Virtualization with KVM (Kernel-based Virtual Machine)Novell
As a technical preview, SUSE Linux Enterprise Server 11 contains KVM, which is the next-generation virtualization software delivered with the Linux kernel. In this technical session we will demonstrate how to set up SUSE Linux Enterprise Server 11 for KVM, install some virtual machines and deal with different storage and networking setups.
To demonstrate live migration we will also show a distributed replicated block device (DRBD) setup and a setup based on iSCSI and OCFS2, which are included in SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise 11 High Availability Extension.
Linux Interview Questions And Answers | Linux Administration Tutorial | Linux...Edureka!
This tutorial on Linux Interview Questions and Answers will help you prepare for Linux administration job interviews. Start your preparation by going through the 50 most frequently asked questions on Linux, from this Linux Interview Questions tutorial.
This course gets you started with writing device drivers in Linux by providing real time hardware exposure. Equip you with real-time tools, debugging techniques and industry usage in a hands-on manner. Dedicated hardware by Emertxe's device driver learning kit. Special focus on character and USB device drivers.
Virtualization with KVM (Kernel-based Virtual Machine)Novell
As a technical preview, SUSE Linux Enterprise Server 11 contains KVM, which is the next-generation virtualization software delivered with the Linux kernel. In this technical session we will demonstrate how to set up SUSE Linux Enterprise Server 11 for KVM, install some virtual machines and deal with different storage and networking setups.
To demonstrate live migration we will also show a distributed replicated block device (DRBD) setup and a setup based on iSCSI and OCFS2, which are included in SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise 11 High Availability Extension.
Linux Interview Questions And Answers | Linux Administration Tutorial | Linux...Edureka!
This tutorial on Linux Interview Questions and Answers will help you prepare for Linux administration job interviews. Start your preparation by going through the 50 most frequently asked questions on Linux, from this Linux Interview Questions tutorial.
This course gets you started with writing device drivers in Linux by providing real time hardware exposure. Equip you with real-time tools, debugging techniques and industry usage in a hands-on manner. Dedicated hardware by Emertxe's device driver learning kit. Special focus on character and USB device drivers.
Linux Tutorial For Beginners | Linux Administration Tutorial | Linux Commands...Edureka!
This Linux Tutorial will help you get started with Linux Administration. This Linux tutorial will also give you an introduction to the basic Linux commands so that you can start using the Linux CLI. Do watch the video till the very end to see all the demonstration. Below are the topics covered in this tutorial:
1) Why go for Linux?
2) Various distributions of Linux
3) Basic Linux commands: ls, cd, pwd, clear commands
4) Working with files & directories: cat, vi, gedit, mkdir, rmdir, rm commands
5) Managing file Permissions: chmod, chgrp, chown commands
6) Updating software packages from Linux repository
7) Compressing & Decompressing files using TAR command
8) Environment variables and Regular expressions
9) Starting and killing processes
10) Managing users
11) SSH protocol for accessing remote hosts
The slides begins with introduction to the character drivers and then mentions the various APIs for registering the character driver. Dynamically creating the device file and IOCTL
DTrace and SystemTap are dynamic tracing frameworks available for Solaris and Linux respectively. This session will give an overview of the static DTrace probes available in both Drizzle and MySQL and show numerous examples of scripts that utilize these probes. Mixing dynamic and static probes will also be discussed.
OSNoise Tracer: Who Is Stealing My CPU Time?ScyllaDB
In the context of high-performance computing (HPC), the Operating System Noise (osnoise) refers to the interference experienced by an application due to activities inside the operating system. In the context of Linux, NMIs, IRQs, softirqs, and any other system thread can cause noise to the application. Moreover, hardware-related jobs can also cause noise, for example, via SMIs.
HPC users and developers that care about every microsecond stolen by the OS need not only a precise way to measure the osnoise but mainly to figure out who is stealing cpu time so that they can pursue the perfect tune of the system. These users and developers are the inspiration of Linux's osnoise tracer.
The osnoise tracer runs an in-kernel loop measuring how much time is available. It does it with preemption, softirq and IRQs enabled, thus allowing all the sources of osnoise during its execution. The osnoise tracer takes note of the entry and exit point of any source of interferences. When the noise happens without any interference from the operating system level, the tracer can safely point to a hardware-related noise. In this way, osnoise can account for any source of interference. The osnoise tracer also adds new kernel tracepoints that auxiliaries the user to point to the culprits of the noise in a precise and intuitive way.
At the end of a period, the osnoise tracer prints the sum of all noise, the max single noise, the percentage of CPU available for the thread, and the counters for the noise sources, serving as a benchmark tool.
Kirill Tsym discusses Vector Packet Processing:
* Linux Kernel data path (in short), initial design, today's situation, optimization initiatives
* Brief overview of DPDK, Netmap, etc.
* Userspace Networking projects comparison: OpenFastPath, OpenSwitch, VPP.
* Introduction to VPP: architecture, capabilities and optimization techniques.
* Basic Data Flow and introduction to vectors.
* VPP Single and Multi-thread modes.
* Router and switch for namespaces example.
* VPP L4 protocol processing - Transport Layer Development Kit.
* VPP Plugins.
Kiril is a software developer at Check Point Software Technologies, part of Next Generation Gateway and Architecture team, developing proof of concept around DPDK and FD.IO VPP. He has years of experience in software, Linux kernel and networking development and has worked for Polycom, Broadcom and Qualcomm before joining Check Point.
