Current_Issue.tar.gz - Administrate Me
As a system administrator, one of my favorite things is to be ignored. No, it's not due to a latent social anxiety disorder or anything; it's just because when the sysadmin doesn't hear from anyone, it means things are working. In fact, if things are going really well, we can forward our phones and spend the afternoon on a beach somewhere. No one would ever miss us.
Sadly, that's not usually how things go. Call it job security, call it bad karma, or just blame Bill Gates—for whatever reason, computers break. Even when they don't break, they get old and wear out. In fact, for most of our workdays (and nights), we system administrators spend our lives in a paranoid state ready for the whole world to fall apart. When that happens, everyone suddenly remembers the sysadmin and suddenly is angry with him or her. That's where this issue of Linux Journal comes into play. With our system administration issue, we try to fortify your paranoia with redundancy, calm your nerves with best practices and teach the fine art of telling the future to determine when a failure is about to happen. If we do a really good job, you might even learn a few ways to prevent disaster before it strikes at all.
Mick Bauer ends his series on building a transparent firewall. The best offense against outside attack is a strong defense, and Mick will make you paranoid enough to make sure your firewall is top notch. Kyle Rankin gets into the networking act this month as well and shows how to bond Ethernet ports together for redundancy or speed. So many servers come with multiple Ethernet ports, it's a waste not to take advantage of them.
When you have a server with multiple bonded NICs, it certainly makes sense to add storage to it as well. Greg Bledsoe describes how to use AoE (ATA over Ethernet) to build your own SAN at a fraction of the cost of buying one. With hard drives connected directly to your network, it takes out a single point of failure and also allows a gradual expansion without the need for buying new chassis.
With Linux acting as a firewall, and Linux acting as a SAN, why not add one more possibility to the mix? Henry Van Styn not only shows us how to turn our Linux box into a switch, but also how to use VLANs in that switch. VLANs are a powerful way to secure network traffic, and with Linux acting as a switch, it also can use the security of VLANs in addition to its other abilities.
But, that's just the networking part of this issue. There's lots more to being a sysadmin than filtering a few packets. Michael J. Hammel shows how to manage KVM deployments with virt-manager. Hardware virtualization is a powerful tool, and thanks to virt-manager, those VMs can be configured with a nice GUI tool from any Linux computer that can access the VM host.
Sometimes it's not just virtual machines that need to be installed, however, and that's where Clonezilla comes in. Jeramiah Bowling demonstrates the ins and outs of Clonezilla, a powerful cloning tool that makes imaging new computers a breeze. When imaging, of course, it's important that your original image is exactly how you want it. Tony Kay's article on Linux swap space is something you'll want to read before creating your master image. We don't usually think much about swap space, but it's more than just a safety net if you happen to run out of RAM. And, of course, no system administrator would be caught dead without backups—lots and lots of backups. Petros Koutoupis explains how to take snapshots with LVM2, which is a neat way to take zero downtime snapshots of your Linux system.
We certainly haven't left out our non-sysadmins this month though. If you've been looking for a viable, open-source replacement for Microsoft Exchange, SOGo might be just the thing you're looking for. Sure, it takes some system administration to install it, but once it's going, SOGo is a tool for the end user. Ludovic Marcotte covers the features of this powerful groupware alternative. When you add to that our regular cast of programmers, like Dave Taylor scripting mortgage calculations and Reuven M. Lerner delving into HTML5, this issue is bound to please. For now, I'm going to take this issue and head to the beach. Don't worry; I'll forward my phones in case anything catastrophic happens. Otherwise, I doubt anyone will miss me.
Shawn Powers is the Associate Editor for Linux Journal. He's also the Gadget Guy for LinuxJournal.com, and he has an interesting collection of vintage Garfield coffee mugs. Don't let his silly hairdo fool you, he's a pretty ordinary guy and can be reached via e-mail at firstname.lastname@example.org. Or, swing by the #linuxjournal IRC channel on Freenode.net.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- The Humble Hacker?
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- ACI Worldwide's UP Retail Payments
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide