34,79 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Fachliteratur
- Sprache: Englisch
Linux is one of the most widely used operating systems among system administrators,and even modern application and server development is heavily reliant on the Linux platform.
The Linux Administration Cookbook is your go-to guide to get started on your Linux journey. It will help you understand what that strange little server is doing in the corner of your office, what the mysterious virtual machine languishing in Azure is crunching through, what that circuit-board-like thing is doing under your office TV, and why the LEDs on it are blinking rapidly.
This book will get you started with administering Linux, giving you the knowledge and tools you need to troubleshoot day-to-day problems, ranging from a Raspberry Pi to a server in Azure, while giving you a good understanding of the fundamentals of how GNU/Linux works.
Through the course of the book, you’ll install and configure a system, while the author regales you with errors and anecdotes from his vast experience as a data center hardware engineer, systems administrator, and DevOps consultant.
By the end of the book, you will have gained practical knowledge of Linux, which will serve as a bedrock for learning Linux administration and aid you in your Linux journey.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Seitenzahl: 857
Veröffentlichungsjahr: 2018
Ähnliche
Linux Administration Cookbook
Copyright © 2018 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Commissioning Editor: Gebin GeorgeAcquisition Editor: Prachi BishtContent Development Editor: Deepti ThoreTechnical Editor:Sayali ThanekarCopy Editor: Safis EditingProject Coordinator: Jagdish PrabhuProofreader: Safis EditingIndexer: Mariammal ChettiyarGraphics: Jisha ChirayilProduction Coordinator: Arvindkumar Gupta
First published: December 2018
Production reference: 1311218
Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.
ISBN 978-1-78934-252-9
www.packtpub.com
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
Packt.com
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.
At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.
Contributors
About the author
Adam K. Dean has used Linux since 2005, when he rendered his first computer unbootable during an Ubuntu installation. Undeterred, a subsequent installation was successful, notwithstanding the odd graphical and Wi-Fi issues.
Between bouts of writing about himself in the third person, Adam now runs his own consultancy offering Linux expertise to a range of clients, though he hasn't forgotten his origins, and still occasionally renders computers unbootable.
About the reviewer
Donald Tevault—but you can call him Donnie—got involved with Linux way back in 2006, and has been working with it ever since. He holds the Linux Professional Institute Level 3—security certification, and the GIAC Incident Handler certification. Donnie is a professional Linux trainer, and thanks to the magic of the internet, teaches Linux classes literally the world over from the comfort of his living room.
Sam Norbury is someone who you never find frowning, at best you'll get a non-informative mmm from his general direction, which gives nothing away as to the inner-workings of his head, or what he thinks of your latest suggestion. Prized for his Ansible knowledge and patience, he now splits his time between consulting and travelling the world, spreading apathy everywhere he goes.
Jon Nield is a senior engineer who's reputation for calm and methodical problem solving has earned him a reputation as one of the most easy-going and nicest guys in tech. Having worked in the computing and server industry for many years, his expertise in areas such as C, and the underpinnings of the Linux operating system, make him a highly-sought consultant.
Packt is searching for authors like you
If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.
Table of Contents
Title Page
Copyright and Credits
Linux Administration Cookbook
About Packt
Why subscribe?
Packt.com
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Sections
Getting ready
How to do it
How it works
There's more
See also
Get in touch
Reviews
Introduction and Environment Setup
Introduction
Understanding and choosing a distribution
Ubuntu
Debian
CentOS - the one we'll mostly be using
Red Hat Enterprise Linux
Installing VirtualBox
Installing VirtualBox on Ubuntu
Command-line installation
Graphical installation
Installing VirtualBox on macOS
Command-line installation
Graphical installation
Installing VirtualBox on Windows
Graphical installation
Installing our chosen distribution manually
Obtaining our CentOS installation media
Checking the checksum
Setting up our VM
VirtualBox main window
CentOS installation
Accessing and updating our VM
Logging in from the VirtualBox window
Logging in from the host Terminal
Making sure sshd is running
Making sure that VirtualBox lets us through
Updating our VM
Understanding how VMs differ
dmidecode
lshw
Quick sudo explanation
Using Vagrant to automatically provision VMs
Kickstart
Vagrant
Anecdote - try, try, and try again
Remote Administration with SSH
Introduction
Technical requirements
Generating and using key pairs with ssh-keygen
Getting ready
How to do it...
RSA example
Ed25519 example
How it works...
The public and private key files
The authorized_keys file
There's more...
To passphrase or not to passphrase
Additional flags
See also
SSH client arguments and options
Getting ready
How to do it...
SSH using hostnames instead of IPs
SSHing to a different user
SSHing to a different port
SSHing to an IPv6 address
SSHing before running a command
SSH and X11 forwarding
How it works...
There's more...
See also
Using a client-side SSH configuration file
Getting ready
How to do it...
How it works...
There's more...