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
Bpftrace is a relatively new eBPF-based open source tracer for modern Linux versions (kernels 5.x.y) that is useful for analyzing production performance problems and troubleshooting software. Basic usage of the tool, as well as bpftrace one liners and advanced scripts useful for MariaDB DBAs are presented. Problems of MariaDB Server dynamic tracing with bpftrace and some possible solutions and alternative tracing tools are discussed.
Introduction to Linux Kernel by Quontra SolutionsQUONTRASOLUTIONS
Course Duration: 30-35 hours Training + Assignments + Actual Project Based Case Studies
Training Materials: All attendees will receive,
Assignment after each module, Video recording of every session
Notes and study material for examples covered.
Access to the Training Blog & Repository of Materials
Pre-requisites:
Basic Computer Skills and knowledge of IT.
Training Highlights
* Focus on Hands on training.
* 30 hours of Assignments, Live Case Studies.
* Video Recordings of sessions provided.
* One Problem Statement discussed across the whole training program.
* Resume prep, Interview Questions provided.
WEBSITE: www.QuontraSolutions.com
Contact Info: Phone +1 404-900-9988(or) Email - info@quontrasolutions.com
Process Address Space: The way to create virtual address (page table) of user...Adrian Huang
Process Address Space: The way to create virtual address (page table) of userspace application.
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
Virtual File System in Linux Kernel
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
Linux Tutorial For Beginners | Linux Administration Tutorial | Linux Commands...Edureka!
This Linux Tutorial will help you get started with Linux Administration. This Linux tutorial will also give you an introduction to the basic Linux commands so that you can start using the Linux CLI. Do watch the video till the very end to see all the demonstration. Below are the topics covered in this tutorial:
1) Why go for Linux?
2) Various distributions of Linux
3) Basic Linux commands: ls, cd, pwd, clear commands
4) Working with files & directories: cat, vi, gedit, mkdir, rmdir, rm commands
5) Managing file Permissions: chmod, chgrp, chown commands
6) Updating software packages from Linux repository
7) Compressing & Decompressing files using TAR command
8) Environment variables and Regular expressions
9) Starting and killing processes
10) Managing users
11) SSH protocol for accessing remote hosts
The slides begins with introduction to the character drivers and then mentions the various APIs for registering the character driver. Dynamically creating the device file and IOCTL
DTrace and SystemTap are dynamic tracing frameworks available for Solaris and Linux respectively. This session will give an overview of the static DTrace probes available in both Drizzle and MySQL and show numerous examples of scripts that utilize these probes. Mixing dynamic and static probes will also be discussed.
OSNoise Tracer: Who Is Stealing My CPU Time?ScyllaDB
In the context of high-performance computing (HPC), the Operating System Noise (osnoise) refers to the interference experienced by an application due to activities inside the operating system. In the context of Linux, NMIs, IRQs, softirqs, and any other system thread can cause noise to the application. Moreover, hardware-related jobs can also cause noise, for example, via SMIs.
HPC users and developers that care about every microsecond stolen by the OS need not only a precise way to measure the osnoise but mainly to figure out who is stealing cpu time so that they can pursue the perfect tune of the system. These users and developers are the inspiration of Linux's osnoise tracer.
The osnoise tracer runs an in-kernel loop measuring how much time is available. It does it with preemption, softirq and IRQs enabled, thus allowing all the sources of osnoise during its execution. The osnoise tracer takes note of the entry and exit point of any source of interferences. When the noise happens without any interference from the operating system level, the tracer can safely point to a hardware-related noise. In this way, osnoise can account for any source of interference. The osnoise tracer also adds new kernel tracepoints that auxiliaries the user to point to the culprits of the noise in a precise and intuitive way.
At the end of a period, the osnoise tracer prints the sum of all noise, the max single noise, the percentage of CPU available for the thread, and the counters for the noise sources, serving as a benchmark tool.
Kirill Tsym discusses Vector Packet Processing:
* Linux Kernel data path (in short), initial design, today's situation, optimization initiatives
* Brief overview of DPDK, Netmap, etc.
* Userspace Networking projects comparison: OpenFastPath, OpenSwitch, VPP.
* Introduction to VPP: architecture, capabilities and optimization techniques.
* Basic Data Flow and introduction to vectors.
* VPP Single and Multi-thread modes.
* Router and switch for namespaces example.
* VPP L4 protocol processing - Transport Layer Development Kit.
* VPP Plugins.
Kiril is a software developer at Check Point Software Technologies, part of Next Generation Gateway and Architecture team, developing proof of concept around DPDK and FD.IO VPP. He has years of experience in software, Linux kernel and networking development and has worked for Polycom, Broadcom and Qualcomm before joining Check Point.
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
Bpftrace is a relatively new eBPF-based open source tracer for modern Linux versions (kernels 5.x.y) that is useful for analyzing production performance problems and troubleshooting software. Basic usage of the tool, as well as bpftrace one liners and advanced scripts useful for MariaDB DBAs are presented. Problems of MariaDB Server dynamic tracing with bpftrace and some possible solutions and alternative tracing tools are discussed.
Introduction to Linux Kernel by Quontra SolutionsQUONTRASOLUTIONS
Course Duration: 30-35 hours Training + Assignments + Actual Project Based Case Studies
Training Materials: All attendees will receive,
Assignment after each module, Video recording of every session
Notes and study material for examples covered.
Access to the Training Blog & Repository of Materials
Pre-requisites:
Basic Computer Skills and knowledge of IT.
