Muutke küpsiste eelistusi

E-raamat: UNIX and Linux System Administration Handbook

4.45/5 (1038 hinnangut Goodreads-ist)
, , , ,
  • Formaat: 1500 pages
  • Ilmumisaeg: 14-Sep-2017
  • Kirjastus: Prentice Hall Press
  • Keel: eng
  • ISBN-13: 9780134278285
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 57,32 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
UNIX and Linux System Administration HandbookSuurem pilt
  • Formaat: 1500 pages
  • Ilmumisaeg: 14-Sep-2017
  • Kirjastus: Prentice Hall Press
  • Keel: eng
  • ISBN-13: 9780134278285
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Surveys the best practices for all aspects of system administration, covering such topics as storage management, email, Web hosting, performance analysis, virtualization, DNS, security, and configuration management.

“As an author, editor, and publisher, I never paid much attention to the competition–except in a few cases. This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against.”   

–From the Foreword by Tim O’Reilly, founder of O’Reilly Media

 

“This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems’ history but doesn’t bloviate. It’s just straightfoward information delivered in colorful and memorable fashion.”  

–Jason A. Nunnelley

“This is a comprehensive guide to the care and feeding of UNIX and Linux systems. The authors present the facts along with seasoned advice and real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility.”  

–Pat Parseghian

The twentieth anniversary edition of the world’s best-selling UNIX system administration book has been made even better by adding coverage of the leading Linux distributions: Ubuntu, openSUSE, and RHEL.  

 

This book approaches system administration in a practical way and is an invaluable reference for both new administrators and experienced professionals. It details best practices for every facet of system administration, including storage management, network design and administration, email, web hosting, scripting, software configuration management, performance analysis, Windows interoperability, virtualization, DNS, security, management of IT service organizations, and much more.UNIX® and Linux® System Administration Handbook, Fourth Edition, reflects the current versions of these operating systems:

Ubuntu® Linux
openSUSE® Linux
Red Hat® Enterprise Linux®
Oracle America® Solaris™ (formerly Sun Solaris)
HP HP-UX®
IBM AIX®

Tribute to Evi xl
Preface xlii
Foreword xliv
Acknowledgments xlvi
Section One: Basic Administration
Chapter 1 Where to Start
3(27)
Essential duties of a system administrator
4(3)
Controlling access
4(1)
Adding hardware
4(1)
Automating tasks
4(1)
Overseeing backups
4(1)
Installing and upgrading software
5(1)
Monitoring
5(1)
Troubleshooting
5(1)
Maintaining local documentation
5(1)
Vigilantly monitoring security
6(1)
Tuning performance
6(1)
Developing site policies
6(1)
Working with vendors
6(1)
Fire fighting
6(1)
Suggested background
7(1)
Linux distributions
8(1)
Example systems used in this book
9(3)
Example Linux distributions
10(1)
Example UNIX distribution
11(1)
Notation and typographical conventions
12(1)
Units
13(1)
Man pages and other on-line documentation
14(2)
Organization of the man pages
14(1)
man: read man pages
15(1)
Storage of man pages
15(1)
Other authoritative documentation
16(2)
System-specific guides
16(1)
Package-specific documentation
16(1)
Books
17(1)
RFC publications
17(1)
Other sources of information
18(1)
Keeping current
18(1)
HowTos and reference sites
19(1)
Conferences
19(1)
Ways to find and install software
19(6)
Determining if software is already installed
21(1)
Adding new software
22(1)
Building software from source code
23(1)
Installing from a web script
24(1)
Where to host
25(1)
Specialization and adjacent disciplines
26(2)
DevOps
26(1)
Site reliability engineers
27(1)
Security operations engineers
27(1)
Network administrators
27(1)
Database administrators
27(1)
Network operations center (NOC) engineers
27(1)
Data center technicians
28(1)
Architects
28(1)
Recommended reading
28(2)
System administration and DevOps
28(1)
Essential tools
29(1)
Chapter 2 Booting and System Management Daemons
30(35)
Boot process overview
30(2)
System firmware
32(3)
BIOS vs. UEFI
32(1)
Legacy BIOS
33(1)
UEFI
33(2)
Boot loaders
35(1)
GRUB: the GRand Unified Boot loader
35(4)
GRUB configuration
36(1)
The GRUB command line
37(1)
Linux kernel options
38(1)
The FreeBSD boot process
39(2)
The BIOS path: bootO
39(1)
The UEFI path
39(1)
loader configuration
40(1)
loader commands
40(1)
System management daemons
41(2)
Responsibilities of init
41(1)
Implementations of init
42(1)
Traditional init
43(1)
systemd vs. the world
43(14)
inits judged and assigned their proper punishments
44(1)
systemd in detail
44(1)
Units and unit files
45(1)
systemctl: manage systemd
46(1)
Unit statuses
47(2)
Targets
49(1)
Dependencies among units
50(1)
Execution order
51(1)
A more complex unit file example
52(1)
Local services and customizations
53(1)
Service and startup control caveats
54(2)
systemd logging
56(1)
FreeBSD init and startup scripts
57(2)
Reboot and shutdown procedures
59(1)
Shutting down physical systems
59(1)
Shutting down cloud systems
59(1)
Stratagems for a nonbooting system
60(5)
Single-user mode
61(1)
Single-user mode on FreeBSD
62(1)
Single-user mode with GRUB
62(1)
Recovery of cloud systems
62(3)
Chapter 3 Access Control and Rootly Powers
65(25)
Standard UNIX access control
66(3)
Filesystem access control
66(1)
Process ownership
67(1)
The root account
67(1)
Setuid and setgid execution
68(1)
