CHAPTER 1 Introducing the Basics of Automation
Large Companies with Many Diverse Systems
Medium-Sized Companies Planning for Growth
Documenting System Configuration Policies
What Do System Administrators Do?
Methodology: Get It Right from the Start!
Dealing with Users and Administrators
CHAPTER 2 Applying Practical Automation
Understanding the Procedure Before Automating It
Exploring an Example Automation
Turning the Script into a Robust Automation
Attempting to Repair, Then Failing Noisily
CHAPTER 3 Using SSH to Automate System Administration Securely
Learning the Basics of Using SSH
Using Public-Key Authentication
Getting Advanced with ssh-agent
Restricting RSA Authentication
Allowing Limited Command Execution
Monitoring the Common Accounts
CHAPTER 4 Configuring Systems with cfengine
Getting an Overview of cfengine
Delving into the Components of cfengine
Mapping the cfengine Directory Structure
Managing cfengine Configuration Files
Identifying Systems with Classes
Finding More Information About Cfengine
Creating Basic Configuration Files
Creating the Configuration Server
Creating Sections in cfagent.conf
Using cfengine in the Real World
CHAPTER 5 Bootstrapping a New Infrastructure
Installing the Central cfengine Host
Setting Up the cfengine Master Repository
Creating the cfengine Config Files
The cf.cfengine_cron_entries Task
CHAPTER 6 Setting Up Automated Installation
Introducing the Example Environment
Employing JumpStart for Solaris
CHAPTER 7 Automating a New System Infrastructure
Implementing Time Synchronization
Copying the Configuration Files with cfengine
An Alternate Approach to Time Synchronization
Taking Control of User Account Files
Standardizing the Local Account Files
Distributing the Files with cfengine
CHAPTER 8 Deploying Your First Application
Deploying and Configuring the Apache Web Server
The Apache Package from Red Hat
Sharing Program Binaries with NFS
NFS and rsync and cfengine, Oh My!
CHAPTER 9 Generating Reports and Analyzing Logs
Doing General syslog Log Analysis
Outputting Summary Log Reports
Deploying Nagios with cfengine
Create the Nagios Web Interface Configuration Files
What Nagios Alerts Really Mean
Building and Distributing the Ganglia Programs
Configuring the Ganglia Web Interface
CHAPTER 11 Infrastructure Enhancement
Cfengine Version Control with Subversion
Importing the masterfiles Directory Tree
Using Subversion to Implement a Testing Environment
Enhancement Is an Understatement
CHAPTER 12 Improving System Security
Security Enhancement with cfengine
Applying Patches and Vendor Updates
Shutting Down Unneeded Daemons
Using the Lightweight Directory Access Protocol
Implementing Host-Based Firewalls
Using Host-Based Packet Filtering
Enabling Sudo at Our Example Site
Security Is a Journey, Not a Destination
APPENDIX A Introducing the Basic Tools
Compatibility Issues with Bash
Creating Simple Bash Shell Scripts
APPENDIX B Writing cfengine Modules
Requirements for Using Modules
Defining Custom Classes Without Modules
Creating Your First cfengine Module
3.19.237.38