See also
Modifying the server-side SSH configuration file
Getting ready
How to do it...
Changing the default port
Changing the listen address
Changing the daemon logging level
Disallowing root login
Disabling passwords (force key use)
Setting a message of the day (motd)
The UseDNS setting
AllowUsers
How it works...
There's more...
See also
Rotating host keys and updating known_hosts
Getting ready
How to do it...
How it works...
There's more...
Technical requirements
Using local forwarding
Getting ready
How to do it...
On the command line
Using an SSH config file
How it works...
There's more...
Watching our SSH session
Connecting to systems beyond the remote host
See also
Using remote forwarding
Getting ready
How to do it...
On the command line
Using an SSH config file
How it works...
There's more...
See also
ProxyJump and bastion hosts
Getting ready
How to do it...
Using an SSH config file
How it works...
There's more...
Multiple hosts
ProxyCommand
Bastion hosts
Using SSH to create a SOCKS Proxy
Getting ready
How to do it...
On the command line
Using an SSH config file
How it works...
There's more...
Understanding and using SSH agents
Getting ready
How to do it...
How it works...
There's more...
ssh-add
AddKeysToAgent
See also
Running multiple SSH servers on one box
Getting ready
How to do it...
How it works...
There's more...
Summary
Networking and Firewalls
Introduction
Technical requirements
Determining our network configuration
Getting ready
How to do it...
Discerning the IP
Discerning the IP (deprecated method)
Discerning the gateway address
Discerning the gateway address (deprecated method)
How it works...
There's more...
Checking connectivity
Checking what route our box will take
See also
More examples of using the ip suite
Getting ready
How to do it...
Adding and removing an IP against an interface
Shutting down and bringing up an interface administratively
Adding a new route to our routing table
How it works...
There's more...
See also
Adding and configuring network interfaces
Getting ready
How to do it...
Configuring a new interface
How it works...
There's more...
See also
Modern domain name resolution on Linux
Getting ready
How to do it...
Querying a domain
Checking the domain resolution settings
Changing the domain resolution settings
How it works...
There's more...
See also
Configuring NTP and the problems we face
Getting ready
How to do it...
Checking if NTP is running
Checking if NTP traffic is flowing
Enabling an NTP client
Enabling an NTP server
How it works...
There's more...
See also
Listing firewall rules on the command line
Getting ready
How to do it...
iptables
firewall-cmd
ufw
How it works...
There's more...
See also
Adding and removing firewall rules on the command line
Getting ready
How to do it...
firewall-cmd
iptables
ufw
How it works...
There's more...
Determining the running services and ports in use
Getting ready
How to do it...
How it works...
There's more...
Debugging with iftop
Getting ready
How to do it...
How it works...
There's more...
Summary
Services and Daemons
Introduction
Technical requirements
Determining running services
How to do it...
How it works...
There's more...
See also
Listing installed services
Getting ready
How to do it...
How it works...
There's more...
See also
Starting and stopping services
How to do it...
Stopping our service
Starting our service
How it works...
There's more...
See also
Changing which services start and stop at boot
Getting ready
How to do it...
Enabling our service
Disabling our service
How it works...
There's more...
See also
Common services you might expect to see
How to do it...
auditd.service
chronyd.service
crond.service
lvm2-*.service
NetworkManager.service
nfs.service
postfix.service
rsyslog.service
sshd.service
systemd-journald.service
systemd-logind.service
How it works...
There's more...
See also
Understanding service unit files
How to do it...
How it works...
There's more...
See also
Customizing systemd unit files
How to do it...
How it works...
There's more...
See also
Testing running services
Getting ready
How to do it...
How it works...
There's more...
Writing a basic unit file
How to do it...
How it works...
There's more...
See also
Working with systemd timers (and cron)
How to do it...
systemd timers
cron
How it works...
There's more...
See also
Other init systems
Getting ready
How to do it...
CentOS 6 and Upstart
Debian 7 and SysV init
How it works...
There's more...
See also
Round-up - services and daemons
Hardware and Disks
Introduction
Technical requirements
Determining hardware
Getting ready
How to do it...
lspci
lshw
/proc
/sys
dmesg (and the kernel logs)
dmidecode
/dev
How it works...
Testing hardware
Getting ready
How to do it...
Self-monitoring, analysis, and reporting technology (SMART)
hdparm
Memory testing
How it works...
There's more...
The role of the kernel
Getting ready
How to do it...
How it works...
There's more...
Disk configuration on Linux
Getting ready
How to do it...
Listing disks with lsblk
Listing mount points with df
Listing filesystems with df
Listing logical volume manager disks, volume groups, and logical volumes
Physical disks
Volume groups
Logical volumes
Listing swap
How it works...
There's more...
The filesystem hierarchy
Getting ready
How to do it...
How it works...
There's more...
Configuring a blank disk and mounting it
Getting ready
How to do it...