Management of the root account
69(10)
Root account login
69(1)
su: substitute user identity
70(1)
sudo: limited su
70(8)
Example configuration
71(1)
sudo pros and cons
72(1)
sudo vs. advanced access control
73(1)
Typical setup
74(1)
Environment management
74(1)
sudo without passwords
75(1)
Precedence
75(1)
sudo without a control terminal
76(1)
Site-wide sudo configuration
76(2)
Disabling the root account
78(1)
System accounts other than root
78(1)
Extensions to the standard access control model
79(4)
Drawbacks of the standard model
80(1)
PAM: Pluggable Authentication Modules
80(1)
Kerberos: network cryptographic authentication
81(1)
Filesystem access control lists
81(1)
Linux capabilities
82(1)
Linux namespaces
82(1)
Modern access control
83(6)
Separate ecosystems
84(1)
Mandatory access control
84(1)
Role-based access control
85(1)
SELinux: Security-Enhanced Linux
85(2)
AppArmor
87(2)
Recommended reading
89(1)
Chapter 4 Process Control
90(30)
Components of a process
90(3)
PID: process ID number
91(1)
PPID: parent PID
91(1)
UID and EUID: real and effective user ID
92(1)
GID and EGID: real and effective group ID
92(1)
Niceness
93(1)
Control terminal
93(1)
The life cycle of a process
93(5)
Signals
94(3)
kill: send signals
97(1)
Process and thread states
97(1)
ps: monitor processes
98(3)
Interactive monitoring with top
101(1)
nice and renice: influence scheduling priority
102(2)
The /proc filesystem
104(1)
strace and truss: trace signals and system calls
105(2)
Runaway processes
107(2)
Periodic processes
109(11)
cron: schedule commands
109(4)
The format of crontab files
110(2)
Crontab management
112(1)
Other crontabs
112(1)
cron access control
113(1)
systemd timers
113(5)
Structure of systemd timers
114(1)
systemd timer example
114(2)
systemd time expressions
116(1)
Transient timers
117(1)
Common uses for scheduled tasks
118(8)
Sending mail
118(1)
Cleaning up a filesystem
118(1)
Rotating a log file
118(1)
Running batch jobs
118(1)
Backing up and mirroring
119(1)
Chapter 5 The Filesystem
120(33)
Pathnames
122(1)
Filesystem mounting and unmounting
122(3)
Organization of the file tree
125(1)
File types
126(6)
Regular files
129(1)
Directories
129(1)
Hard links
129(1)
Character and block device files
130(1)
Local domain sockets
131(1)
Named pipes
131(1)
Symbolic links
131(1)
File attributes
132(8)
The permission bits
132(1)
The setuid and setgid bits
133(1)
The sticky bit
134(1)
Is: list and inspect files
134(2)
chmod: change permissions
136(1)
chown and chgrp: change ownership and group
137(1)
umask: assign default permissions
138(1)
Linux bonus flags
139(1)
Access control lists
140(13)
A cautionary note
141(1)
ACL types
141(1)
Implementation of ACLs
142(1)
Linux ACL support
142(1)
FreeBSD ACL support
143(1)
POSIX ACLs
143(4)
Interaction between traditional modes and ACLs
144(2)
POSIX access determination
146(1)
POSIX ACL inheritance
146(1)
NFSv4 ACLs
147(7)
NFSv4 entities for which permissions can be specified
148(1)
NFSv4 access determination
149(1)
ACL inheritance in NFSv4
149(1)
NFSv4 ACL viewing
150(1)
Interactions between ACLs and modes
151(1)
NFSv4 ACL setup
151(2)
Chapter 6 Software Installation and Management
153(29)
Operating system installation
154(8)
Installing from the network
154(1)
Setting up PXE
155(1)
Using kickstart, the automated installer for Red Hat and CentOS
156(3)
Setting up a kickstart configuration file
156(2)
Building a kickstart server
158(1)
Pointing kickstart at your config file
158(1)
Automating installation for Debian and Ubuntu
159(2)
Netbooting with Cobbler, the open source Linux provisioning server
161(1)
Automating FreeBSD installation
161(1)
Managing packages
162(2)
Linux package management systems
164(2)
rpm: manage RPM packages
164(2)
dpkg: manage .deb packages
166(1)
High-level Linux package management systems
166(9)
Package repositories
167(2)
RHN: the Red Hat Network
169(1)
APT: the Advanced Package Tool
169(1)
Repository configuration
170(1)
An example /etc/apt/sources.list file
171(1)
Creation of a local repository mirror
172(1)
APT automation
173(1)
yum: release management for RPM
174(1)
FreeBSD software management
175(3)
The base system
175(1)
pkg: the FreeBSD package manager
176(1)
The ports collection
177(1)
Software localization and configuration
178(3)
Organizing your localization
179(1)
Structuring updates
179(1)
Limiting the field of play
180(1)
Testing
180(1)
Recommended reading
181(1)
Chapter 7 Scripting and the Shell
182(61)
Scripting philosophy
183(6)
Write microscripts
183(1)
Learn a few tools well
184(1)
Automate all the things
184(1)
Don't optimize prematurely
185(1)
Pick the right scripting language
186(1)
Follow best practices
187(2)
Shell basics
189(9)
Command editing
190(1)
Pipes and redirection
190(2)
Variables and quoting
192(1)
Environment variables
193(1)
Common filter commands
194(4)
cut: separate lines into fields
194(1)
sort: sort lines
194(1)
uniq: print unique lines
195(1)
wc: count lines, words, and characters
196(1)
tee: copy input to two places
196(1)
head and tail: read the beginning or end of a file
196(1)
grep: search text
197(1)
sh scripting
198(11)
Execution
198(1)
From commands to scripts
199(2)
Input and output
201(1)
Spaces in filenames
202(1)
Command-line arguments and functions
203(2)
Control flow
205(2)
Loops
207(2)
Arithmetic
209(1)
Regular expressions
209(6)
The matching process
210(1)
Literal characters
210(1)
Special characters
210(1)
Example regular expressions
211(2)
Captures
213(1)
Greediness, laziness, and catastrophic backtracking
213(2)
Python programming
215(8)
The passion of Python 3
215(1)
Python 2 or Python 3?