Training Highlights
* Focus on Hands on training.
* 30 hours of Assignments, Live Case Studies.
* Video Recordings of sessions provided.
* One Problem Statement discussed across the whole training program.
* Resume prep, Interview Questions provided.
WEBSITE: www.QuontraSolutions.com
Contact Info: Phone +1 404-900-9988(or) Email - info@quontrasolutions.com
Process Address Space: The way to create virtual address (page table) of user...Adrian Huang
Process Address Space: The way to create virtual address (page table) of userspace application.
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
Virtual File System in Linux Kernel
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
BITS: Introduction to Linux - Text manipulation tools for bioinformaticsBITS
This slide is part of the BITS training session: "Introduction to linux for life sciences."
See http://www.bits.vib.be/index.php?option=com_content&view=article&id=17203890%3Abioperl-additional-material&catid=84&Itemid=284
Diapositivas que describen la seguridad con respecto al software libre, describe los conceptos básicos del software libre como su definición, ventajas y desventajas, su relación con la seguridad y mención de algunos software de seguridad de código abierto.
Part 5 of "Introduction to Linux for Bioinformatics": Working the command lin...Joachim Jacob
This is part 5 of the training "introduction to linux for bioinformatics". Here we introduce more advanced use on the command line (piping, redirecting) and provide you a selection of GNU text mining and analysis tools that assist you tremendously in handling your bioinformatics data. Interested in following this training session? Contact me at http://www.jakonix.be/contact.html
ULTIMA TECNOLOGIA CON SISTEMA DE CONTROL Y AHORRO!! PiD, Sistema inteligente que mantiene la actividad del revelador constante y así garantiza las máximas prestaciones en planchas CTP. El sistema PiD, gracias a su análisis en continuo de los principales parámetros, permite determinar el valor óptimo y justo de dosificación en el tiempo.
RRD Ahorro; Reducción del consumo del revelador en un 65% RRD es un sistema creado para el ahorro de consumo del revelador conjuntamente con el sistema PiD. Basado en la reutilización del revelador que rebosa permite aumentar la eficiencia del uso de químico.
GRAFONLINE Soporte con control remoto del sistema al software de la procesadora, ajustar y analizar sus parámetros, a través de una conexión a internet.
En cuanto a los accesorios como el
Wasted Developer Processor WDT; es el dispositivo que permite reducir la cantidad de producto químico solución en un 80%, reducir en gran medida el costo de eliminación de residuos del liquido revelador lo que permite el uso de bajo costo
del dispositivo con apenas asimismo el agua separada del liquido revelador desperdiciado se puede disponer de manera segura.
Pid-5000 sistema de revelado Inteligente es una función diseñado para mantener la consistencia de la liquido revelador
con el fin de lograr una calidad de procesado de planchas CTP de alta período más largo de tiempo; Pid-5000 'Ex. sólo puede ser operativa sobre GRAFXTRON, incluye en el Procesador de la serie CDN
DFD Developer Cleansing Device; Proporciona limpieza profunda para el liquido revelador, adicionandole mayor eficiencia al revelador, reduce la frecuencia de procesado de la placa de cambio de filtro.
- Capacidad de filtrado fuerte, Más de 20 veces más eficiente que el filtro incorporado en el procesado de la placa.
- No altera característica química del revelador.
- No afecta el desarrollo de la temperatura.
- Función de auto limpieza para el sistema de filtrado.
Sólo apto para la instalación con el sistema de procesamiento GRAFXTRON.
Note: also see https://www.slideshare.net/xen_com_mgr/ossna18-xen-beginners-training-exercise-script
The Xen Project supports some of the biggest clouds in production today and is moving into new industries, like security and automotive. Usually, you will use Xen indirectly as part of a commercial product, a distro, a hosting or cloud service and only indirectly use Xen. By following this session you will learn how Xen and virtualization work under the hood exploring high-level topics like architecture concepts related to virtualization to more technical attributes of the hypervisor like memory management (ballooning), virtual CPUs, scheduling, pinning, saving/restoring and migrating VMs.
Deployment of WebObjects applications on CentOS LinuxWO Community
With the rise of cloud computing and the death of the Xserve, learn how you can deploy your WebObjects applications on a CentOS server. You will also get tips about how to secure your server so that you don't get hack.
Trabajo de fin de Ciclo Formativo Grado Superior en Administración de Sistemas en red (ASIR/ASIX).
El trabajo consiste en un proyecto de virtualizacion de servidores para dar una alta disponibilidad (HA) mediante el sistema Proxmox. El servicio a dar en cuestión finalmente fue de un servidor proxy y web, por falta de tiempo y problemas con la configuración de Zentyal, fue imposible su instalación.
The virtualization can be described in a generic way as a separation of the service request from the underlying physical delivery of that service. In computer virtualization, an additional layer called hypervisor is typically added between the hardware and the operating system. The hypervisor layer is responsible for both sharing of hardware resource and the enforcement of mandatory access control rules based on the available hardware resources.
There are three types of virtualization: full virtualization, para-virtualization and operating system level (OS-level) virtualization.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. About this workshop
• No prior knowledge of Linux necessary
• Lots of Linux flavours, we concentrate on
Ubuntu
• Server, not desktop edition
• 9am to 5pm with a couple of breaks
4. About this workshop
๏ Start with some history and
architecture
๏ Virtual Machines, installation
๏ Remote access
๏ User management
๏ File system
๏ Networking (including Samba)
๏ Backing up
๏ Server software
5. About this workshop
๏ Start with some history and
architecture
๏ Software management: installing,
removing, updating
๏ Virtual Machines, installation
๏ Scheduling jobs through cron
๏ Remote access
๏ Vim
๏ User management
๏ Webmin
๏ File system
๏ Rsync
๏ Networking (including Samba)
๏ Backing up ๏ ...and anything else we can fit in
๏ Server software
6. About me
• Working with Linux for over 10 years
• Administrator for two public web applications
running on Ubuntu Linux 8.10 and 9.04
(www.trackscentral.com, www.gitcentral.com)
• Delivering IT services through my company,
Futureshock Research.
• Teaching at CSU since 2002.
• Undergraduate degree in Electrical and Computer
Engineering, Masters in Information Systems, Masters
in Knowlegde Management, PhD in Business Process
Management and Knowledge Management.
• Contact me at peter.dalmaris@gmail.com
7. History - UNIX and
GNU
• UNIX dominated the OS space since 1960.
It was efficient, effective, but expensive.
• An effort to produce an open-source
UNIX-like OS begun by Richard Stallman in
1994, this was the GNU project beginnings.
• A lot of software was written as part of the
GNU project by the Free Software
Foundation: compilers, text editors, a shell...
8. History - GNU is not
an OS
• ...but there were no complete kernel,
device drivers, daemons etc.
• Without these subsystems, GNU could not
be completed as intended.
9. History - Linux fills the
gap
• In 1991 Linus Trovalds developed a replacement of
MINIX teaching OS developed by Andrew S.
Tanenbaum and released by Prentice-Hall.
• This replacement became the Linux kernel.Version
0.12 of Linux was released in 1992.
• At first, it operated in the Minix user space.
• Linux kernel became the missing GNU kernel.
13. The cost of developing
Linux Fedora 9
Linux kernel
14. NCAR's newest supercomputer: On 12 July
2004, SCD took delivery of lightning, a new
Linux cluster manufactured by IBM. The 1.1-
teraflop system is now installed in the NCAR
Computer Room
Motorola RAZR², an advanced
embedded system using embedded
Linux
The Nokia N810 features the Maemo
Linux distribution,[2] based on
Maemo 4.0, which features MicroB
(a Mozilla-based mobile browser), a
GPS navigation application, new
media player, and a refreshed
interface.
The WRT54G is notable for Ubuntu Linux on
being the first consumer- Macbook Pro
level network device that
had its firmware source code
released to satisfy the
obligations of the GNU
GPL.
15. Ubuntu Linux
• A good choice for both server and desktop
distribution.
• Free and well updated - new release every
six months.
• Security updates for 18 months - after that
just upgrade to the latest version.
• There are LTS versions with extended
length support.
16. Ubuntu Linux server
• Build on Debian, with reputation for robust
server implementations.
• Latest version is 9.04, based on kernel
2.6.28-11.37.
• Out of the box support for cloud
computing (Eucalyptus).
• Mail server stack: SMTP, POP3, IMAP with
TLS and SASL.
17. Ubuntu Linux server
• Kernel-based virtual machine (KVM).
• Microsoft Exchange support.
• Simplified firewall.
• etc. etc.
19. Getting started:
installation
• It makes sense to install servers on virtual
machines:
• Better use of existing hardware
• Ease of maintenance and disaster recovery
You can assign a Linux virtual machine to a single
service, like a web server, email server etc. Keep
things simple.
Maintain a single Linux host and multiple guests.
21. Option 1: Ubuntu server
on VMware on any host
• Download the server image from http://
www.ubuntu.com/getubuntu/download-
server
• Start Vmware
• Create a new virtual machine using the
image you just downloaded
23. Hands-on: Installation
Sample partitioning that separates critical portions of
the hard drive.
Directory Type FS Size Typical Size LAB
/boot Primary Ext2 100MB 200MB
/var LVM XFS 4GB 700MB
/home LVM XFS 200GB 3GB
/ LVM Ext3 50GB 2GB
swap LVM Swap 1GB 200MB
24. Hands-on: Installation
Sample partitioning that separates critical portions of
the hard drive.
Directory Type FS Size Typical Size LAB
/boot Primary Ext2 100MB 200MB
/var LVM XFS 4GB 700MB
/home LVM XFS 200GB 3GB
/ LVM Ext3 50GB 2GB
swap LVM Swap 1GB 200MB
25. Hands-on: Installation
Sample partitioning that separates critical portions of
the hard drive.
Directory Type FS Size Typical Size LAB
/boot Primary Ext2 100MB 200MB
/var LVM XFS 4GB 700MB
/home LVM XFS 200GB 3GB
/ LVM Ext3 50GB 2GB
swap LVM Swap 1GB 200MB
26. Hands-on: Installation
Sample partitioning that separates critical portions of
the hard drive.
Directory Type FS Size Typical Size LAB
/boot Primary Ext2 100MB 200MB
/var LVM XFS 4GB 700MB
/home LVM XFS 200GB 3GB
/ LVM Ext3 50GB 2GB
swap LVM Swap 1GB 200MB
27. Hands-on: Installation
Sample partitioning that separates critical portions of
the hard drive.