How it works...
There's more...
Re-configuring a disk using LVM
Getting ready
How to do it...
How it works...
There's more...
Using systemd-mount and fstab
Getting ready
How to do it...
fstab
systemd-mount
How it works...
There's more...
See also
Disk encryption and working with encryption at rest
Getting ready
How to do it...
How it works...
There's more...
See also
Current filesystem formats
Getting ready
How to do it...
How it works...
Upcoming filesystem formats
Getting ready
How to do it...
How it works...
Round-up - hardware and disks
Security, Updating, and Package Management
Introduction
Technical requirements
Checking package versions
Getting ready
How to do it...
CentOS
Debian
How it works...
There's more...
Checking the OS version
How to do it...
CentOS
Debian
Ubuntu
How it works...
There's more...
See also...
Checking for updates
How to do it...
CentOS
Debian
How it works...
There's more...
Automating updates
How to do it...
CentOS
Debian
How it works...
There's more...
Automatic provisioning
Checking mailing lists and errata pages
Getting ready
How to do it...
Package changelogs
Official sources and mailing Lists
Other sources
How it works...
There's more...
Using snaps
How to do it...
Searching out snaps
Installing snaps
Listing installed snaps
Interacting with daemon snaps
Removing snaps
How it works...
There's more...
See also...
Using Flatpak
Getting ready
How to do it...
Searching for a package
Installing our package
Running our package
Listing installed packages
User installations
Removing packages
How it works...
There's more...
See also...
Using Pip, RubyGems, and other package managers
Getting ready
How to do it...
Pip
RubyGems
How it works...
There's more...
When to use programming-language package managers
--user/ --system (pip) and --user-install (gem)
Python virtualenv
See also
Dependency hell (a quick word)
Getting ready
How to do it...
System-installed and third-party installed versions of Pip
Dependency problems in conflicting Pip packages
Apt's conflict solution
Potential solutions
How it works...
Compiling from source
Getting ready
How to do it...
How it works...
There's more...
See also...
Technical requirements
Adding additional repositories
Getting ready
How to do it...
CentOS - Adding the EPEL repository with epel-release
CentOS - Adding the ELRepo repository by file
Debian - Adding additional repositories
Ubuntu - Adding PPAs
How it works...
Roundup - security, updating, and package management
Monitoring and Logging
Introduction
Technical requirements
Reading local logs
Getting ready
How to do it...
How it works...
There's more...
Using journalctl on systemd systems
Getting ready
How to do it...
How it works...
There's more...
See also
Centralizing logging
Getting ready
How to do it...
Remote logging with rsyslog - UDP example
Remote logging with rsyslog - TCP example
Remote logging with journald
How it works...
There's more...
Local resource measuring tools
Getting ready
How to do it...
top
free
htop
NetData
How it works...
There's more...
Local monitoring tools
Getting ready
How to do it...
atop
sar
vmstat
How it works...
Remote monitoring tools
Getting ready
How to do it...
Nagios
Icinga2
How it works...
There's more...
See also
Centralizing logging with the Elastic Stack
Getting ready
How to do it...
centos2
debian1 and debian2
Kibana
How it works...
There's more...
Roundup - Monitoring and Logging
Permissions, SELinux, and AppArmor
Introduction
Technical requirements
Linux file permissions
Getting ready
How to do it...
How it works...
exampledir
examplefile
There's more...
Root access to directories and files
Other execute characters
Modifying file permissions
Getting ready
How to do it...
chown
chmod
chattr
How it works...
chown
chmod
chattr
There's more...
Avoiding octal notation (if you hate it) in chmod
Hierarchical permissions
See also
Technical requirements
Users and groups
Getting ready
How to do it...
whoami
Users on a system
Groups on a system
Daemons using users
How it works...
There's more...
AppArmor and modification
Getting ready
How to do it...
How it works...
There's more...
SELinux and modification
Getting ready
How to do it...
How it works...
There's more...
See also
Checking SELinux is running, and the importance of keeping it running
Getting ready
How to do it...
How it works...
There's more...
See also
Resetting SELinux permissions
Getting ready
How to do it...
How it works...
There's more...
Roundup - permissions, SELinux, and AppArmor
Containers and Virtualization
Introduction
Technical requirements
What is a container?
Getting ready
How to do it...
How it works...
cgroups (Linux control groups)
namespaces
The breakdown of our creation
There's more...
The LXD daemon
See also
Installing Docker
Getting ready
How to do it...
How it works...
There's more...
Slightly more
See also
Running your first Docker container
Getting ready
How to do it...
How it works...
Creating a container
Listing our container
Executing commands in our container
Stopping our container
Debugging a container
Getting ready
How to do it...
How it works...
There's more...
Searching for containers (and security)
Getting ready
How to do it...
How it works...
There's more...
What is virtualization?
Getting ready
How to do it...
How it works...
