Ten Tips on Linux Systems Management for SysAdmins
10 Tips On LinuxSystems ManagementFor SysadminsReplace chaos with predictability and cover yourself in glory
This advice follows best practice linux systems management methodologies and can be undertaken in-house or by a specialist partner.
01 | Perform a thorough audit of your current Linux environments including what varieties of distributions, versions and configurations exist and where, why and how they are deployed and managed. This includes all instances of Linux existing and planned, the hardware it sits on and applications it underpins, and how it integrates into the environment. Be sure to document.
02 | Undertake a skills assessment to establish whether the necessary competencies exist in-house or indeed with your service provider. Beware, there are very few service providers that have these competencies themselves and contractors simply can’t offer the integrated services approach.
03 | Evaluate and select one or more Linux distros to consolidate on according to: › In-house skills/familiarity/preferences › Vendor software stack/ecosystem/ roadmap › Third party software legal/support conditions › Commercial features (including pricing and support) and community alternatives › Risk appetite
04 | Design a standard operating environment (SOE) with Core Builds that support defined sets of target hardware, pre-configured services and applications on top of Linux. This will allow you to install the system with the required configuration automatically performed. Core Builds allow systems to be deployed rapidly and in a standardised manner. Reference architectures really help here.
05 | Apply a change management process to ensure consistent and ongoing changes to the Core Builds are applied. This will include a development, QA and deployment cycle for: › New errata or bug fixes › Upgrades to new versions › Authentication/network changes › New application software › New hardware
06 | Select and implement a SOE Management Platform (SOEMP) such as Red Hat Satellite Server and Puppet that provides the Core Build’s quality assurance, deployment and maintenance cycle. It should provide: › A centralised management platform › The ability to manage several Core Builds in parallel › An automated way to deploy errata and configuration changes to Core Build installations › Integration with asset management in order to automatically configure systems
07 | Alongside the SOEMP, consider implementing technologies that provide an organised approach to identity and access management. Centrify, for example, can help you manage and enforce fine-grained control over user access and privileges on Linux systems eliminating the security risks associated with too many users having root permissions. They will provide stronger security, improved compliance and reduced operational costs.
08 | Design and implement monitoring and alerting on your Linux systems. This will allow you to ensure they are functioning optimally and in the event of a failure, you will be alerted allowing you to begin remediation processes before outages affect business processes, end-users, or customers. Nagios is a great Free Open Source Software (FOSS) option.
09 | Maintain the security of your Linux systems at all times through: › Maintenance of optimal security configuration within each of the Core Builds › User identity management › User activity monitoring › Security alarm & event reporting › Data privacy › Audit trail management › Virus & malware management › Denial of service management
10 | Document and share with management and peers the systems management processes and supporting technologies that you have chosen and applied to the Linux environment. Be sure to impress on them that by including fault, configuration, performance and security management in your plan, you are adhering to industry best practice. You can’t do any better than that!
If you have opted to undertake this systemsmanagement process in-house, the right www.linuxit.c omopen source consultancy will offer a best RIDICU IT www.linuxit.co US mpractice Linux assessment service to RIDICULO S LOUS IT REQT ESTSindependently endorse your technologies UE SU REQTHE LY YEARSand processes for complete peace of mind THE EAREARLY YEARSand assurance for you and your organisation.Just for fun, why not downloadour eGuide: RIDICULOUS IT REQUESTS:THE EARLY YEARS NOW! DOWNLOAD NOW