Unix/Linux Infrastructure Operations (ULIO)
Synopsis
Provide students hands-on experience in tools and techniques to manage hundreds or thousands of Unix/Linux systems, in a repeatable and team-structured way.
Workshop Topics
- Introduction
- SSH key authentication
- Source-of-truth and Git
- Centralized authorization
- System containers with Incus
- ZFS (Zettabyte File System)
- Cloud-init
- Ansible Automation
- Inventory across infrastructure
- Terraform Infrastructure as Cloud (IaC)
- OCI (Open Container Initiative)
- Kubernetes demo
- CI/CD (Continuous Integration/Continuous Delivery or Deployment) using GitOps
- Certificates
- Provisioning and managing hardware
- Monitoring and reporting
- Data management
Target Audience
Students are expected to be competent Unix/Linux system admins and engineers from ISPs, Research and Education Networks (RENs), universities, or companies who are responsible for local system infrastructure in their organizations.
Prerequisites
- Medium to advanced knowledge of the UNIX/Linux command line environment
- Basic knowledge of TCP/IP networking
- Participants are required to bring a laptop
- Participant laptops need to allow participants to update core settings
Objectives
At the end of the workshop, students will be able to (Core Goals):
- Manage a large number of devices and items across their infrastructure securely and reliably
- Learn how to make actions testable and repeatable, working with a "source of truth" that a team can use for reference and to recreate work done
- Automate the work process to keep things up to date and to deploy changes in both a test environment, then move approved changes to production
- Ensure the continuity of infrastructure and be able to recover from failures (such as using backups)
- Monitor, report, identify, and resolve issues
At the end of the workshop, students will be able to (Supporting Goals):
- Work with Git to form a "source of truth" for your infrastructure
- Lean how to implement a properly working centralized authorization model
- Work with SSH, keys, configuration, and port forwarding effectively
- Define ZFS filesystems to maintain and move containers across hosts
- Work with Ansible to automate the creation of systems across infrastructure
- Work with Ansible control tools, such as AWX, to automate Ansible system updates from a source of truth (Git)
- Consider methods for creating infrastructure inventory sources
- Use tools like Terraform to help create Virtual Machines within a cluster
- Learn how to use Open Container Initiative (OCI) images with tools like Docker (or Podman, or Incus)
- Use Kubernetes to build small K3s cluster
- Work with the CI/CD (Continuous Integration/Continuous Delivery) concepts to build a simple CI/CD based pipeline
- Understand the core concepts behind how SSL certificates work and are used in web environments
- Understand the core concepts of provisioning hardware effectively and in a protected manner (control plane access only via Out of Band)
- Understand what and why we monitor and how to do this
- Protect data, and explain why data is the most important item to protect, as well as methods for doing this