There's more...
Starting a QEMU machine with our VM
Getting ready
How to do it...
How it works...
There's more...
See also
Using virsh and virt-install
Getting ready
How to do it...
virt-install
virsh
How it works...
There's more...
Comparing the benefits of local installs, containers, and VMs
Getting ready
How to do it...
Local Nginx install
Docker Nginx install
VM Nginx install
How it works...
Brief comparison of virtualization options (VMware, proxmox, and more)
Getting ready
How to do it...
VMware ESXi
Proxmox Virtual Environment
OpenStack
How it works...
Roundup - containers and virtualization
Git, Configuration Management, and Infrastructure as Code
Introduction
Technical requirements
What is Git?
Getting ready
How to do it...
Cloning
Exploring and making changes
How it works...
There's more...
Setting up a Git server
Getting ready
How to do it...
How it works...
There's more...
Committing to our Git repository
Getting ready
How to do it...
How it works...
Matching versus simple
Branching our Git repository and committing changes
Getting ready
How to do it...
How it works...
There's more...
See also
Installing Ansible
Getting ready
How to do it...
How it works...
There's more...
The raw module
The shell and command modules
See also
Using Ansible to install Java from a role
Getting ready
How to do it...
How it works...
There's more...
See also
Storing our Ansible configuration in Git
Getting ready
How to do it...
How it works...
Exploring options for IaC
Getting ready
How to do it...
Terraform
Packer
How it works...
There's more...
See also
Roundup - Git, Configuration Management, and Infrastructure as Code
Web Servers, Databases, and Mail Servers
Introduction
Technical requirements
Installing and understanding a web server
Getting ready
How to do it...
Installing httpd (Apache) on CentOS
Installing Nginx on Debian
How it works...
There's more...
Basic Apache configuration
Getting ready
How to do it...
How it works...
There's more...
See also
Basic Nginx configuration
Getting ready
How to do it...
How it works...
There's more...
See also
SSL, TLS, and LetsEncrypt
Getting ready
How to do it...
How it works...
There's more...
Let's Encrypt
Work environment certificates
See also
Basic MySQL or MariaDB Installation
Getting ready
How to do it...
Listing, creating, and selecting databases and tables
How it works...
There's more...
See also
Basic PostgreSQL installation
Getting ready
How to do it...
Listing, creating, and selecting databases and tables
How it works...
Local MTA usage and configuration (Postfix)
Getting ready
How to do it...
main.cf
/etc/aliases
How it works...
There's more...
See also
Local MTA usage and configuration (Exim)
Getting ready
How to do it...
How it works...
There's more...
NoSQL documents (MongoDB example)
Getting ready
How to do it...
How it works...
There's more...
NoSQL KV (Redis example)
Getting ready
How to do it...
How it works...
Messaging brokers and queues (RabbitMQ example)
Getting ready
How to do it...
How it works...
Roundup - web servers, databases, and mail servers
Super personal preference time!
Troubleshooting and Workplace Diplomacy
Introduction
Technical requirements
What is troubleshooting?
How to do it...
Isolating the real issue
Getting ready
How to do it...
Giving estimates and deciding on next steps
Getting ready
How to do it...
There's more...
Using ss, iftop, tcpdump, and others for network issues
Getting ready
How to do it...
Ping
ss
iftop
tcpdump
Using cURL, wget, and OpenSSL for remote web issues
Getting ready
How to do it...
cURL
Wget
OpenSSL
Using iotop, top, and vmstat for local resource issues
Getting ready
How to do it...
iotop
top
vmstat
Using ps, lsof, Strace, and /proc for service issues
Getting ready
How to do it...
ps
lsof
Strace
/proc
Making a copy of problems for later debugging
Getting ready
How to do it...
Temporary solutions and when to invoke them
How to do it...
Handling irate developers
How to do it...
Handling irate managers
How to do it...
Handling irate business owners
How to do it...
Roundup - Troubleshooting and workplace diplomacy
Don't trust time
Don't overlook the simple
On "cloud" deployments
Learn from my mistakes
BSDs, Solaris, Windows, IaaS and PaaS, and DevOps
Introduction
Determining the type of system you're on
How to do it...
uname
The filesystem check
How it works...
There's more...
Understanding how the BSDs differ
The differences
FreeBSD
OpenBSD
Understanding how Solaris and illumos differ
The differences
Oracle Solaris
illumos
Understanding how Windows differs
The differences
IaaS (Infrastructure as a Service)
IaaS providers and features
PaaS (Platform as a Service)
PaaS providers and features
The Ops versus DevOps Wars
More of a skirmish, really
Roundup - BSDs, Solaris, Windows, IaaS and PaaS, DevOps
Other Books You May Enjoy
Leave a review - let other readers know what you think
Preface
When it comes to servers, there's no more popular OS than Linux and its family of distributions. No matter which company you work for these days, there's a good chance at least part of their infrastructure runs some flavor of Linux.