216(1)
Python quick start
216(2)
Objects, strings, numbers, lists, dictionaries, tuples, and files
218(2)
Input validation example
220(1)
Loops
221(2)
Ruby programming
223(6)
Installation
223(1)
Ruby quick start
224(1)
Blocks
225(2)
Symbols and option hashes
227(1)
Regular expressions in Ruby
227(2)
Ruby as a filter
229(1)
Library and environment management for Python and Ruby
229(6)
Finding and installing packages
229(1)
Creating reproducible environments
230(1)
Multiple environments
231(4)
virtualenv: virtual environments for Python
232(1)
RVM: the Ruby environment Manager
232(3)
Revision control with Git
235(6)
A simple Git example
236(3)
Git caveats
239(1)
Social coding with Git
239(2)
Recommended reading
241(2)
Shells and shell scripting
241(1)
Regular expressions
241(1)
Python
242(1)
Ruby
242(1)
Chapter 8 User Management
243(27)
Account mechanics
244(1)
The /etc/passwd file
245(5)
Login name
245(1)
Encrypted password
246(2)
UID (user ID) number
248(1)
Default GID (group ID) number
249(1)
GECOS field
249(1)
Home directory
250(1)
Login shell
250(1)
The Linux /etc/shadow file
250(2)
FreeBSD's /etc/master.passwd and /etc/login.conf files
252(2)
The /etc/master.passwd file
252(1)
The /etc/login.conf file
253(1)
The /etc/group file
254(1)
Manual steps for adding users
255(5)
Editing the passwd and group files
256(1)
Setting a password
257(1)
Creating the home directory and installing startup files
257(2)
Setting home directory permissions and ownerships
259(1)
Configuring roles and administrative privileges
259(1)
Finishing up
260(1)
Scripts for adding users: useradd, adduser, and newusers
260(4)
useradd on Linux
261(1)
adduser on Debian and Ubuntu
262(1)
adduser on FreeBSD
262(1)
newusers on Linux: adding in bulk
263(1)
Safe removal of a user's account and files
264(1)
User login lockout
265(1)
Risk reduction with PAM
266(1)
Centralized account management
266(4)
LDAP and Active Directory
267(1)
Application-level single sign-on systems
267(1)
Identity management systems
268(2)
Chapter 9 Cloud Computing
270(24)
The cloud in context
271(2)
Cloud platform choices
273(3)
Public, private, and hybrid clouds
273(1)
Amazon Web Services
274(1)
Google Cloud Platform
275(1)
DigitalOcean
275(1)
Cloud service fundamentals
276(7)
Access to the cloud
277(1)
Regions and availability zones
278(1)
Virtual private servers
279(1)
Networking
280(1)
Storage
281(1)
Identity and authorization
281(1)
Automation
282(1)
Serverless functions
282(1)
Clouds: VPS quick start by platform
283(8)
Amazon Web Services
283(5)
aws: control AWS subsystems
284(1)
Creating an EC2 instance
284(2)
Viewing the console log
286(1)
Stopping and terminating instances
287(1)
Google Cloud Platform
288(1)
Setting up gcloud
288(1)
Running an instance on GCE
288(1)
DigitalOcean
289(2)
Cost control
291(2)
Recommended Reading
293(1)
Chapter 10 Logging
294(31)
Log locations
296(3)
Files not to manage
298(1)
How to view logs in the systemd journal
298(1)
The systemd journal
299(3)
Configuring the systemd journal
300(1)
Adding more filtering options for journalctl
301(1)
Coexisting with syslog
301(1)
Syslog
302(16)
Reading syslog messages
303(1)
Rsyslog architecture
304(1)
Rsyslog versions
304(1)
Rsyslog configuration
305(9)
Modules
306(1)
sysklogd syntax
307(4)
Legacy directives
311(1)
RainerScript
312(2)
Config file examples
314(3)
Basic rsyslog configuration
314(1)
Network logging client
315(1)
Central logging host
316(1)
Syslog message security
317(1)
Syslog configuration debugging
318(1)
Kernel and boot-time logging
318(1)
Management and rotation of log files
319(2)
logrotate: cross-platform log management
319(2)
newsyslog: log management on FreeBSD
321(1)
Management of logs at scale
321(2)
The ELK stack
321(1)
Graylog
322(1)
Logging as a service
323(1)
Logging policies
323(2)
Chapter 11 Drivers and the Kernel
325(35)
Kernel chores for system administrators
326(1)
Kernel version numbering
327(1)
Linux kernel versions
327(1)
FreeBSD kernel versions
328(1)
Devices and their drivers
328(11)
Device files and device numbers
329(1)
Challenges of device file management
330(1)
Manual creation of device files
331(1)
Modern device file management
331(1)
Linux device management
331(6)
Sysfs: a window into the souls of devices
332(1)
udevadm: explore devices
333(1)
Rules and persistent names
334(3)
FreeBSD device management
337(2)
Devfs: automatic device file configuration
337(1)
deed: higher-level device management
338(1)
Linux kernel configuration
339(5)
Tuning Linux kernel parameters
339(2)
Building a custom kernel
341(3)
If it ain't broke, don't fix it
341(1)
Setting up to build the Linux kernel
341(1)
Configuring kernel options
342(1)
Building the kernel binary
343(1)
Adding a Linux device driver
344(1)
FreeBSD kernel configuration
344(2)
Tuning FreeBSD kernel parameters
344(1)
Building a FreeBSD kernel
345(1)
Loadable kernel modules
346(2)
Loadable kernel modules in Linux
346(2)
Loadable kernel modules in FreeBSD
348(1)
Booting
348(7)
Linux boot messages
349(4)
FreeBSD boot messages
353(2)
Booting alternate kernels in the cloud
355(1)
Kernel errors
356(3)
Linux kernel errors
356(3)
FreeBSD kernel panics
359(1)
Recommended reading
359(1)
Chapter 12 Printing
360(15)
CUPS printing
361(4)
Interfaces to the printing system
361(1)
The print queue
362(1)
Multiple printers and queues
363(1)
Printer instances
363(1)
Network printer browsing
363(1)
Filters
364(1)
CUPS server administration
365(4)
Network print server setup
365(1)
Printer autoconfiguration
366(1)
Network printer configuration
367(1)
Printer configuration examples
367(1)
Service shutoff
368(1)
Other configuration tasks
368(1)
Troubleshooting tips
369(2)
Print daemon restart
369(1)
Log files
369(1)
Direct printing connections
370(1)
Network printing problems
370(1)
Recommended reading
371(4)
Section Two: Networking
Chapter 13 TCP/IP Networking
375(84)
TCP/IP and its relationship to the Internet
375(1)
Who runs the Internet?
376(1)
Network standards and documentation
376(8)
Networking basics
378(1)
IPv4 and IPv6
379(2)
Packets and encapsulation
381(1)
Ethernet framing
382(1)
Maximum transfer unit
382(2)
Packet addressing
384(3)
Hardware (MAC) addressing
384(1)
IP addressing
385(1)
Hostname "addressing"
385(1)
Ports
385(1)
Address types
386(1)
IP addresses: the gory details
387(11)
IPv4 address classes
387(1)
IPv4 subnetting
388(2)
Tricks and tools for subnet arithmetic
390(1)
CIDR: Classless Inter-Domain Routing
391(1)
Address allocation
392(1)
Private addresses and network address translation (NAT)
392(2)
IPv6 addressing
394(4)
IPv6 address notation
395(1)
IPv6 prefixes
396(1)
Automatic host numbering
397(1)
Stateless address autoconfiguration
397(1)
IPv6 tunneling
398(1)
IPv6 information sources
398(1)
Routing
398(3)
Routing tables
399(2)
ICMP redirects
401(1)
IPv4 ARP and IPv6 neighbor discovery
401(1)
DHCP: the Dynamic Host Configuration Protocol
402(4)
DHCP software
403(1)
DHCP behavior
404(1)
ISC's DHCP software
404(2)
Security issues
406(4)
IP forwarding
406(1)
ICMP redirects
407(1)
Source routing
407(1)
Broadcast pings and other directed broadcasts
407(1)
IP spoofing
408(1)
Host-based firewalls
408(1)
Virtual private networks
409(1)
Basic network configuration
410(7)
Hostname and IP address assignment
411(1)
Network interface and IP configuration
412(2)
Routing configuration
414(1)
DNS configuration
415(1)
System-specific network configuration
416(1)
Linux networking
417(8)
NetworkManager
417(1)
ip: manually configure a network
418(1)
Debian and Ubuntu network configuration
419(1)
Red Hat and CentOS network configuration
419(2)
Linux network hardware options
421(1)
Linux TCP/IP options
422(2)
Security-related kernel variables
424(1)
FreeBSD networking
425(3)
ifconfig: configure network interfaces
425(1)
FreeBSD network hardware configuration
426(1)
FreeBSD boot-time network configuration
426(1)
FreeBSD TCP/IP configuration
427(1)
Network troubleshooting
428(9)
ping: check to see if a host is alive
429(2)
traceroute: trace IP packets
431(3)
Packet sniffers
434(3)
tcpdump: command-line packet sniffer
435(1)
Wireshark and TShark: tcpdump on steroids
436(1)
Network monitoring
437(3)
SmokePing: gather ping statistics over time
437(1)
iPerf: track network performance
437(1)
Cacti: collect and graph data
438(2)
Firewalls and NAT
440(8)
Linux iptables: rules, chains, and tables
440(5)
iptables rule targets
441(1)
iptables firewall setup
442(1)
A complete example
442(2)
Linux NAT and packet filtering
444(1)
IPFilter for UNIX systems
445(3)
Cloud networking
448(9)
AWS's virtual private cloud (VPC)
448(7)
Subnets and routing tables
449(1)
Security groups and NACLs
450(1)
A sample VPC architecture
451(1)
Creating a VPC with Terraform
452(3)
Google Cloud Platform networking
455(1)
DigitalOcean networking
456(1)
Recommended reading
457(2)
History
457(1)
Classics and bibles
458(1)
Protocols
458(1)
Chapter 14 Physical Networking
459(22)
Ethernet: the Swiss Army knife of networking
460(9)
Ethernet signaling
460(1)
Ethernet topology
461(1)
Unshielded twisted-pair cabling
462(2)
Optical fiber
464(1)
Ethernet connection and expansion
465(2)
Hubs
465(1)
Switches
465(1)
VLAN-capable switches
466(1)
Routers
467(1)
Autonegotiation
467(1)
Power over Ethernet
468(1)
Jumbo frames
468(1)
Wireless: Ethernet for nomads
469(4)
Wireless standards
469(1)
Wireless client access
470(1)
Wireless infrastructure and WAPs
470(3)
Wireless topology
471(1)
Small money wireless
472(1)
Big money wireless
472(1)
Wireless security
473(1)
SDN: software-defined networking
473(1)
Network testing and debugging
474(1)
Building wiring
475(1)
UTP cabling options
475(1)
Connections to offices
475(1)
Wiring standards
475(1)
Network design issues
476(2)
Network architecture vs. building architecture
477(1)
Expansion
477(1)
Congestion
478(1)
Maintenance and documentation
478(1)
Management issues
478(1)
Recommended vendors
479(1)
Cables and connectors
479(1)
Test equipment
480(1)
Routers/switches
480(1)
Recommended reading
480(1)
Chapter 15 IP Routing
481(17)
Packet forwarding: a closer look
482(3)
Routing daemons and routing protocols
485(3)
Distance-vector protocols
486(1)
Link-state protocols
487(1)
Cost metrics
487(1)
Interior and exterior protocols
488(1)
Protocols on parade
488(2)
RIP and RIPng: Routing Information Protocol
488(1)
OSPF: Open Shortest Path First
489(1)
EIGRP: Enhanced Interior Gateway Routing Protocol
490(1)
BGP: Border Gateway Protocol
490(1)
Routing protocol multicast coordination
490(1)
Routing strategy selection criteria
490(2)
Routing daemons
492(2)
routed: obsolete RIP implementation
492(1)
Quagga: mainstream routing daemon
493(1)
XORP: router in a box
494(1)
Cisco routers
494(2)
Recommended reading
496(2)
Chapter 16 DNS: The Domain Name System
498(80)
DNS architecture
499(1)
Queries and responses
499(1)
DNS service providers
500(1)
DNS for lookups
500(2)
resolv.conf: client resolver configuration
500(1)
nsswitch.conf: who do I ask for a name?
