Index
A
account files. See local account files
actionsequence controls
administrative scripts, usage information for
alerts
host stops contacting cfengine master
Apache binary, synchronizing with PHP binary using rsync –2nd
Apache package from Red Hat, configuring –2nd
Apache VirtualHost configuration for Nagios web interface –2nd
Apache web server
Secure Sockets Layer certificate for
applications. See campin.net shopping web site; deploying applications
application service providers (ASPs), automation and
assumptions of automation system
authentication
public key
specifying authorized keys –2nd
RSA
forwarding port between machines –2nd
authentication file for Nagios web interface –2nd
Authentication screen (Kickstart Configurator)
authorized_keys file
configuring to restrict access
limited command execution, allowing
authorized keys, specifying –2nd
automated installation systems
FAI for Debian
install client, customizing –2nd
network booting, configuring –2nd
packages, installing and configuring –2nd
JumpStart
install server, setting up –2nd
profile server, setting up –2nd
Kickstart
installation tree, creating and making available –2nd
kickstart file, contents of –2nd
automation
AWK language
B
backups
of Subversion repository
Bash (Bourne-Again Shell)
scripts
Basic Configuration screen (Kickstart Configurator)
benefits of automation
documented system configuration policies
Beowulf clusters, automation and
Berkeley Internet Name Domain (BIND)
Blastwave software repository , 2nd
Boot Loader Options screen (Kickstart Configurator)
bootstrapping, cf.preconf script and –2nd
Bourne-Again Shell (Bash)
scripts
Building a Monitoring Infrastructure with Nagios (Josephsen)
building Ganglia programs –2nd
Burgess, Mark , 2nd , 3rd
C
campin.net shopping web site
central cfengine host, installing
cfengine configuration files
cf.cfengine_cron_entries task –2nd
cfengine master repository, setting up
Red Hat Apache package, configuring for
cfagent.conf/FAIBASE file –2nd
cfagent.conf file (cfengine)
sections
cf.central_home_dirs file –2nd
cf.cfengine_cron_entries task –2nd
cf.create_autofs_mnt_pkg task –2nd
cf.enable_rsync_daemon task –2nd , 3rd –4th
cfengine
application service providers and
basic setup for
cfagent.conf sections
classes
configuration files
cf.cfengine_cron_entries task –2nd
configuration files, creating
configuration server, creating
copying configuration files with –2nd
defining classes without modules
deploying Nagios with
Apache VirtualHost configuration for –2nd
authentication file, creating –2nd
building Nagios plug-ins, copying –2nd
daemon and configuration files, copying –2nd
hostgroup file for monitoring host role, creating
localhost-only monitoring, monitoring –2nd
monitoring host role, configuring
monitoring host role, DNS entry for –2nd
monitoring remote systems –2nd
NRPE configuration file, creating
NRPE, configuring Red Hat local firewall to allow –2nd
NRPE start-up script, creating
separating configuration and program directories
distributing local account files with –2nd
fully functional infrastructure for, configuring –2nd
security enhancement with
applying patches and updates –2nd
protecting system accounts –2nd
testing environment, implementing –2nd
version 3, looking forward to –2nd
cfengine modules
using in place of shellcommands –2nd
cfexecd
cf.kill_unwanted_services task
cf.postfix_permissions task –2nd
cf.preconf script
integrated into postinstall script –2nd
cfrun command , 2nd –3rd
cfservd.conf file (cfengine)
cf.setup_svn_plus_apache task –2nd
cf.sync_apache_binaries task
cf.sync_postfix_config file –2nd
change development process –2nd
characters in regular expressions
checksum option (files section of cfagent.conf file)
classes
cfengine
classes section (cfagent.conf file)
clients
install
FAI for Debian, customizing –2nd
JumpStart for Solaris, adding –2nd
client systems, cfengine, preparing
clusters
Beowulf or computational, automation and
command execution, allowing limited
commands
common accounts, using SSH for
compatibility issues with Bash
Comprehensive Perl Archive Network (CPAN)
configuration files
cfengine
cf.cfengine_cron_entries task –2nd
configuration policies
configuration server, cfengine, creating
configuring
See also configuration files
Apache package from Red Hat –2nd
authorized_keys file to restrict access
BIND
cfengine
fully functional infrastructure –2nd
network booting
NFS-automounted home directories –2nd
NTP clients
content, distributing
NFS
Subversion
automating server deployment –2nd
synchronizing Apache and PHP with rsync –2nd
synchronizing data with rsync
copying
Nagios plug-ins with cfengine –2nd
Subversion backups to other host –2nd
copy section (cfagent.conf file) –2nd
CPAN (Comprehensive Perl Archive Network)
custom classes (cfengine) –2nd
customizing install client –2nd
Custom JumpStart. See JumpStart for Solaris
D
daemons
rsync, outputs directory and –2nd
data
sharing between systems
synchronizing Apache and PHP with rsync –2nd
synchronizing with rsync
Debian
See also FAI for Debian
iptables packet filtering framework –2nd
named.conf.local file
Debian cfengine2 package , 2nd
debugging
defining cfengine classes
deploying
applications
Apache package from Red Hat, configuring –2nd
Nagios with cfengine
Apache VirtualHost configuration for –2nd
authentication file, creating –2nd
daemon and configuration files, copying –2nd
hostgroup file for monitoring host role, creating
localhost-only monitoring, modifying –2nd
monitoring host role, configuring
monitoring host role, DNS entry for –2nd
monitoring remote systems –2nd
NRPE configuration file, creating
NRPE, configuring Red Hat local firewall to allow –2nd
NRPE start-up script, creating
separating configuration and program directories
DHCP, Kickstart network boot and –2nd
dhcpd.conf file
directories
NFS-automounted home
storing syslog messages in –2nd
$workdir/outputs
aggregating contents from all hosts to single host –2nd
Red Hat Linux as aggregate host for
summarizing and e-mailing aggregated contents
summarizing and e-mailing hourly
uploading to central host –2nd
directories section (cfagent.conf file)
directory structure of cfengine –2nd
directory test verifying postfix Debian package is installed
disable action (cfengine) –2nd
disable section (cfagent.conf file) –2nd
Display Configuration screen (Kickstart Configurator)
distributing content
NFS
Subversion
automating server deployment –2nd
synchronizing Apache and PHP with rsync –2nd
synchronizing data with rsync
distributing local account files with cfengine –2nd
DNS (Domain Name System)
entry for Nagios monitoring host role, creating –2nd
private, setting up
BIND configuration, automating –2nd
query, running without logging into host
documentation
of system configuration policies
Domain Name System. See DNS
downloading
DVD, creating ISO file on remote system from
E
editfiles section (cfagent.conf file) –2nd
errors reduced by automation , 2nd
/etc/fai/make-fai-nfsroot.conf file –2nd
/etc/postfix/main.cf file, modifying
/etc/rc2.d/S99runonce script –2nd
example automation
scripting working procedure –2nd
turning script into robust automation –2nd
example environment, explanation of
F
FAI (Fully Automatic Installation) for Debian
install client, customizing –2nd
network booting, configuring –2nd
packages, installing and configuring –2nd
files
everything on system represented as –2nd
files section (cfagent.conf file) –2nd
filesystem layouts, consistency of across systems
Firewall Configuration screen (Kickstart Configurator)
firewalls
host-based, implementing
packet filtering
forwarding
G
Ganglia
building and distributing programs –2nd
configuring web interface –2nd
overview of , 2nd –3rd
goldmaster (central host) –2nd , 3rd
H
host-based security
cfengine and
applying patches and updates –2nd
protecting system accounts –2nd
firewalls and
packet filtering
host
See also monitoring host role for Nagios
copying repository backups to –2nd
installing
running query without logging into
I
ignore section of cf.preconf script
importing
import statements, cfagent.conf file and
infrastructure services
DNS
time synchronization
copying configuration files –2nd
user account files
distributing with cfengine –2nd
NFS-automounted home directories –2nd
installation, automated systems for
FAI for Debian
install client, customizing –2nd
network booting, configuring –2nd
packages, installing and configuring –2nd
JumpStart
install server, setting up –2nd
profile server, setting up –2nd
Kickstart
installation tree, creating and making available –2nd
kickstart file, contents of –2nd
Installation Method screen (Kickstart Configurator)
install client
FAI for Debian, customizing –2nd
JumpStart for Solaris, adding –2nd
installing
See also installation, automated systems for
rsync from Blastwave repository as part of JumpStart process
install server, setting up –2nd
Internet Service Providers (ISPs), automation and
IP addresses, sysidcfg file and
iptables packet filtering framework –2nd
ISO file, creating on remote system from DVD
ISPs (Internet Service Providers), automation and
J
JumpStart for Solaris
install server, setting up –2nd
profile server
postinstall script, creating –2nd