Because of this, there's never been a better time to get into Linux system administration and engineering (along with the tangentially related disciplines), though I would say that, of course... being a Linux sysadmin.
This book aims to be your reference and guide for certain common tasks in the Linux world, from the mundane and basic to the fun and complex, though anything can be complex if you try hard enough. I hope that, while reading it, you find something new (preferably a lot of new things) and maybe come across suggestions that you wouldn't have come across otherwise.
We're also going to get practical in our work (because just reading about things is boring), using virtual machines throughout to achieve our intended goals.
Who this book is for
This book is for a mixture of people, from the new and inexperienced, to the old and grumpy (like me).
It aims to teach you the basics of what you need to know to get started, while also introducing some real-world examples and suggesting various tips and tricks that you may not know already.
Even if you've been using Linux for a couple of decades, I hope you'll find something in this book that you didn't know, or find enlightening.
What this book covers
Chapter 1, Introduction and Environment Setup, explains how to set up a vanilla environment so that you understand what Vagrant does behind the scenes, and why we do what we do in terms of installation.
Chapter 2, Remote Administration with SSH, helps you understand the marvel that is SSH, and how it can make your life not only easier, but significantly better.
Chapter 3, Networking and Firewalls, covers a topic I find to be more of a pain than any other, networking and firewalling. We're going to look at the importance of each of these.
Chapter 4, Services and Daemons, inspects the nature of daemons, hunting them down, and killing them when they get too power-hungry. Services are also covered in this chapter.
Chapter 5, Hardware and Disks, covers the most treacherous part of any system, the hardware. Here, we'll talk about the evils of disks and how you might go about troubleshooting a physical system.
Chapter 6, Security, Updating, and Package Management, covers the stuff that makes servers useful. Packages have to get on systems in some way, shape, or form, and here, we'll investigate how they do it!
Chapter 7, Monitoring and Logging, explores the two topics most sysadmins groan at, knowing they're important at the same time. We're going to look at why you need both sensible monitoring and robust logging.
Chapter 8, Permissions, SELinux, and AppArmor, covers the innate security systems in place on a lot of servers, no matter how painful they might be to use and configure. Here, we'll talk about their importance.
Chapter 9, Containers and Virtualization, explores a favorite topic of mine, the segmentation of operating systems and how you might go about accomplishing such an arcane task.
Chapter 10, Git, Configuration Management, and Infrastructure as Code, discusses the importance of not losing your configuration when your computer randomly dies, and the ease with which solutions can be spun up and torn down.
Chapter 11, Web Servers, Databases, and Mail Servers, looks at some of the core functionality servers can provide, underpinning the majority of what the internet was invented to accomplish: communication.
Chapter 12, Troubleshooting and Workplace Diplomacy, expounds some basic troubleshooting techniques, and contains a philosophical discussion on keeping your head in stressful situations. The author is something of an authority on this.
Chapter 13, BSDs, Solaris, Windows, IaaS and PaaS, and DevOps, is a fun final chapter on semi-related systems in the Linux world, some of which you'll definitely come across, and some which should have been greater than they turned out to be.
To get the most out of this book
You're going to need a computer. If you intend to work along with the examples, the easiest way to do so is by utilizing Vagrant, which is software for building portable development environments programmatically.
At the start of each chapter with working code, you'll find a Vagrantfile entry. This can be downloaded from the links provided later in this preface, but it can also be typed out if you prefer.
For the best experience, I'd recommend a computer with at least four cores and preferably 8 GB of RAM, though you might be able to tweak each entry for your own purposes.
This book assumes basic knowledge of moving around a Linux filesystem using the command line.
Download the example code files
You can download the example code files for this book from your account at www.packt.com. If you purchased this book elsewhere, you can visit www.packt.com/support and register to have the files emailed directly to you.
You can download the code files by following these steps:
Log in or register at
www.packt.com
.
Select the
SUPPORT
tab.
Click on
Code Downloads & Errata
.
Enter the name of the book in the
Search
box and follow the onscreen instructions.
Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
WinRAR/7-Zip for Windows
Zipeg/iZip/UnRarX for Mac
7-Zip/PeaZip for Linux
The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Linux-Administration-Cookbook. In case there's an update to the code, it will be updated on the existing GitHub repository.
We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
Download the color images
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/9781789342529_ColorImages.pdf.
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., There's more..., and See also).
To give clear instructions on how to complete a recipe, use these sections as follows:
Getting ready
This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.
How to do it
This section contains the steps required to follow the recipe.
How it works
This section usually consists of a detailed explanation of what happened in the previous section.
There's more
This section consists of additional information about the recipe in order to make you more knowledgeable about the recipe.
See also
This section provides helpful links to other useful information for the recipe.
Get in touch
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Reviews
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packt.com.