Directory Type FS Size Typical Size LAB
/boot Primary Ext2 100MB 200MB
/var LVM XFS 4GB 700MB
/home LVM XFS 200GB 3GB
/ LVM Ext3 50GB 2GB
swap LVM Swap 1GB 200MB
28. Option 2: Linux guests to an
Ubuntu host running KVM
• KVM is the default virtualisation technology
that ships with current versions of Ubuntu
• Requires hardware with virtualisation
extensions
29. One host, many guests
Ubuntu guest
Windows guest
Ubuntu host
30. Install a guest #1
Can your hardware support KVM?
Inspect the cpuinfo
virtual file:
No output means no KVM support. Try checking
virtualization settings in the BIOS.
If there is support, install the required packages:
Use the apt-get
package manager:
• libvirt-bin provides libvirtd which you need to administer qemu and kvm instances
using libvirt
• kvm is the backend
• ubuntu-vm-builder powerful command line tool for building virtual machines
• bridge-utils provides a bridge from your network to the virtual machines
31. Install guest #2
Add your user name to the libvirtd group
More about user
management later.
This will give you access to the system-wide libvirtd
instance. Log out and in to make this effective.
Test the installation is valid:
virsh is the main
interface for
managing guest
domains
32. Install KVM #3
Run the KVM command as root to reveal
problems, such as lack of hardware
kvm command can be
used to start guest
machines directly.
33. Setup the virtual
network #1
To enable network services to the VM and
VM access to the outside world, we must
configure bridge networking; The VM will
access the network through the host’s
physical network interface.
1. Install the bridge utility
2. Stop networking services
34. Setup the virtual
network #2
3. Edit /etc/network/
interfaces and add
the br0 section:
Content of /etc/
network/
You may use DHCP
instead of fixed values.
37. Remote administration
with SSH #1
• Ubuntu comes with an open source
implementation of the SSH standard, called
OpenSSH.
• OpenSSH makes it possible to securely
control a remote computer, and to transfer
files.
• To make this possible, we must install the
sshd component on the server if not
already installed.
38. Remote administration
with SSH #2
Install the sshd component:
Install the client component:
Some OS’s, like Mac OS X, come with an SSH client build-in. In
Windows, use Putty.
40. Remote administration
with SSH #4
You can authenticate the client using its public key;
then, you will not need to provide a password every
time you want to connect.
Create the client’s public key if one doesn’t exist
already:
ssh-keygen is a key
pair generator
This creates your key pair and stores it in ~/.ssh/.
41. Remote administration
with SSH #5
Take the contents of the file in ~/.ssh/id_dsa.pub on
the client, and paste it in the file ~/.ssh/
authorized_keys on the server. If the target file does
not exist, create it. This is how authorized_keys may
look like:
42. Remote administration
with SSH #6
Connect just like before, there
should be no request for your
password:
Local machine
Remote machine
44. Upgrading
To upgrade to the latest version of Ubuntu
server, use the so-release-upgrade utility.
First, update apt-get to acquire the latest package
information:
Then, install the upgrade utility:
Finally, do the upgrade:
45. Updating installed
packages
Use the apt-get tool:
To automate package updates, use unattended-
upgrades:
Install the package:
... and configure it:
Unattended upgrade actions are logged in /var/log/unattended-upgrades. Add a Cron job to
run /usr/bin/unattended-upgrade periodically.
47. User management
๏ A critical aspect of server management.
๏In Ubuntu, the root user is disabled for safety.
๏Management tasks requiring root access can be
completed by using the sudo command by a user who
is in the “admin” group.
๏The user created during the installation process is
added automatically to the admin group.
48. Adding and deleting
users
To add a user:
To delete a user (will retain the home directory):
To disable a user:
To enable a user:
49. Creating and deleting
groups
To create a group:
To delete a group:
To add a user to a group:
50. User profiles
By default, all new home directories are accessible
by everyone.You can enforce non-default access
rights to new home directories by editing /etc/
adduser.conf:
The contents of this directory are modelled after the
contents of /etc/skel.
51. Password policy
You can enforce strong user passwords by editing the
password policy file /etc/pam.d/common-password.
For example, to enforce a password with minimum 6
characters, edit the password line to look like this:
52. Password expiration
To see the password expiry value for a user, use the
“chage” command:
The chage tool is for
changing password
expiration date.
To make changes:
54. File system
A filesystem is responsible for managing data stored
on a non-volatile storage device like hard disks, USB
drives, DVDs etc.
Most linux distros, including Ubuntu, use ext3 (“third
extended filesystem”).
Ubuntu 9.04 introduces experimental support for
ext4.
55. Ext3
A journaling filesystem: logs changes in a journal to
increase reliability in case of power failure or system
crash.
56. Ext3
Not as fast as others, like JFS, ReiserFS and XFS,
but wins in CPU utilization, reliability, and testing
base.
57. Ext3 file limits
^ 8 KiB block size is only available on architectures which allow 8 KiB pages, such as Alpha.
58. Ext3 levels of journaling
❖Journal
❖Lowest risk, slowest
❖Metadata and files are written to the journal before being
committed.
❖Ordered (default)
❖Medium risk, medium speed
❖Metadata are written to the journal only - ext3 guarantees file
contents are written to disk before marked as committed in
the journal. Beware of “intermediate state” problem!
❖Writeback
❖Highest risk, fastest
❖Metadata written in journal, no guarantee for file contents.
59. Ext4
❖Adds 64-bit storage limits.
❖Volumes up to 1 exabyte. Files up to 16 terabytes.
❖Improved large file performance and reduced
fragmentation.
❖Backwards compatible with ext2 and 3.
❖Journal cheksumming (not present in ext3).
❖Online defragmentation.
❖Timestamps in nanoseconds.
