Contents

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

Contents at a Glance

About the Authors

Contents

About the Authors

About the Technical Reviewer

Acknowledgments

CHAPTER 1 Introducing the Basics of Automation

Do You Need Automation?

Large Companies with Many Diverse Systems

Medium-Sized Companies Planning for Growth

Internet Service Providers

Application Service Providers

Web Server Farms

Beowulf Clusters

Network Appliances

What Will You Gain?

Reducing Errors

Documenting System Configuration Policies

Realizing Other Benefits

What Do System Administrators Do?

Methodology: Get It Right from the Start!

Homogenizing Your Systems

Deciding on Push vs. Pull

Dealing with Users and Administrators

Who Owns the Systems?

Defining Policy

CHAPTER 2 Applying Practical Automation

Seeing Everything As a File

Understanding the Procedure Before Automating It

Exploring an Example Automation

Scripting a Working Procedure

Prototyping Before You Polish

Turning the Script into a Robust Automation

Attempting to Repair, Then Failing Noisily

Focusing on Results

CHAPTER 3 Using SSH to Automate System Administration Securely

Learning the Basics of Using SSH

Enhancing Security with SSH

Using Public-Key Authentication

Generating the Key Pair

Specifying Authorized Keys

Using ssh-agent

Knowing ssh-agent Basics

Getting Advanced with ssh-agent

Forwarding Keys

Restricting RSA Authentication

Dealing with Untrusted Hosts

Allowing Limited Command Execution

Forwarding a Port

Using SSH for Common Accounts

Preparing for Common Accounts

Monitoring the Common Accounts

CHAPTER 4 Configuring Systems with cfengine

Getting an Overview of cfengine

Defining cfengine Concepts

Evaluating Push vs. Pull

Delving into the Components of cfengine

Mapping the cfengine Directory Structure

Managing cfengine Configuration Files

Identifying Systems with Classes

Finding More Information About Cfengine

Learning the Basic Setup

Setting Up the Network

Running Necessary Processes

Creating Basic Configuration Files

Creating the Configuration Server

Preparing the Client Systems

Debugging cfengine

Creating Sections in cfagent.conf

Using Classes in cfagent.conf

The copy Section

The directories Section

The disable Section

The editfiles Section

The files Section

The links Section

The processes Section

The shellcommands Section

Looking Forward to Cfengine 3

Using cfengine in the Real World

CHAPTER 5 Bootstrapping a New Infrastructure

Installing the Central cfengine Host

Setting Up the cfengine Master Repository

Creating the cfengine Config Files

The cf.preconf Script

The update.conf file

The cfagent.conf file

The cf.motd Task

The cf.cfengine_cron_entries Task

Ready for Action

CHAPTER 6 Setting Up Automated Installation

Introducing the Example Environment

Employing JumpStart for Solaris

Kickstart for Red Hat

The Proper Foundation

CHAPTER 7 Automating a New System Infrastructure

Implementing Time Synchronization

External NTP Synchronization

Internal NTP Masters

Configuring the NTP Clients

Copying the Configuration Files with cfengine

An Alternate Approach to Time Synchronization

Incorporating DNS

Choosing a DNS Architecture

Setting Up Private DNS

Taking Control of User Account Files

Standardizing the Local Account Files

Distributing the Files with cfengine

Adding New User Accounts

CHAPTER 8 Deploying Your First Application

Deploying and Configuring the Apache Web Server

The Apache Package from Red Hat

Building Apache from Source

Sharing Data Between Systems

Synchronizing Data with rsync

Sharing Data with NFS

Sharing Program Binaries with NFS

Sharing Data with cfengine

Sharing Data with Subversion

NFS and rsync and cfengine, Oh My!

CHAPTER 9 Generating Reports and Analyzing Logs

Reporting on cfengine Status

Doing General syslog Log Analysis

Configuring the syslog Server

Outputting Summary Log Reports

Doing Real-Time Log Reporting

Seeing the Light

CHAPTER 10 Monitoring

Nagios Components

Nagios Overview

Deploying Nagios with cfengine

Create the Nagios Web Interface Configuration Files

Monitoring Remote Systems

What Nagios Alerts Really Mean

Building and Distributing the Ganglia Programs

Configuring the Ganglia Web Interface

Now You Can Rest Easy

CHAPTER 11 Infrastructure Enhancement

Cfengine Version Control with Subversion

Importing the masterfiles Directory Tree

Using Subversion to Implement a Testing Environment

Subversion Backups

Enhancement Is an Understatement

CHAPTER 12 Improving System Security

Security Enhancement with cfengine

Removing the SUID Bit

Protecting System Accounts

Applying Patches and Vendor Updates

Shutting Down Unneeded Daemons

Removing Unsafe Files

File Checksum Monitoring

Using the Lightweight Directory Access Protocol

Security with Kerberos

Implementing Host-Based Firewalls

Using TCP Wrappers

Using Host-Based Packet Filtering

Enabling Sudo at Our Example Site

Security Is a Journey, Not a Destination

APPENDIX A Introducing the Basic Tools

Compatibility Issues with Bash

Creating Simple Bash Shell Scripts

Debugging Bash Scripts

Other Scripting Languages

Basic Regular Expressions

Matching Repeating Characters

Other Special Characters

Marking and Back Referencing

The sed Stream Editor

Modifying a File

Modifying stdin

Very Basic Usage

Not-Quite-As-Basic Usage

APPENDIX B Writing cfengine Modules

Requirements for Using Modules

Defining Custom Classes Without Modules

Creating Your First cfengine Module

Using Modules in Place of shellcommands

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

3.19.237.38