Introduction and Environment Setup
In this chapter, we will cover the following recipes:
Understanding and choosing a distribution
Installing VirtualBox
Installing our chosen distribution manually
Connecting to our
virtual machine
(
VM
)
Accessing and updating our VM
Understanding how VMs differ
Quick
sudo
explanation
Using Vagrant to automatically provision VMs
Anecdote (try, try, and try again)
Introduction
Before we get into the nitty-gritty of what distribution (sometimes shortened to "distro") we're going to use, we must first take a rather large step backwards and consider the concept of Linux in a somewhat philosophical way.
A good description of "what Linux is" can be hard to pin down, due in no small part to a level of confusion willfully propagated by IT professionals, because it makes them sound much smarter than they actually are when they come to explain it.
Because you're reading this book, I'm going to assume that you know of Linux at a high level; you know that it's an operating system (OS) like Windows or macOS, that it's not seen much of the limelight, and that it's not generally used on the desktop.
This assessment is both right and wrong, depending on who you're speaking to.
Laid-back systems administrators (sysadmins) will lean back further, nod their 80s era mohawk, and agree that Linux is an OS—and a decent one at that. They will then go back to playing with whatever trendy software they're learning this week so that they can try and shoehorn it into the infrastructure next week.
Self-proclaimed graybeards will stop what they're doing, sigh audibly, and pick up their fourth cup of coffee before swiveling around to give you a lecture on the difference between GNU/Linux (or GNU+Linux) and the Linux kernel.
The lecture you receive will be tedious, will involve names such as Richard Stallman, Linus Torvalds, and possibly even Andrew Tanenbaum, and may even take upwards of an hour, but the main takeaway will be that Linux is the accepted name of the OS you're learning about, while also being technically incorrect. They will say that Linux is really just the kernel, and everything beyond that is a distribution wrapped atop the GNU tools suite.
It is considered sensible to avoid this debate at all costs.
Understanding and choosing a distribution
Linux, as hinted at in the preceding section, is fragmented. There's no better way to describe this, due to the sheer number of different distributions you can download from a multitude of different vendors. Some of these vendors are for-profit, offering support contracts and SLAs with your purchase of their OS, and some are entirely voluntary, manned by one person in their garage.
There are literally hundreds of distributions to choose from, and each has their advocate-army to tell you why theirs is "the one true distribution" and "there's really no reason to go shopping around for a different one."
The truth of the matter is that most businesses use the Linux distribution they do because it was:
The first one that popped up when the owner Googled
free OS
The one the first IT Administrator liked
The one that offers a contract they can invoke when something breaks
Going through each distribution that's around at the moment would be futile, as they're being created or abandoned on an almost weekly basis. Instead, I'm going to run through a popular selection (in the server space, rather than the desktop), explain some key differences, and then talk about which I'll be using for the rest of this book.
Don't be deterred if the distribution your business uses isn't one we talk about here – most of the tooling is consistent across distributions, and where it differs, documentation exists to help you out.
Ubuntu
Ubuntu is the first Linux distribution I ever installed, and I'd wager the same could be said for a lot of people who started in Linux around the mid-2000s. It's also the distribution I'm using to write this book.
It has enjoyed consistent mindshare on the desktop, thanks to its decent attempt at marketing (including its position in Google's rankings when searching Linux), its perception as Linux for Human Beings, and its user-friendliness.
Downstream from Debian, Ubuntu's development is headed by Canonical, and while they started with an emphasis on making a rock-solid desktop OS, they have since moved into the lofty realms of attempting to dominate the server space, and have entered the IoT device market too.
Known also for its cutesy naming convention (18.04 being Bionic Beaver), the fact Ubuntu was so popular on the desktop meant it was the obvious distribution of choice for sysadmins to install on their servers, reaching for what they were already familiar with.
More recently, it's become increasingly common to find Ubuntu installations when dealing with inherited systems, usually a long-term support (LTS) release (so that confusion and headaches around OS upgrades can be avoided for a reasonable length of time.)
Ubuntu releases on a six-monthly cycle, with every two years being an LTS release (14.04, 16.04, and 18.04, most recently). Their numbering convention is year-released, followed by month (so April 2018 is 18.04). It is possible to upgrade from version to version of Ubuntu.
Canonical also aren't shy of introducing new technology and software in Ubuntu, even when it diverges from their Debian base. Recent examples of this include the following:
Snaps
: A way of distributing distribution-agnostic software
Upstart
: A replacement initialization system that was later also replaced by
systemd
Mir
: A display server, which was initially conceived as a way to replace the ageing X Window System
Debian
As mentioned previously, Debian (the universal OS) is the basis for a lot of other distributions that came later, but it has consistently been one of the most popular, both on the desktop and on servers. It is still highly likely that you will choose to install Debian yourself, or will inherit a system running this distribution, with its reputation for stability.
