FOOBAR INC Specific Advanced Linux User Training
- FOOBAR INC Specific Advanced Linux User Training
Spacewalk
Spacewalk is the upstream for RedHat Satellite Server. It is used as a multi-system controller tool. Systems are registered into spacewalk when they are built. Once registered, spacewalk can push updates and configuration files to systems.
Internally, spacewalk uses channels as a form of categorizing all registered machines. Channels define what packages are installed on a system. So all machines in the same channel have the same packages installed at the same version level.
Spacewalk is a web application found here.
LIN:Top of section
LIN:Top of page
Build new rpm(s) / koji
At FOOBAR INC we use the koji buildsystem to build and manage our RPMS. It allows us to keep track of all of the revisions of all of our packages easily. Each package in koji is tagged with 0 or more tags. These tags allow us to group the packages based on where they are from or what systems are allowed to install them. The tags are translated in to repositories that packages can be installed from. Each tag can also have parent tags which allow us to create a hierarchy of tags. For example, dist-rhel5-updates-testing has dist-rhel5-updates as a parent tag, this means that any package that is tagged with dist-rhel5-updates will automatically be included in dist-rhel5-updates-testing when it is mashed out.
 | Mashing out means the packages in the tag are written to disk as a repository. |
LIN:Top of section
LIN:Top of page
Subversion
Subversion is a full-featured version control system originally designed to be a better CVS.
kickstart
Kickstart is a process to fully automate system installations. It is used by LIN:Spacewalk for automated deployments. Each install produces a files called anaconda_kickstart.cfg that can be used as a template for further deployments.
LIN:Top of section
LIN:Top of page
ldap & jxplorer
LDAP (Lightweight Directory Access Protocol) is a write seldom, read extremely often database process that stores (typically) user login information like username, password, home directory, etc. There is a gui tool used here called jxplorer that makes working with ldap much easier than the command line process. Microsoft's Active Directory uses a variant of ldap. The use of ldap to provide user authentication is controlled by the file /etc/nsswitch. The following lines indicate that ldap is used for any account not in the local /etc/passwd file
passwd: files ldap shadow: files ldap group: files ldap
LIN:Top of section
LIN:Top of page
Nagios/cacti
Nagios is a system health monitoring tool. It reports status back to central collecting server. cacti is a graphing tool that is designed for time-based data. It is used by nagios for it's graphs. The server running Nagios head end is qubit.
LIN:Top of section
LIN:Top of page
DRBD
Distributed Replicated Block Device is a networked data duplication process that runs at the hard drive level. When a drive block is scheduled for writing by the master machine, DRBD automatically writes that same data to remote slave machines using TCP networking. If a slave machine schedules a write, the write is relocated to the master machine and then pushed back down to the slave machine(s). Other than the initial configuration (details in the DRBD link above), the care and feeding of DRBD systems is pretty simple.
LIN:Top of section
LIN:Top of page
Proper shutdown and start procedures
- DRBD works on a master/slave model. In order for the participating machines in the DRBD cluster to know which machine is which, they are configured to use a heartbeat process to alert the slave to take over if the master is down. When the slave systems start up, they look at the heartbeat process and determine if they should be master again. So the order of shutdown and startup is very important.
- h4 Positron and Neutrino
In the server room, the machines positron and neutrino run DRBD. These systems provide print services, LDAP and NFS. Additionally the condor shared directory is also mounted there. - neutrino is the default master and positron is the default slave.
This is the proper procedure to power down and power DRBD systems
To power down the DRBD pair (using
shutdown -h now)- # power down the slave - positron
- # power down the master - neutrino
To power up the DRBD pair
- # power up the master - neutrino - wait at least until the networking is fully running.
- # power up the slave - positron
LIN:Top of section
LIN:Top of page
Update process
All system updates are handled through the Spacewalk server.
- All user workstations will be subscribed to the FOOBAR INC spacewalk server and designated with an update repository. The three repositories are "Testing", "Approved", and "Certified". When an RPM is added to a specific repository, workstations subscribed to that repository will automatically download and install the new RPM.
- Details of the update policy are here
LIN:Top of section
LIN:Top of page
RT (Trouble Ticketing)
RT is a help request tracking tool.
The site is https://rt3/. Please see h. RT
LIN:Top of section
LIN:Top of page
iscsi and fiberchannel
LIN:Top of section
LIN:Top of page
condor/clusters
LIN:Top of section
LIN:Top of page
FOOBAR INC Network
LIN:Top of section
LIN:Top of page
Advanced SELinux - policy writing
Once the basics of SELinux are mastered, the process of writing the actual policy modules begins. This where the process is explained and example exercises are provided on a virtual machine for testing.
virtual machine tools
FOOBAR INC uses 2 main virtualization products.
- VMWARE
- vSphere4 - used for both testing and production environments
- vmplayer - occasionally used by much of the IT staff to provide a windows console
- KVM
- used for the secure CD burning environment. Allows for a private network of 2 windows hosts that manage the USB CD/DVD factories.
- used to provide a windows environment on a set of training liveCDs
Details on implementation and usage are found on the IT wiki, using the links above.
LIN:Top of section
LIN:Top of page