501(1)
The DNS namespace
502(1)
Registering a domain name
503(1)
Creating your own subdomains
503(1)
How DNS works
503(9)
Name servers
504(1)
Authoritative and caching-only servers
505(1)
Recursive and nonrecursive servers
505(1)
Resource records
506(1)
Delegation
506(2)
Caching and efficiency
508(1)
Multiple answers and round robin DNS load balancing
508(1)
Debugging with query tools
509(3)
The DNS database
512(13)
Parser commands in zone files
512(1)
Resource records
513(3)
The SOA record
516(2)
NS records
518(1)
A records
519(1)
AAAA records
519(1)
PTR records
520(1)
MX records
521(1)
CNAME records
522(1)
SRV records
523(1)
TXT records
524(1)
SPF, DKIM, and DMARC records
525(1)
DNSSEC records
525(1)
The BIND software
525(16)
Components of BIND
525(1)
Configuration files
526(1)
The include statement
527(1)
The options statement
528(6)
The a cl statement
534(1)
The (TSIG) key statement
534(1)
The server statement
535(1)
The masters statement
535(1)
The logging statement
536(1)
The statistics-channels statement
536(1)
The zone statement
536(4)
Configuring the master server for a zone
537(1)
Configuring a slave server for a zone
538(1)
Setting up the root server hints
539(1)
Setting up a forwarding zone
539(1)
The controls statement for rndc
540(1)
Split DNS and the view statement
541(2)
BIND configuration examples
543(4)
The localhost zone
543(1)
A small security company
544(3)
Zone file updating
547(4)
Zone transfers
548(1)
Dynamic updates
549(2)
DNS security issues
551(17)
Access control lists in BIND, revisited
552(1)
Open resolvers
553(1)
Running in a chrooted jail
554(1)
Secure server-to-server communication with TSIG and TKEY
554(1)
Setting up TSIG for BIND
555(2)
DNSSEC
557(1)
DNSSEC policy
558(1)
DNSSEC resource records
558(2)
Turning on DNSSEC
560(1)
Key pair generation
560(2)
Zone signing
562(2)
The DNSSEC chain of trust
564(1)
DNSSEC key rollover
565(1)
DNSSEC tools
566(1)
ldns tools, nlnetlabs.nl/projects/ldns
566(1)
dnssec-tools.org
566(1)
RIPE tools, ripe.net
567(1)
OpenDNSSEC, opendnssec.org
567(1)
Debugging DNSSEC
567(1)
BIND debugging
568(8)
Logging in BIND
568(6)
Channels
569(1)
Categories
570(1)
Log messages
570(3)
Sample BIND logging configuration
573(1)
Debug levels in BIND
573(1)
Name server control with rndc
574(1)
Command-line querying for lame delegations
575(1)
Recommended reading
576(2)
Books and other documentation
577(1)
On-line resources
577(1)
The RFCs
577(1)
Chapter 17 Single Sign-On
578(18)
Core SSO elements
579(1)
LDAP: "lightweight" directory services
580(6)
Uses for LDAP
580(1)
The structure of LDAP data
581(1)
OpenLDAP: the traditional open source LDAP server
582(1)
389 Directory Server: alternative open source LDAP server
583(1)
LDAP Querying
584(1)
Conversion of passwd and group files to LDAP
585(1)
Using directory services for login
586(8)
Kerberos
586(3)
Linux Kerberos configuration for AD integration
587(1)
FreeBSD Kerberos configuration for AD integration
587(2)
sssd: the System Security Services Daemon
589(1)
nsswitch.conf: the name service switch
590(1)
PAM: cooking spray or authentication wonder?
590(4)
PAM configuration
591(1)
PAM example
592(2)
Alternative approaches
594(1)
NIS: the Network Information Service
594(1)
rsync: transfer files securely
594(1)
Recommended reading
595(1)
Chapter 18 Electronic Mail
596(78)
Mail system architecture
597(3)
User agents
597(1)
Submission agents
598(1)
Transport agents
598(1)
Local delivery agents
599(1)
Message stores
599(1)
Access agents
599(1)
Anatomy of a mail message
600(3)
The SMTP protocol
603(2)
You had me at EHLO
604(1)
SMTP error codes
604(1)
SMTP authentication
604(1)
Spam and malware
605(2)
Forgeries
606(1)
SPF and Sender ID
606(1)
DKIM
607(1)
Message privacy and encryption
607(1)
Mail aliases
608(4)
Getting aliases from files
610(1)
Mailing to files
611(1)
Mailing to programs
611(1)
Building the hashed alias database
612(1)
Email configuration
612(1)
sendmail
613(27)
The switch file
614(1)
Starting sendmail
615(1)
Mail queues
616(1)
sendmail configuration
617(1)
The m4 preprocessor
617(1)
The sendmail configuration pieces
618(1)
A configuration file built from a sample.mc file
619(1)
Configuration primitives
620(1)
Tables and databases
620(1)
Generic macros and features
621(5)
OSTYPE macro
621(1)
DOMAIN macro
621(1)
MAILER macro
622(1)
FEATURE macro
622(1)
use_cw_file feature
622(1)
redirect feature
623(1)
always_add_domain feature
623(1)
access_db feature
623(1)
virtusertable feature
624(1)
ldap_routing feature
624(1)
Masquerading features
625(1)
MAIL_HUB and SMART_HOST macros
626(1)
Client configuration
626(1)
m4 configuration options
627(1)
Spam-related features in sendmail
628(4)
Relay control
629(1)
User or site blacklisting
630(1)
Throttles, rates, and connection limits
631(1)
Security and sendmail
632(6)
Ownerships
633(1)
Permissions
634(1)
Safer mail to files and programs
634(1)
Privacy options
635(1)
Running a chrooted sendmail (for the truly paranoid)
636(1)
Denial of service attacks
636(1)
TLS: Transport Layer Security
637(1)
sendmail testing and debugging
638(2)
Queue monitoring
638(1)
Logging
639(1)
Exim
640(18)
Exim installation
640(2)
Exim startup
642(1)
Exim utilities
642(1)
Exim configuration language
643(1)
Exim configuration file
644(1)
Global options
645(2)
Options
645(1)
Lists
646(1)
Macros
647(1)
Access control lists (ACLs)
647(3)
Content scanning at ACL time
650(1)
Authenticators
651(1)
Routers
652(3)
The accept router
653(1)
The dnslookup router
653(1)
The manualroute router
653(1)
The redirect router
654(1)
Per-user filtering through .forward files
655(1)
Transports
655(1)
The appendfile transport
655(1)
The smtp transport
656(1)
Retry configuration
656(1)
Rewriting configuration
657(1)
Local scan function
657(1)
Logging
657(1)
Debugging
658(1)
Postfix
658(14)
Postfix architecture
659(2)
Receiving mail
659(1)
Managing mail-waiting queues
660(1)
Sending mail
660(1)
Security
661(1)
Postfix commands and documentation
661(1)
Postfix configuration
661(4)
What to put in main.cf
662(1)
Basic settings
662(1)
Null client
662(1)
Use of postconf
663(1)
Lookup tables
663(1)
Local delivery
664(1)
Virtual domains
665(2)
Virtual alias domains
666(1)
Virtual mailbox domains
667(1)
Access control
667(3)
Access tables
669(1)
Authentication of clients and encryption
670(1)
Debugging
670(2)
Looking at the queue
671(1)
Soft-bouncing
671(1)
Recommended reading
672(2)
sendmail references
672(1)
Exim references
672(1)
Postfix references
672(1)
RFCs
673(1)
Chapter 19 Web Hosting
674(43)
HTTP: the Hypertext Transfer Protocol
674(8)
Uniform Resource Locators (URLs)
675(1)
Structure of an HTTP transaction
676(3)
HTTP requests
677(1)
HTTP responses
677(1)
Headers and the message body
678(1)
curl: HTTP from the command line
679(1)
TCP connection reuse
680(1)
HTTP over TLS
681(1)
Virtual hosts
681(1)
Web software basics
682(12)
Web servers and HTTP proxy software
683(1)
Load balancers
684(2)
Caches
686(3)
Browser caches
687(1)
Proxy cache
688(1)
Reverse proxy cache
688(1)
Cache problems
688(1)
Cache software
689(1)
Content delivery networks
689(2)
Languages of the web
691(1)
Ruby
691(1)
Python
691(1)
Java
691(1)
Node.js
691(1)
PHP
692(1)
Go
692(1)
Application programming interfaces (APIs)
692(2)
Web hosting in the cloud
694(2)
Build versus buy
694(1)
Platform-as-a-Service
695(1)
Static content hosting
695(1)
Serverless web applications
696(1)
Apache httpd
696(8)
httpd in use
697(1)
httpd configuration logistics
698(1)
Virtual host configuration
699(4)
HTTP basic authentication
701(1)
Configuring TLS
702(1)
Running web applications within Apache
702(1)
Logging
703(1)
NGINX
704(6)
Installing and running NGINX
704(1)
Configuring NGINX
705(3)
Configuring TLS for NGINX
708(1)
Load balancing with NGINX
708(2)
HAProxy
710(4)
Health checks
711(1)
Server statistics
712(1)
Sticky sessions
712(1)
TLS termination
713(1)
Recommended reading
714(3)
Section Three: Storage
Chapter 20 Storage
717(74)
I just want to add a disk!
