grub with GPT partition
• Explaining boot process
• Customizing GRUB
• Installing grub on another disk and making another disk bootable
• BIOS booting, grub with MBR partition
• UEFI booting

Systemd
• Concepts
• Unit types
• Service unit type
– Example: simple service
• Targets unit
• Other units

Journal and syslog
• Concepts: syslog vs journal
• journal
• Forwarding to syslog
• Centralizing logs
– Remote rsyslog
– Remote journal

Kernel modules and parameters
• explaining loadable modules vs static modules, loading modules on startup

• setting kernel parameters, sysctl, permanent config

Other tools, services, applications
• Cron
• Rsync
• Backup with rsnapshot
• Snapd

Linux firewall possibilities

• IP tables
• Ufw
• Firewalld
• Nf tables
• Firewalld with nftables

Basics of virtualization with qemu, kvm, libvirt
• virtualization concepts; virtualizing hardware: CPU, controller, disk, cd, memory, network card, display card…
• kvm and qemu
• networking options; linux bridging details, tap interfaces
• manual setup using bridging, NAT, qemu + kvm
• using libvirt, virsh and virt-manager
• configuring and starting vm, installing guest os
• cloning
• snapshots: internal, external snapshots, live disk backup

Additional Linux security mechanisms
• Traditional privilege mechanisms
• Newer kernels and possibilities
• Allowing restricted operations without root access: Linux capabilities
• Restricting access: AppArmor and SELinux
– AppArmor: principles, modes of operation
– Using existing profiles
– Defining own profiles