Traditionally, the server-space war was fought between two camps, the Debian Druids and the CentOS Cardinals. In more recent years, newcomers have entered the fray (like Ubuntu,) but these two still hold a considerable amount of hardware to ransom.
Releasing every two or three years, the Debian versions are named after Toy Story characters (7—Wheezy, 8—Jessie, 9—Stretch). They have a reputation for being one of the most stable Linux distributions around, with tried and tested versions of software, as well as sensibly backported fixes.
Some criticism is sometimes leveled at Debian because it generally has older versions of packages available in its release version, which may not include all the trendy and cool features a systems administrator wants, or a developer desires. This isn't fair, given that people generally look for stability and security in the server world, over the latest and greatest version of Node.js.
Debian has staunch defenders, and it holds a special place in a lot of hearts, though it's unusual to see it in some Enterprise environments because it's developed by the Debian Project, rather than a traditional company that can offer support contracts. In my anecdotally dismissible experience, I have more often seen Debian in smaller companies who needed a quick solution, and slightly larger companies who still run some legacy systems.
CentOS - the one we'll mostly be using
The other part of the traditional server-space war, CentOS features its own soldiers and martyrs. It is still widely used, and has a reputation for stability and boredom that rivals Debian's.
The Community Enterprise Operating System (CentOS) is a freely available and compiled version of the Red Hat Enterprise Linux distribution, which aims to offer functional compatibility, generally replacing the Red Hat logo with the CentOS logo to avoid trademark infringement. (In January of 2014 it was announced that Red Hat was joining forces with CentOS, to help drive and invest in CentOS development.)
Because of its nature, a lot of systems administrators have installed CentOS to better understand the Red Hat world, because (as mentioned previously) Red Hat has a good reputation in Enterprise companies, so it would make sense to install something so strikingly similar.
This installation trend goes both ways. I have seen companies who started out by installing CentOS because it was readily available and allowed them to design their infrastructure easily, utilizing publicly available and free repos, before moving to a RHEL deployment for the finished product.
I have also seen companies who deployed RHEL everywhere, only to realise that they were spending a lot of money, and never invoking the support they'd bought because their operations team was just that good! They would then gradually phase out their Red Hat deployments and move to CentOS, changing very little in the process.
Releases come about every few years, with version 7 being released in 2014, and getting consistent updates since then. However, it should be noted that version 6, which was released in 2011, will be getting maintenance updates until 2020.
Red Hat Enterprise Linux
Red Hat Enterprise Linux, or RHEL as it's more commonly known (because it's a long name), has a very firm footing in Enterprises. It targets the commercial space very well, and as a result it is not uncommon to find yourself on a RHEL box, which you've initially assumed to be a CentOS installation.
What makes RHEL different is the support offered by Red Hat, Inc. and the various services that you can utilize if you've bought an official package.
While Red Hat still offers the source code for their distribution without question (hence CentOS), they sell versions and packages for everything from the desktop up to data centre installations.
There's an adage that states "no one got fired for buying IBM," which is a little dated in this day and age, but I've heard people invoke this philosophy to describe Red Hat on more than one occasion. No one will get fired for buying Red Hat (but you might be asked what the benefits are of paying for something that's available for free under another name.)
Aside from the support, the business-like attitude that other businesses like, and the contributions back to the community as a whole, Red Hat also offer something which has been variously described as "a waste of time" and "crucial for this role."
Exams are looked at with both affection and derision, depending on who you speak to in the Linux community (as with many things, there's something of a holy war about them). Red Hat offers two of the most popular, and many more to boot. You can study for and become a Red Hat Certified System Administrator, followed by a Red Hat Certified Engineer, which are widely seen as very acceptable qualifications to have.
As a college dropout, I'm quite happy to have an RHCE qualification under my belt.
Some people see these exams as a way of getting past the first line of those hiring (as in the people who scan your CV, and look for badges they recognize). Others see them as proof that you know what you're doing around a Linux system due to the fact that these exams are practical, (meaning they sit you in front of a computer and give you a set of steps to finish.) Some people dismiss exams altogether, although they're usually the ones who've never bothered trying the exam.
Installing VirtualBox
As I said in the previous section, I've chosen to mostly use CentOS for the recipes in this book. Hopefully, this gives you a good baseline for learning about Linux Administration, but also gives you a bit of a head start if you plan on going for any of the Red Hat exams.
Instead of requiring you to have a spare laptop handy, or renting a server somewhere, I'm going to advocate using VMs for testing and running through the examples given.
VMs are exactly as they sound – a way of virtualizing computer hardware on one or a cluster of physical machines, thus allowing you to test, break, and play to your heart's content, without risking rendering your own computer unbootable.
There are many ways of creating a VM: macOS has xhyve, Windows has Hyper-V, and Linux has a native implementation called Kernel Virtual Machine (KVM).