718(3)
Linux recipe
719(1)
FreeBSD recipe
720(1)
Storage hardware
721(9)
Hard disks
722(3)
Hard disk reliability
723(1)
Failure modes and metrics
723(1)
Drive types
724(1)
Warranties and retirement
725(1)
Solid state disks
725(3)
Rewritability limits
726(1)
Flash memory and controller types
726(1)
Page clusters and pre-erasing
727(1)
SSD reliability
727(1)
Hybrid drives
728(1)
Advanced Format and 4KiB blocks
729(1)
Storage hardware interfaces
730(3)
The SATA interface
730(1)
The PCI Express interface
730(1)
The SAS interface
731(1)
USB
732(1)
Attachment and low-level management of drives
733(6)
Installation verification at the hardware level
733(1)
Disk device files
734(1)
Ephemeral device names
735(1)
Formatting and bad block management
735(2)
ATA secure erase
737(1)
hdparm and camcontrol: set disk and interface parameters
738(1)
Hard disk monitoring with SMART
738(1)
The software side of storage: peeling the onion
739(3)
Elements of a storage system
740(2)
The Linux device mapper
742(1)
Disk partitioning
742(5)
Traditional partitioning
744(1)
MBR partitioning
745(1)
GPT: GUID partition tables
746(1)
Linux partitioning
746(1)
FreeBSD partitioning
747(1)
Logical volume management
747(6)
Linux logical volume management
748(5)
Volume snapshots
750(1)
Filesystem resizing
751(2)
FreeBSD logical volume management
753(1)
RAID: redundant arrays of inexpensive disks
753(9)
Software vs. hardware RAID
753(1)
RAID levels
754(2)
Disk failure recovery
756(1)
Drawbacks of RAID 5
757(1)
mdadm: Linux software RAID
758(5)
Creating an array
758(2)
mdadm.conf: document array configuration
760(1)
Simulating a failure
761(1)
Filesystems
762(1)
Traditional filesystems: UFS, ext4, and XFS
763(9)
Filesystem terminology
764(1)
Filesystem polymorphism
765(1)
Filesystem formatting
766(1)
fsck: check and repair filesystems
766(1)
Filesystem mounting
767(1)
Setup for automatic mounting
768(2)
USB drive mounting
770(1)
Swapping recommendations
770(2)
Next-generation filesystems: ZFS and Btrfs
772(1)
Copy-on-write
772(1)
Error detection
772(1)
Performance
773(1)
ZFS: all your storage problems solved
773(10)
ZFS on Linux
774(1)
ZFS architecture
774(1)
Example: disk addition
775(1)
Filesystems and properties
776(1)
Property inheritance
777(1)
One filesystem per user
778(1)
Snapshots and clones
779(1)
Raw volumes
780(1)
Storage pool management
781(2)
Btrfs: "ZFS lite" for Linux
783(5)
Btrfs vs. ZFS
783(1)
Setup and storage conversion
784(2)
Volumes and subvolumes
786(1)
Volume snapshots
787(1)
Shallow copies
788(1)
Data backup strategy
788(2)
Recommended reading
790(1)
Chapter 21 The Network File System
791(28)
Meet network file services
791(3)
The competition
792(1)
Issues of state
792(1)
Performance concerns
793(1)
Security
793(1)
The NFS approach
794(7)
Protocol versions and history
794(1)
Remote procedure calls
795(1)
Transport protocols
795(1)
State
796(1)
Filesystem exports
796(1)
File locking
797(1)
Security concerns
798(1)
Identity mapping in version 4
799(1)
Root access and the nobody account
800(1)
Performance considerations in version 4
801(1)
Server-side NFS
801(6)
Linux exports
802(2)
FreeBSD exports
804(2)
nfsd: serve files
806(1)
Client-side NFS
807(3)
Mounting remote filesystems at boot time
810(1)
Restricting exports to privileged ports
810(1)
Identity mapping for NFS version 4
810(1)
nfsstat: dump NFS statistics
811(1)
Dedicated NFS file servers
812(1)
Automatic mounting
812(6)
Indirect maps
814(1)
Direct maps
814(1)
Master maps
815(1)
Executable maps
815(1)
Automount visibility
816(1)
Replicated filesystems and automount
816(1)
Automatic automounts (V3; all but Linux)
817(1)
Specifics for Linux
817(1)
Recommended reading
818(1)
Chapter 22 SMB
819(14)
Samba: SMB server for UNIX
820(1)
Installing and configuring Samba
821(4)
File sharing with local authentication
822(1)
File sharing with accounts authenticated by Active Directory
822(1)
Configuring shares
823(4)
Sharing home directories
823(1)
Sharing project directories
824(1)
Mounting SMB file shares
825(1)
Browsing SMB file shares
826(1)
Ensuring Samba security
826(1)
Debugging Samba
827(2)
Querying Samba's state with smbstatus
827(1)
Configuring Samba logging
828(1)
Managing character sets
829(1)
Recommended reading
829(4)
Section Four: Operations
Chapter 23 Configuration Management
833(67)
Configuration management in a nutshell
834(1)
Dangers of configuration management
834(1)
Elements of configuration management
835(6)
Operations and parameters
835(2)
Variables
837(1)
Facts
838(1)
Change handlers
838(1)
Bindings
838(1)
Bundles and bundle repositories
839(1)
Environments
839(1)
Client inventory and registration
840(1)
Popular CM systems compared
841(11)
Terminology
842(1)
Business models
842(1)
Architectural options
843(2)
Language options
845(1)
Dependency management options
846(2)
General comments on Chef
848(1)
General comments on Puppet
849(1)
General comments on Ansible and Salt
850(1)
YAML: a rant
850(2)
Introduction to Ansible
852(19)
Ansible example
853(2)
Client setup
855(2)
Client groups
857(1)
Variable assignments
858(1)
Dynamic and computed client groups
859(1)
Task lists
860(2)
state parameters
862(1)
Iteration
862(1)
Interaction with Jinja
863(1)
Template rendering
863(1)
Bindings: plays and playbooks
864(2)
Roles
866(2)
Recommendations for structuring the configuration base
868(1)
Ansible access options
869(2)
Introduction to Salt
871(22)
Minion setup
873(1)
Variable value binding for minions
874(2)
Minion matching
876(1)
Salt states
877(1)
Salt and Jinja
878(2)