60. Files and directories
Filesystems store data in files and directories.
Filesystems are stored in disk partitions.
You can configure partitions any way you like, but
something like this is advisable:
61. fstab: static fs info
fstab is a text file that
contains filesystem
information
63. Mount points
The mount command attaches a
filesystem to a mount point
Remount /usr in read only:
Mount all fs in /etc/fstab:
64. File & directory
commands
Command Description
ls Lists the contents of a directory
cd Change directory
mkdir Create directory
rmdir Remove directory
cp Copy file
mv Move file
rm Remove file
pwd Print the present working directory
file Print the presumed type of a file
chmod Change the permission attributes of a file
67. Networking
Most networking is configured by editing two files:
❖/etc/network/interfaces
❖Ethernet, TCP/IP, bridging
❖/etc/resolv.conf
❖DNS
Other networking files:
❖/etc/hosts
❖/etc/dhcp3/dhcpd.conf
68. /etc/network/interfaces
Typical default contents:
Directive Description
Indicates the device should be setup at boot
auto
time.
lo Loopback interface.
iface “Interface”.
Ethernet device 0, typically the primary
eth0
network adaptor.
Indicates network adaptor has an IPv4
inet
address space.
Network adaptor gets its configuration from
dhcp
a DHCP server.
69. /etc/network/interfaces
Good practice: fix your server’s IP address.
Directive Description
Indicates the adaptor uses fixed IP
static
configuration.
address The IP address of the host.
netmask Network subnet mask.
gateway Gateway address.
network The network portion of the IP address.
nameserver The IP of a DNS.
For static interfaces, you may also need to edit /etc/resolv.conf to specify DNS servers.
70. /etc/hosts
Ubuntu refers to this file to resolve host names
before contacting a DNS. Good for frequently used
hostnames, or internal network hosts.
71. Network useful
commands
Command Description
ping Test that an internet host is reachable.
ifconfig Administer a TCP/IP network interface.
sudo /etc/init.d/ stop, start, restart as arguments; controls
networking network status.
Examine and configure the host’s routing
route
table.
73. Backup
“Failing to plan is planning to fail”
It is a matter of time before you experience system
failure on your server. When that happens, it is
nice to have a backup.
74. What is a backup?
... to keep multiple historical versions of your data
going back far enough in time to enable recovery
from a small or big disaster.
75. Types of backup
❖Full - Backup the complete data set
❖Incremental - Backup only changes since last
backup
Periodic backup
❖Daily - Hold for the short term
❖Weekly - Hold for the medium term
❖Monthly - Hold for the long term
76. Backup using a shell script
#!/bin/sh
####################################
#
# Backup to NFS mount script.
This script rotates
#
#################################### through 7 backups
# What to backup.
backup_files="/home /var/spool/mail /etc /root /boot /opt"
# Where to backup to.
- one for each day.
dest="/mnt/backup"
# Create archive filename.
day=$(date +%A)
hostname=$(hostname -s)
archive_file="$hostname-$day.tgz"
# Print start status message.
echo "Backing up $backup_files to $dest/$archive_file"
date
echo A modification can
# Backup the files using tar.
tar czf $dest/$archive_file $backup_files allow for rotation
# Print end status message.
echo
echo "Backup finished"
of daily, weekly, and
date
# Long listing of files in $dest to check file sizes.
monthly backups.
ls -lh $dest
77. Automating with cron
Cron is used to schedule the execution of scripts. We
will look at it in more detail later.
To enter the cron job editor
To run the backup script every # m h dom mon dow command
day of every month of every 0 0 * * * bash /usr/local/bin/backup.sh
year, at midnight
78. Restoring
Use tar to test the integrity of an archive, or to
extract its contents.
To list the contents of the
archive
To extract a file from the archive
To extract the full contents of
the archive
81. Servers, servers,
servers
Most useful work on a server is done by some
kind of server software:
❖Web (i.e. Apache)
❖Database (MySQL)
❖Application (LAMP - i.e Moin Moin)
❖FTP (i.e. vsftpd)
❖Network File System
❖Email (i.e. Postfix)
❖Etc.
83. Web server
Lot’s of choices for open source web servers.
❖Apache
❖LightTPD (YouTube,
Meebo, Wikipedia)
❖Nginx
❖Roxen
84. Apache:
history and
Apache has been around for ever (at least since the
begining of the known time, when the web was
invented):
❖powers 100 million websites (early 2009), over
46% of total
❖Most popular web server since 1996
❖Lineage going back to NCSA HTTPd
❖Comprehensive set of features - you want it, it
has it.
86. Installing Apache
Apache is installed in /etc/apache2.
File/Directory Description
apache2.conf The main Apache2 configuration file. Contains settings that are global to Apache2.
Contains configuration files which apply globally to Apache. Other packages that use Apache2 to serve content
conf.d may add files, or symlinks, to this directory.
envars File where Apache2 environment variables are set.
Historically the main Apache2 configuration file, named after the httpd daemon.The file
httpd.conf can be used for user specific configuration options that globally effect Apache2.
mods-available This directory contains configuration files to both load modules and configure them.
mods-enabled Holds symlinks to the files in /etc/apache2/mods-available.
ports.conf Houses the directives that determine which TCP ports Apache2 is listening on.
This directory has configuration files for Apache Virtual Hosts.Virtual Hosts allow
sites-available Apache2 to be configured for multiple sites that have separate configurations.
