Deploying Ubuntu Server in an Enterprise Environment

5 Day Course
Hands On
Official Unix Curriculum
Code NUBUSERV

This course has been retired. Please go to the Linux category to view similar courses that may be of interest.

Modules

Hide all

Installation (19 topics)

  • Installation
  • Checking hardware requirements
  • Choosing, download and burning an installation CD
  • Running the installer
  • "Expert mode" installation
  • Partitioning: (guided, manual, LVM)
  • Software selection
  • Why is there no root account?
  • Troubleshooting installations
  • ACPI issues
  • CD problems
  • Saving installation logs
  • Diagnosing boot failures
  • Logical Volumes
  • The benefits of logical volumes
  • Architecture
  • Creating physical volumes, volume groups and logical volumes
  • Extending logical volumes
  • Time synchronisation

Debian Package Management (14 topics)

  • What is a Debian package?
  • Low-level package management
  • Installing, listing and removing packages with dpkg
  • Package configuration and re-configuration
  • High-level package management
  • Repository structure: pockets and components
  • The advanced packaging toolkit (APT)
  • Specifying the location of repositories
  • Package dependencies
  • Meta-packages and virtual packages
  • Repository management
  • Creating a local repository
  • Configuring a proxy server
  • Mirroring a repository

Virtualization and Deployment (17 topics)

  • Virtualization
  • Setting up a KVM host
  • Virtual machine management using libvirt
  • Creating a guest
  • Building machine images with ubuntu-vm-builder
  • Creating virtual appliances with JeOS
  • Automated installation
  • Kickstart and pre-seeding
  • Creating a kickstart file
  • Making a kickstart file available to the target installation
  • Installing from a local server
  • Cloning and its limitations
  • Automating Updates
  • Server management using Landscape
  • Obtaining a Landscape account
  • Configuring and registering a Landscape client
  • Accessing a Landscape account

Security, Integrity and Performance (28 topics)

  • User-level security
  • Living without a root login
  • sudo and the sudoers file
  • Ubuntu group memberships and privileges
  • Configuring PAM to enforce password strength
  • Encrypting partitions using the dm-crypt device mapper
  • Constructing a firewall
  • netfilter and iptables
  • Simplifying firewall construction with ufw
  • Testing firewalls with nmap
  • Mandatory access control with AppArmor
  • Discretionary vs Mandatory access control
  • Creating an AppArmor profile
  • Setting enforce mode and complain mode
  • Intrusion detection
  • Verifying file system integrity with AIDE
  • Monitoring log files with logwatch
  • Configuring ssh authentication
  • Configuration management with etckeeper
  • Backup tools and strategies
  • Multi-level backup strategies
  • Using rsync for backups
  • Centralised backup with backuppc and bacula
  • System monitoring and performance tuning
  • Monitoring memory and disk usage
  • Centralised monitoring with nagios and munin
  • Kernel parameter tuning
  • Application-specific tuning

Directory Service and Authentication (17 topics)

  • OpenLDAP
  • OpenLDAP components and architecture
  • Installation and initial configuration
  • Command-line tools (ldapadd and friends)
  • Secure LDAP
  • LDAP with user account management
  • Configuring a client to use LDAP for authentication
  • Replicating an LDAP directory
  • Kerberos
  • Setting up a Key Distribution Centre
  • Primary and secondary servers
  • Adding principals: Hosts, services, users, admin
  • Using LDAP as the backend
  • Active Directory integration
  • Likewise Open
  • Joining a domain
  • Logging in as an A-D user

Prerequisites

Attendees should already have an LPI Level 1 and Level 2 certification or the equivalent training or working knowledge of Solaris, HPUX, Red Hat or other UNIX System Administrator certification. Participants should also have at least two years of active System Administration experience, namely: * SSH * bash scripting * Basic service configuration of Apache, Mysql, DNS, Samba, Postfix, etc... * Working knowledge of TCP/IP networking and configuration * Working knowledge of vi or emacs

Course PDF

Print

Sections