JumpStart process
rsync from Blastwave repository as part of
K
Keep It Simple, Stupid (KISS) principle
Kerberos, security enhancement with
Kickstart for Red Hat
host
installation tree, creating and making available –2nd
Kickstart Configurator
Network Configuration screen –2nd
Partition Information screen –2nd
Postinstallation Script screen
kickstart file
network boot
KISS (Keep It Simple, Stupid) principle
L
languages, scripting . See also AWK language; Perl
LDAP (Lightweight Directory Access Protocol), security enhancement with
LDAP System Administration (Carter)
links section (cfagent.conf file)
listings. See scripts
list-iteration operator (cfengine)
local account files
adding new
distributing with cfengine –2nd
NFS-automounted home directories
log reports
syslog messages
outputting summary reports –2nd
M
masterfiles directory tree (cfengine), importing –2nd
master repository, cfengine, setting up
matching repeating characters in regular expressions –2nd
merging
methodology, consistent, and automation –2nd
modifying files, automation and
monitoring
Ganglia and
building and distributing programs –2nd
configuring web interface –2nd
overview of , 2nd –3rd
Nagios and
monitoring host role for Nagios
N
Nagios
deploying with cfengine
Apache VirtualHost configuration for –2nd
authentication file, creating –2nd
building Nagios plug-ins, copying –2nd
daemon and configuration files, copying –2nd
hostgroup file for monitoring host role, creating
localhost-only monitoring, modifying –2nd
monitoring host role, configuring
monitoring host role, DNS entry for –2nd
monitoring remote systems –2nd
NRPE configuration file, creating
NRPE, configuring Red Hat local firewall to allow –2nd
NRPE start-up script, creating
separating configuration and program directories
service detail screen for system localhost
Nagios daemon, copying with cfengine –2nd
Nagios Remote Plug-in Executor (NRPE)
configuring Red Hat local firewall to allow –2nd
named.conf.local file (Debian)
named.conf.options file (Debian)
NAT (Network Address Translation), accessing server behind
network
network appliances, automation and
network boot
FAI for Debian, configuring –2nd
Kickstart for Red Hat
Network Configuration screen (Kickstart Configurator) , 2nd
Network Time Protocol. See NTP
NFS (Network File System), sharing data with
NFS-automounted home directories
NRPE (Nagios Remote Plug-in Executor)
configuring Red Hat local firewall to allow –2nd
NTP (Network Time Protocol)
clients, configuring
configuration files, copying with cfengine –2nd
O
operating systems, homogenizing
outputting syslog summary reports –2nd
P
Package Selection screen (Kickstart Configurator) –2nd
packet filtering software
Partition Information screen (Kickstart Configurator) –2nd
passwords
Perl
PHP binary, synchronizing with Apache binary using rsync –2nd
PHP-enabled Apache web server, building from source –2nd
plug-ins. See Nagios
policies, system configuration
ports, forwarding between machines –2nd
postfix, virtual-domain functionality of
Postinstallation Script screen (Kickstart Configurator)
postinstall script, creating –2nd
Practical UNIX & Internet Security (Garfinkel, Schwartz, and Spafford)
predefined classes (cfengine) –2nd
Pre-eXecution Environment (PXE)
Principles of Network and System Administration, Second Edition (Burgess)
private DNS, setting up
BIND configuration
private keys, trust in cfengine and
procedure, understanding before automating , 2nd
procedure example
turning script into robust automation –2nd
processes section (cfagent.conf file) –2nd
profile server
postinstall script, creating –2nd
program binaries
protecting system accounts –2nd
prototyping procedure before polishing
public key authentication
specifying authorized keys –2nd
pulling from server, cfengine as –2nd
push method –2nd , 3rd
PXE (Pre-eXecution Environment)
R
real-time reporting, syslog summary reports –2nd
Red Hat Linux
See also Kickstart for Red Hat
as aggregate host for outputs directories
Apache package, configuring –2nd
local firewall, configuring to allow NRPE –2nd
sudoers file example entries –2nd
Red Hat Network (RHN), benefits of
regular expressions
characters
marking and back referencing –2nd
remote systems
configuring Nagios to monitor –2nd
removing
repetitive tasks, elimination of, with automation
reports. See log reports
reproducibility of automated system
resources
See also web sites
restricting RSA authentication
forwarding port between machines –2nd
limited command execution, allowing
revision-control system. See Subversion
RSA authentication
forwarding port between machines –2nd
rsync
daemon, outputs directory and –2nd
installing as part of JumpStart process
synchronizing Apache and PHP with –2nd
rsyncd.conf-www file –2nd , 3rd
S
SAs (system administrators)
tasks and responsibilities of , 2nd –3rd
scripting languages . See also Perl
scripting working procedure
turning into robust automation –2nd
scripts
administrative, usage information for
for analyzing log file and summarizing user logins –2nd
cfagent.conf/FAIBASE and update.conf/FAIBASE files –2nd
cf.central_home_dirs file –2nd
cf.cfengine_cron_entries task
cf.create_autofs_mnt_pkg task –2nd
cf.enable_rsync_daemon task –2nd , 3rd –4th
cf.kill_unwanted_services task
cfmotd task
cf.preconf –2nd , 3rd –4th
cf.setup_svn_plus_apache task –2nd
cf.sync_apache_binaries task
cf.sync_postfix_config file –2nd
classes/cf.main_classes contents
control/cf.control_cfagent_conf contents
control/cf.control_cfexecd contents
creating user accounts using –2nd
dhcpd.conf file
directory test to verify postfix Debian package is installed
/etc/fai/make-fai-nfsroot.conf file –2nd
/etc/postfix/main.cf file, modifying
iptables rule set that implements log host policy –2nd
named.conf.local file (Debian)
named.conf.options file (Debian)
for processing configuration file and generating authorized_keys files –2nd
rsyncd.conf-www file –2nd , 3rd
running Apache and PHP binaries –2nd
/srv/fai/config directory –2nd
/srv/fai/config/package_config/WEB file
search engines, automation and
SEC (Simple Event Correlator) –2nd
Secure Shell (SSH) protocol
common accounts
public key authentication
specifying authorized keys –2nd
Secure Sockets Layer certificate
security
Apache web server, building from source
cfengine and
applying patches and updates –2nd
protecting system accounts –2nd
firewalls and
outputs directory and rsync daemon
packet filtering
sed stream editor
servers
See also Apache web server; FAI for Debian; JumpStart for Solaris; Kickstart for Red Hat; profile server
configuration (cfengine), creating
Subversion, automating deployment of –2nd
Service Level Agreements (SLAs)
Service Management Facility (Solaris 10)
sharing data between systems
NFS and
Subversion and
automating server deployment –2nd
synchronizing Apache and PHP with rsync –2nd
synchronizing data with rsync
shellcommands (cfengine), using modules in place of –2nd
shellcommands section (cfagent.conf file)
shells, popular . See also Bash shell
shutting down unneeded daemons –2nd
Simple Event Correlator (SEC) –2nd
size of company, and automation
SLAs (Service Level Agreements)
software
Solaris 10
See also JumpStart for Solaris
/srv/fai/config directory script –2nd
/srv/fai/config/package_config/WEB file
ssh-agent program
description of , 2nd –3rd
using without starting new process –2nd
SSH (Secure Shell) protocol
common accounts
public key authentication
specifying authorized keys –2nd
SSL certificate
startup company example
See also campin.net shopping web site
installing and configuring systems for –2nd
Subversion source-control system
cfengine version control with
masterfiles directory tree, importing –2nd
repository backups
sharing data with
automating server deployment –2nd
testing environment, implementing –2nd
sudo program
synchronizing
See also time synchronization
Apache and PHP using rsync –2nd
data using rsync
syslog messages
storing in directory
configuring syslog server –2nd
outputting summary log reports –2nd
system accounts, protecting –2nd
system administrators (SAs)
tasks and responsibilities of , 2nd –3rd
system configuration policies
system-imaging servers . See also FAI for Debian; JumpStart for Solaris; Kickstart for Red Hat
system status, verification of
T
tedious tasks, elimination of, with automation
testing
testing environment, implementing with Subversion –2nd
TFTP (Trivial File Transfer Protocol) –2nd
time synchronization
configuring NTP clients
copying configuration files –2nd
tools
Trivial File Transfer Protocol (TFTP) –2nd
U
UNIX Backup and Recovery (Preston)
update.conf file (cfengine)
usage information for administrative scripts
user account files
adding new
distributing with cfengine –2nd
NFS-automounted home directories
users
utilities. See tools
V
version control. SeeSubversion
W
web interface
web server farms, automation and
web servers, clusters of . See also Apache web server
web sites
See also campin.net shopping web site
welcome e-mail, scripting procedure to send –2nd
$workdir/outputs directory
aggregating contents from all hosts to single host –2nd
Red Hat Linux as aggregate host for
summarizing and e-mailing
uploading to central host –2nd