Like mods-enabled, sites-enabled contains symlinks to the /etc/apache2/sites-available directory. Similarly when a
sites-enabled configuration file in sites-available is symlinked it will beactive once Apache is restarted.
89. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
90. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Port number of site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
91. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Port number of site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
Email of webmaster
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
92. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Port number of site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
Email of webmaster
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Root directory of site files
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
93. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Port number of site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
Email of webmaster
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Root directory of site files
Order allow,deny
allow from all
</Directory>
Static files block
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
94. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Port number of site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
Email of webmaster
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Root directory of site files
Order allow,deny
allow from all
</Directory>
Static files block
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Scripts block
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
95. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Port number of site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
Email of webmaster
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Root directory of site files
Order allow,deny
allow from all
</Directory>
Static files block
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Scripts block
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
Error log file
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
96. /etc/apache2/sites-
available/site_name
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Port number of site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
Email of webmaster
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Root directory of site files
Order allow,deny
allow from all
</Directory>
Static files block
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Scripts block
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
Error log file
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
Access log file
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
97. Multiple sites
Apache supports multiple sites on the same machine.
Assign sites by port number, sub-domain, directory
name, or any combination of the above.
After any configuration changes,
restart Apache
98. Modules
There are many modules that provide additional
functionality.
These modules can be installed and loaded
dynamically.
Installs the MySQL
authentication module
Enables the new module and
restarts apache
101. Database server: mySQL
“The world’s most popular open-source database”*
*http://www.mysql.com/
Yahoo,
Google,
Alcatel,
Nokia,
Youtube
25% market
share (EDC
research)
102. MySQL features
❖Cross-platform compatible
❖Libraries for all major ❖Selection of storage engines
programming languages (innoDB, Berkeley, etc.)
❖Many administration ❖Replication
choices, command line, web- ❖ACID compliance with
based, GUIs innoDB, DBD, Cluster engines.
❖Stored procedures ❖Full-text indexing
❖Triggers ❖Open-source!
❖Cursors
103. Mysql installation
Installs the MySQL
authentication module
After installation, check mysql
deamon is running
To restart:
To configure:
104. Create a new database
and user
Log on as root (asks for
mysql -u root -p
password):
Create a new database: create database myDB;
grant all privileges on myDB.* to
Create a new user for the new ‘newuser’@‘localhost’identified by
database:
‘newpassword’with grant option;
To verify this worked, exit and exit;
logon as the new user (no error mysql -u newuser -p #asks for password
messages mean all good): use myDB;
106. LAMP
Linux A popular configuration for
Apache Linux servers.
MySQL
Php LAMP applications are packaged
in a way that makes it easy to
install and manage.
107. LAMP example: Moin Moin
Moin Moin is a Python-based wiki engine.
Install Moin Moin (expects
Apache 2 already installed):
cd /usr/share/moin
Prepare the Moin Moin
sudo mkdir mywiki
directory:
sudo cp -R data mywiki
sudo cp -R underlay mywiki
sudo cp server/moin.cgi mywiki
sudo chown -R www-data.www-data
mywiki
sudo chmod -R ug+rwX mywiki
sudo chmod -R o-rwx mywiki
108. Configure Moin Moin
Edit /etc/moin/mywiki.py data_dir = '/usr/share/moin/mywiki/data'
data_underlay_dir='/usr/share/moin/mywiki/
In the next line, insert:
underlay'
### moin
ScriptAlias /mywiki "/usr/share/moin/mywiki/moin.cgi"
Configure Apache; add the alias /moin_static181 "/usr/share/moin/htdocs"
following lines in /etc/apache2/ <Directory /usr/share/moin/htdocs>
sites-available/default file inside the Order allow,deny
allow from all
“<VirtualHost *>” tag:
</Directory>
### end moin
Restart: sudo /etc/init.d/apache2 restart
111. FTP
A simple way to transfer files between computers.
Many open source FTP servers available on Linux:
❖ vsftp
❖ Filezilla
❖ Pure-ftpd
❖ NASLite
❖ wu-ftpd
❖ etc.
112. Install vsftp
“Probably the most secure and fastest FTP server for UNIX-like systems.”
http://vsftpd.beasts.org/
Install it:
113. Install vsftp
“Probably the most secure and fastest FTP server for UNIX-like systems.”
http://vsftpd.beasts.org/
Install it:
Put your files here to
make them available
to FTP clients
116. Connect to the FTP
server
Anonymous
connection
Download
to local
machine
117. Connect to the FTP
server
Anonymous
connection
Download
to local
machine
Download
completed
118. Secure FTP
Edit /etc/vsftpd.conf:
Now vsftpd will ask for the user’s password
and will start at their home directories.
119. NFS
Allows for server files and directories to be
available to remote clients as if they were local.
Install it:
120. NFS
Allows for server files and directories to be
available to remote clients as if they were local.
Install it:
Set directories to be
exported here:
124. Email services: Postfix
The default Mail Transfer Agent (MTA) for Ubuntu
Rich set of features:
❖Protocols: ❖Address masquarading
❖SMTP ❖Junk mail control
❖Databases: ❖Selective address rewritting
❖DKIM ❖VERP envelope return
❖DSN status ❖Berkley
❖CDB address
❖ETRN
❖IPv6 ❖LDAP
❖SASL authentication ❖MySQL
❖TLS encryption/authoentication ❖PostgreSQL
❖QMQP ❖Mailbox and Maildir formats
❖Virtual domains
125. Postfix installation
Install it:
The configuration screens will come up as part of
the installation.