State IDs and dependencies
880(2)
State and execution functions
882(1)
Parameters and names
883(3)
State binding to minions
886(1)
Highstates
886(1)
Salt formulas
887(1)
Environments
888(4)
Documentation roadmap
892(1)
Ansible and Salt compared
893(2)
Deployment flexibility and scalability
893(1)
Built-in modules and extensibility
894(1)
Security
894(1)
Miscellaneous
895(1)
Best practices
895(4)
Recommended reading
899(1)
Chapter 24 Virtualization
900(15)
Virtual vernacular
901(4)
Hypervisors
901(3)
Full virtualization
901(1)
Paravirtualization
902(1)
Hardware-assisted virtualization
902(1)
Paravirtualized drivers
902(1)
Modern virtualization
903(1)
Type 1 vs. type 2 hypervisors
903(1)
Live migration
904(1)
Virtual machine images
904(1)
Containerization
904(1)
Virtualization with Linux
905(5)
Xen
906(1)
Xen guest installation
907(1)
KVM
908(1)
KVM guest installation
909(1)
FreeBSD bhyve
910(1)
VMware
910(1)
VirtualBox
911(1)
Packer
911(2)
Vagrant
913(1)
Recommended reading
914(1)
Chapter 25 Containers
915(34)
Background and core concepts
916(3)
Kernel support
917(1)
Images
917(1)
Networking
918(1)
Docker: the open source container engine
919(18)
Basic architecture
919(2)
Installation
921(1)
Client setup
921(1)
The container experience
922(4)
Volumes
926(1)
Data volume containers
927(1)
Docker networks
927(3)
Namespaces and the bridge network
928(2)
Network overlays
930(1)
Storage drivers
930(1)
dockerd option editing
930(2)
Image building
932(4)
Choosing a base image
933(1)
Building from a Dockerfile
933(1)
Composing a derived Dockerfile
934(2)
Registries
936(1)
Containers in practice
937(5)
Logging
938(1)
Security advice
939(3)
Restrict access to the daemon
939(1)
Use TLS
940(1)
Run processes as unprivileged users
940(1)
Use a read-only root filesystem
941(1)
Limit capabilities
941(1)
Secure images
941(1)
Debugging and troubleshooting
942(1)
Container clustering and management
942(6)
A synopsis of container management software
944(1)
Kubernetes
944(2)
Mesos and Marathon
946(1)
Docker Swarm
947(1)
AWS EC2 Container Service
947(1)
Recommended reading
948(1)
Chapter 26 Continuous Integration and Delivery
949(32)
CI/CD essentials
951(4)
Principles and practices
951(2)
Use revision control
952(1)
Build once, deploy often
952(1)
Automate end-to-end
952(1)
Build every integration commit
952(1)
Share responsibility
953(1)
Build fast, fix fast
953(1)
Audit and verify
953(1)
Environments
953(2)
Feature flags
955(1)
Pipelines
955(6)
The build process
956(1)
Testing
957(2)
Deployment
959(1)
Zero-downtime deployment techniques
960(1)
Jenkins: the open source automation server
961(3)
Basic Jenkins concepts
962(1)
Distributed builds
963(1)
Pipeline as code
963(1)
CI/CD in practice
964(14)
UlsahGo, a trivial web application
966(1)
Unit testing UlsahGo
966(2)
Taking first steps with the Jenkins Pipeline
968(2)
Building a DigitalOcean image
970(2)
Provisioning a single system for testing
972(3)
Testing the droplet
975(1)
Deploying UlsahGo to a pair of droplets and a load balancer
976(1)
Concluding the demonstration pipeline
977(1)
Containers and CI/CD
978(2)
Containers as a build environment
979(1)
Container images as build artifacts
979(1)
Recommended reading
980(1)
Chapter 27 Security
981(59)
Elements of security
983(1)
How security is compromised
983(4)
Social engineering
983(1)
Software vulnerabilities
984(1)
Distributed denial-of-service attacks (DDoS)
985(1)
Insider abuse
986(1)
Network, system, or application configuration errors
986(1)
Basic security measures
987(5)
Software updates
987(1)
Unnecessary services
988(1)
Remote event logging
989(1)
Backups
989(1)
Viruses and worms
989(1)
Root kits
990(1)
Packet filtering
991(1)
Passwords and multifactor authentication
991(1)
Vigilance
991(1)
Application penetration testing
992(1)
Passwords and user accounts
992(4)
Password changes
993(1)
Password vaults and password escrow
993(2)
Password aging
995(1)
Group logins and shared logins
996(1)
User shells
996(1)
Rootly entries
996(1)
Security power tools
996(9)
Nmap: network port scanner
996(2)
Nessus: next-generation network scanner
998(1)
Metasploit: penetration testing software
999(1)
Lynis: on-box security auditing
999(1)
John the Ripper: finder of insecure passwords
1000(1)
Bro: the programmable network intrusion detection system
1000(1)
Snort: the popular network intrusion detection system
1001(3)
OSSEC: host-based intrusion detection
1002(1)
OSSEC basic concepts
1002(1)
OSSEC installation
1003(1)
OSSEC configuration
1004(1)
Fail2Ban: brute-force attack response system
1004(1)
Cryptography primer
1005(11)
Symmetric key cryptography
1005(1)
Public key cryptography
1006(1)
Public-key infrastructure
1007(2)
Transport Layer Security
1009(1)
Cryptographic hash functions
1009(2)
Random number generation
1011(1)
Cryptographic software selection
1012(1)
The openssl command
1012(2)
Preparing keys and certificates
1013(1)
Debugging TLS servers
1014(1)
PGP: Pretty Good Privacy
1014(1)
Kerberos: a unified approach to network security
1015(1)
SSH, the Secure SHell
1016(11)
OpenSSH essentials
1016(2)
The ssh client
1018(1)
Public key authentication
1019(1)
The ssh-agent
1020(2)
Host aliases in -/.ssh/config
1022(1)
Connection multiplexing
1023(1)
Port forwarding
1023(1)
sshd: the OpenSSH server
1024(2)
Host key verification with SSHFP
1026(1)
File transfers
1027(1)
Alternatives for secure logins
1027(1)
Firewalls
1027(3)
Packet-filtering firewalls
1028(1)
Filtering of services
1028(1)
Stateful inspection firewalls
1029(1)
Firewalls: safe?