Another way of creating and managing VMs is a program called VirtualBox, which is now developed by Oracle. The nice thing about this software, and the reason I shall be using it here, is that it's cross-platform, being produced for macOS, Windows, and Linux.
Installing VirtualBox on Ubuntu
I'm using Ubuntu to write this book, so I'll run through the basic way of installing VirtualBox on an Ubuntu desktop.
This will be slightly different to installing it on other distributions, but a good number of them package it for installation, and should provide a guide for installing it.
Command-line installation
Open your Terminal and run the following:
$ sudo apt install virtualbox
You will likely be prompted to confirm installation of VirtualBox and its dependencies (there may be a lot—it's a complex program and if you haven't updated in a while, you may get a few dependency updates too).
Hit Y and Enter to continue. The following screenshot shows an example of the installation if started from the command line:
Once done, you should have a working VirtualBox installation.
Graphical installation
If you'd like, you can also install VirtualBox through Ubuntu software.
Simply search for the software you desire, in this case, VirtualBox, and click through to its store page.
Once there, click Install and the package will be installed, no Terminal required!
After installation, your screen will change to show Launch and Remove options.
Installing VirtualBox on macOS
Although I'm using Ubuntu, it's not the end of the world if you're not. macOS is a fine OS too, and handily it supports VirtualBox.
In this recipe, we'll run through a couple of ways of installing VirtualBox in macOS. You'll find that the layout is extremely similar, regardless of the OS you use.
Command-line installation
If you already have the command-line program brew installed, then getting VirtualBox is as easy as running the following command:
$ brew cask install virtualbox
You may be prompted for a superuser password to complete the installation.
Graphical installation
Oracle also provides an installation image for macOS, if you'd like to install it in the more traditional way.
Simply navigate to https://www.virtualbox.org/wiki/Downloads and select the OS X hosts option.
This will prompt you to download the installer to your local system, which you can unpack and install.
Running through the installation, you may be prompted for your superuser password.
Installing VirtualBox on Windows
If you're not using a Linux flavor on your computer, and you're not using macOS, it's a good bet that you're running Windows (unless you've delved into FreeBSD on the desktop or similar, in which case I can't help you here—we'd need an entire afternoon).
If using Windows, I can suggest VirtualBox again, due to its cross-OS nature, and it can again be installed from Oracle's site.
Graphical installation
Like the macOS installation, navigate to https://www.virtualbox.org/wiki/Downloads and select the Windows hosts option:
This will download an executable that can be run.
Installing our chosen distribution manually
Phew, that was a journey, and we've not even started properly!
Next, we're going to look at setting up a VM manually. But fear not! We will also be looking at automating this procedure with Vagrant to avoid having to perform repetitive steps in the rest of the book.
Obtaining our CentOS installation media
The main way Linux distributions are distributed is in the form of ISO images. These images can then be burned onto a DVD as appropriate, or mounted for a VM to boot from.
Head over to https://centos.org/download/ and have a look at the options on offer.
I'm going to download the Minimal ISO, for reasons that will become clear shortly.
Clicking through should bring you to a mirror page:
This is a bandwidth-saving measure on part of the CentOS Project by prompting the end user to download from any number of different hosts. They can spread the cost of bandwidth out to volunteers.
Choose a download location near to you, and wait for the download to complete.
Checking the checksum
Once downloaded (which may take a while, since even minimal is large), you will be faced with an ISO image.
On my Ubuntu installation, I can see it in my Downloads folder:
$ ls ~/Downloads/
CentOS-7-x86_64-Minimal-1804.iso
One way to confirm our installation media and ensure that we've downloaded exactly what we expect, is to compare the Sha256 sum of the downloaded file with a known-good value. This both proves that it's the download we expect it to be, and also checks that no corruption has occurred during the file download.
CentOS provides a release notes page that we can visit to find the Sha256 sum we're comparing: https://wiki.centos.org/Manuals/ReleaseNotes.
Click through to Release Notes for CentOS 7, which should bring you to the most recent version of the release notes.
On this page, we can scroll down to Verifying Downloaded Installation Images, which will list the current Sha256 sums for the download images.
In my case, I can see that the Sha256 value for the file I just downloaded is as follows:
714acc0aefb32b7d51b515e25546835e55a90da9fb00417fbee2d03a62801efd CentOS-7-x86_64-Minimal-1804.iso
With this in hand, I can go back to where I listed out the file in my Terminal, and run a basic command to check the Sha256 value of the downloaded image:
$ sha256sum CentOS-7-x86_64-Minimal-1804.iso
714acc0aefb32b7d51b515e25546835e55a90da9fb00417fbee2d03a62801efd CentOS-7-x86_64-Minimal-1804.iso
Comparing the value from the CentOS website with the value from my downloaded image confirms that they are the same.
The media is what we expected!
Setting up our VM
Now that we have our media and VirtualBox is installed, it's time to run through manually provisioning (technical term) our machine and installing CentOS.