To reconfigure at a later time:
Or, you can edit the Postfix configuration file /etc/
postfix/main.cf. After editing, restart:
Install it:
126. Postfix configuration
Check sources such as
Sample values:
these for details on
❖Internet Site configuration:
❖mail.example.com ❖http://flurdy.com/docs/postfix/
❖peter ❖http://ubuntuforums.org/
showthread.php?t=780509
❖mail.example.com, ❖http://en.wikipedia.org/wiki/
localhost.localdomain, localhost Email#Workings
❖No
❖127.0.0.0/8 [::ffff:127.0.0.0]/104 [::
1]/128 192.168.0/24
❖0
❖+
❖all
127. SMTP authentication
Allows a client to identify itself. Once authenticated,
the SMTP server will allow the client to relay mail.
Configuration for SMTP-AUTH is done with the
Dovecot package:
Install it:
In production, you will need to configure the SSL
certificate and key to be used with authentication and
encryption.
128. Test by sending yourself
an email
Install nail, a
command line
emailer:
130. Firewall
The Linux kernel includes the Netfilter subsystem:
controls network traffic in/out.
Linux firewalls utilise Netfilter. The administrator
tells Netfilter how to treat data packets by
configuring rules in iptables, a configuration file.
In Ubuntu, we use ufw as a configuration tool for
iptables.
131. ufw
“the friendly way to create a firewall”
ufw: Ucomplicated firewall
Install ufw:
Enable ufw and restart
the server to take effect:
You will not be able to
restore the SSH
connection until you or
configure ufw to allow
SSH traffic:
132. ufw, examples of rules
Delete a rule:
Allow access from a host to port
22 of any IP address on this host:
Allow all HTTP traffic:
Use --dry-run to show the rule
corresponding to a directive:
133. ufw, examples of rules
Disable the firewall:
See status:
See detailed status:
Application integration, predefined
rules. Apply like this “sudo ufw allow
Postfix” and “sudo ufw app info Postfix”
to view rule details:
135. Package management
Over 24,000 software packages for Ubuntu. It is a
good idea to use a package manager to maintain
those installed on your server.:
❖Install
❖Remove
❖Resolve dependencies
❖Compile
❖Upgrade
Ubuntu is supported by apt-get, aptitude.
Most packages are supported by both, so your
choice.
136. apt
A collection of tools, not a single tool.
apt-get is the most important tool. Used for
tasks like:
❖Update the index files from their source
❖Upgrade all installed packages
❖Install a package
❖Remove installed package
❖Source code fetching
❖Build dependencies
❖Checks for broken dependencies
❖Clean the local repository
❖Autoclean only files in the local repository that can no longer be downloaded
and are considered useless.
137. Using apt-get
Already installed, ready to use.
Install a package named “nmap”:
Remove a package named “nmap”:
Update the apt index (the
repositories are listed in /etc/apt/
sources.list):
Upgrade all packages installed:
All actions are recorded in /var/log/dpkg.log
138. Automatic updates
The “unattended-upgrades” package can
automatically install updated packages.
Install it:
Define the type of upgrades in /
etc/apt/apt.conf.d/50unattended-
upgrades
All actions are recorded in /var/log/unattended-
upgrades
140. Windows connectivity
Works as:
❖File server
❖Printer server (including PDF)
❖Domain controller in Windows networks
❖Authentication
... for Windows clients
142. Samba configuration
To define a share (in this example, the home
folders), edit the /etc/samba/smb.cnf file:
[homes]
Make home directories shared, comment = Home Directories
browseable = yes
browsable, read-write: read only =no
create mask = 0775
directory mask = 0775
valid users = %S
Define the password for a share
user:
Reload Samba configuration:
144. Other Samba
capabilities
We just saw the most basic capability of Samba.
Other things you can do:
❖Sharing CUPS printers
❖Various security issues
❖Active Directory integration, including Kerberos
authentication
❖Database integration for user information
❖LDAP integration
❖Domain controller or client
❖WINS
❖Remote and local management
146. Scheduling with cron
Cron is the standard job scheduler for Unix.
Cron stands for “cronograph”.
Every user can specify scripts or programs to
run at specific time intervals in a text file called
“crontab”.
147. Example crontab file
Access/edit crontab file:
Schedule Redirect output Script to run
148. Example crontab file
Access/edit crontab file:
Schedule Redirect output Script to run
149. Example crontab file
Access/edit crontab file:
Schedule Redirect output Script to run
158. Webmin: web
based server
Open source interface for system administration
based on modules:
❖User management
❖Apache
❖MySQL
❖OpenSSH
❖DNS
❖File sharing
❖etc.
159. Webmin installation
and configuration
sudo apt-get install perl5 libnet-ssleay-perl
sudo apt-get install wget
Get required libraries, webmin wget http://prdownloads.sourceforge.net/webadmin/
archive, and run the setup utility. webmin-1.480.tar.gz
You can safely accept all setup script
defaults. tar xzvf webmin-1.480.tar.gz
cd webmin-1.480
sudo ./setup.sh
166. Vim and vi
Vim is an improved version of vi, the stock-standard
text editor for Unix and Linux systems.
Install vim
start vim
Use commands expressed by keystrokes to control
vim (see cheat sheet in next slide).
168. Go on and build your server.
Notes and videos available at
http://blog.futureshock-ed.com.
A discussion group available at
http://groups.google.com/group/linux-alumni
Any feedback appreciated.
Have fun and stay in touch!