1029(1)
Virtual private networks (VPNs)
1030(1)
IPsec tunnels
1030(1)
All I need is a VPN, right?
1031(1)
Certifications and standards
1031(3)
Certifications
1031(1)
Security standards
1032(2)
ISO 27001:2013
1032(1)
PCI DSS
1033(1)
NIST 800 series
1033(1)
The Common Criteria
1034(1)
OWASP: the Open Web Application Security Project
1034(1)
CIS: the Center for Internet Security
1034(1)
Sources of security information
1034(3)
SecurityFocus.com, the BugTraq mailing list, and the OSS mailing list.
1035(1)
Schneier on Security
1035(1)
The Verizon Data Breach Investigations Report
1035(1)
The SANS Institute
1035(1)
Distribution-specific security resources
1036(1)
Other mailing lists and web sites
1036(1)
When your site has been attacked
1037(1)
Recommended reading
1038(2)
Chapter 28 Monitoring
1040(30)
An overview of monitoring
1041(3)
Instrumentation
1042(1)
Data types
1042(1)
Intake and processing
1043(1)
Notifications
1043(1)
Dashboards and UIs
1044(1)
The monitoring culture
1044(1)
The monitoring platforms
1045(6)
Open source real-time platforms
1046(1)
Nagios and Icinga
1046(1)
Sensu
1047(1)
Open source time-series platforms
1047(2)
Graphite
1047(1)
Prometheus
1048(1)
InfluxDB
1049(1)
Munin
1049(1)
Open source charting platforms
1049(1)
Commercial monitoring platforms
1050(1)
Hosted monitoring platforms
1051(1)
Data collection
1051(4)
StatsD: generic data submission protocol
1052(2)
Data harvesting from command output
1054(1)
Network monitoring
1055(1)
Systems monitoring
1056(3)
Commands for systems monitoring
1057(1)
collectd: generalized system data harvester
1057(1)
sysdig and dtrace: execution tracers
1058(1)
Application monitoring
1059(2)
Log monitoring
1059(1)
Supervisor + Munin: a simple option for limited domains
1060(1)
Commercial application monitoring tools
1060(1)
Security monitoring
1061(2)
System integrity verification
1061(1)
Intrusion detection monitoring
1062(1)
SNMP: the Simple Network Management Protocol
1063(5)
SNMP organization
1064(1)
SNMP protocol operations
1065(1)
Net-SNMP: tools for servers
1065(3)
Tips and tricks for monitoring
1068(1)
Recommended reading
1069(1)
Chapter 29 Performance Analysis
1070(21)
Performance tuning philosophy
1071(2)
Ways to improve performance
1073(1)
Factors that affect performance
1074(1)
Stolen CPU cycles
1075(1)
Analysis of performance problems
1076(1)
System performance checkup
1077(11)
Taking stock of your equipment
1077(2)
Gathering performance data
1079(1)
Analyzing CPU usage
1079(2)
Understanding how the system manages memory
1081(1)
Analyzing memory usage
1082(2)
Analyzing disk I/O
1084(1)
fio: testing storage subsystem performance
1085(1)
sar: collecting and reporting statistics over time
1086(1)
Choosing a Linux I/O scheduler
1086(1)
perf: profiling Linux systems in detail
1087(1)
Help! My server just got really slow!
1088(2)
Recommended reading
1090(1)
Chapter 30 Data Center Basics
1091(14)
Racks
1092(1)
Power
1092(4)
Rack power requirements
1093(1)
kVA vs. kW
1094(1)
Energy efficiency
1095(1)
Metering
1095(1)
Cost
1096(1)
Remote control
1096(1)
Cooling and environment
1096(5)
Cooling load estimation
1097(1)
Roof, walls, and windows
1097(1)
Electronic gear
1097(1)
Light fixtures
1098(1)
Operators
1098(1)
Total heat load
1098(1)
Hot aisles and cold aisles
1098(2)
Humidity
1100(1)
Environmental monitoring
1100(1)
Data center reliability tiers
1101(1)
Data center security
1102(1)
Location
1102(1)
Perimeter
1102(1)
Facility access
1102(1)
Rack access
1103(1)
Tools
1103(1)
Recommended reading
1104(1)
Chapter 31 Methodology, Policy, and Politics
1105(31)
The grand unified theory: DevOps
1106(5)
DevOps is CLAMS
1107(3)
Culture
1107(1)
Lean
1108(1)
Automation
1109(1)
Measurement
1110(1)
Sharing
1110(1)
System administration in a DevOps world
1110(1)
Ticketing and task management systems
1111(4)
Common functions of ticketing systems
1112(1)
Ticket ownership
1112(1)
User acceptance of ticketing systems
1113(1)
Sample ticketing systems
1114(1)
Ticket dispatching
1114(1)
Local documentation maintenance
1115(3)
Infrastructure as code
1116(1)
Documentation standards
1116(2)
Environment separation
1118(1)
Disaster management
1119(3)
Risk assessment
1119(1)
Recovery planning
1120(1)
Staffing for a disaster
1121(1)
Security incidents
1122(1)
IT policies and procedures
1122(3)
The difference between policies and procedures
1123(1)
Policy best practices
1124(1)
Procedures
1124(1)
Service level agreements
1125(2)
Scope and descriptions of services
1125(1)
Queue prioritization policies
1126(1)
Conformance measurements
1127(1)
Compliance: regulations and standards
1127(4)
Legal issues
1131(2)
Privacy
1131(1)
Policy enforcement
1132(1)
Control = liability
1132(1)
Software licenses
1133(1)
Organizations, conferences, and other resources
1133(2)
Recommended reading
1135(1)
Index 1136(30)
A Brief History of System Administration 1166(10)
Colophon 1176(2)
About the Contributors 1178(1)
About the Authors 1179
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97801342782852e.html
Märksõnad: