LISA '09 Training Program

TRAINING PROGRAM

Sunday, November 1, 2009

Sunday Full-Day Tutorials

S1 Solaris Dynamic Tracing (DTrace): Finding the Light Where There Was Only Darkness
James Mauro, Sun Microsystems

Who should attend: Sysadmins and other production support staff that need to look at systems and figure out what they're doing or why they're running slowly on a regular basis. Some general programming knowledge will be assumed, along the lines of writing shell, awk, or Perl scripts, as well as general familiarity with using and administering systems running some variant of UNIX.

This tutorial covers using the Dynamic Tracing (DTrace) technology that originated in Solaris and OpenSolaris and is now available in Mac OS X 10.5 (Leopard) and FreeBSD 8.0. DTrace is a framework that allows for dynamically inserting points of instrumentation, called probes, in the operating system (kernel) as well as user processes.

This session will combine slides with live demos of DTrace on several operating systems.

Take back to work: How to use Dynamic Tracing (DTrace) technology to understand the behavior of your systems and the workloads they run, whether you're chasing a performance problem or pathological behavior or you simply wish to better understand how applications are using the underlying system.

Topics include:

Introduction to DTrace
- What DTrace is and is not
- Overview of the DTrace framework
- Overview of DTrace providers
- DTrace architecture
- Differences in DTrace among the current operating systems that support DTrace
- DTrace Resources
DTrace components
- Providers
- Probes
- Variables
- Predicates, actions, and subroutines
- Aggregations
- The D Language and writing DTrace scripts
Using DTrace
- Providers and their arguments
- DTrace and CPU consumers
- DTrace and memory use
- DTrace and disk IO
- DTrace and network IO
- DTrace and user processes and threads
- The DTrace toolkit
DTrace in open source software
- DTrace and Java
- DTrace and Perl
- DTrace and PHP
- DTrace and Ruby on Rails
- DTrace and MySQL
Advanced topics
- DTrace destructive actions
- DTrace speculative buffers
- DTrace USDT Probes
- Inserting DTrace probes in application code

S2 Log Analysis with the Simple Event Correlator (SEC) (Hands-on) NEW!
John Rouillard, Consultant

Who should attend: Anyone who wants to unleash the power of SEC for log analysis.

Our past determines our present. How good a job are you doing at managing your past? We all have horror stories of failures that could have been prevented if only somebody had bothered to look at the application/system/software logs a few week earlier.

This course covers the basics of using the Simple Event Correlator (SEC), an open source application written in Perl, which gathers and provides a real-time report on log data gathered from log files ranging from tomcat to firewalls. Any text-based data stream can be analyzed using SEC. With SEC's correlation operations and contexts, you can gather related information across multiple systems or software logs and present it as a single report, allowing faster response to changing conditions.

To get the most from this course, you should bring a laptop capable of running SEC under a UNIX-like environment (Cygwin or DSL/Qemu provide a good environment for Windows users).

Take back to work: A thorough understanding of the basics of SEC, so that you will be able to extract the useful nuggets of information without drowning in the vast sea of log data.

Topics include:

The basics:

Testing and debugging rulesets
Modifying running rulesets
Command-line parameters
Runtime control of SEC
Hands-on analysis of data streams in the classroom

Synthesizing new correlation operations using basic rule types
Using contexts to extend the set of correlation operations
Performance-tuning your SEC ruleset
Ancillary tools:

For analyzing logs for patterns
For filtering/modifying the event stream to enhance correlation and improve performance
For analyzing the Windows event log

Sample applications:

Log analysis: syslog, java/tomcat, etc.
Security event monitoring/reaction: firewall rules, ssh, snort, etc.

S3 Administering Linux in Production Environments
Æleen Frisch, Exponential Consulting

Who should attend: Both current Linux system administrators and administrators from sites considering converting to Linux or adding Linux systems to their current computing resources.

Linux system administrators in production environments face many challenges: the inevitable skepticism about whether an open source operating system will perform as required; how well Linux systems will integrate with existing computing facilities; how to locate, install, and manage high-end features which the standard distributions may lack; and many more. Sometimes the hardest part of ensuring that the system meets production requirements is matching the best solution with the particular local need. This course is designed to give you a broad knowledge of production-worthy Linux capabilities, as well as where Linux currently falls short. The material in the course is all based on extensive experience with production systems.

This course will cover configuring and managing Linux computer systems in production environments. We will be focusing on the administrative issues that arise when Linux systems are deployed to address a variety of real-world tasks and problems arising from both commercial and research and development contexts.

Take back to work: The knowledge necessary to add reliability and availability to your systems and to assess and implement tools needed for production-quality Linux systems.

Topics include:

Recent kernel developments
High-performance I/O
- Advanced file systems and the LVM
- Disk striping
- Optimizing I/O performance
Advanced compute-server environments

HPC with Beowulf
Clustering and high availability
Parallelization environments/facilities
CPU performance optimization

Enterprise-wide security features, including centralized authentication
Automation techniques and facilities
Linux performance tuning

S4 System and Network Performance Tuning
Marc Staveley, Independent Consultant

Who should attend: Novice and advanced UNIX system and network administrators, and UNIX developers concerned about network performance impacts. A basic understanding of UNIX system facilities and network environments is assumed.

We will explore procedures and techniques for tuning systems, networks, and application code. Starting from the single system view, we will examine how the virtual memory system, the I/O system, and the file system can be measured and optimized. We'll extend the single host view to include Network File System tuning and performance strategies. Detailed treatment of networking performance problems, including network design and media choices, will lead to examples of network capacity planning. Application issues, such as system call optimization, memory usage and monitoring, code profiling, real-time programming, and techniques for controlling response time will be addressed. Many examples will be given, along with guidelines for capacity planning and customized monitoring based on your workloads and traffic patterns. Question and analysis periods for particular situations will be provided.

Take back to work: Procedures and techniques for tuning your systems, networks, and application code, along with guidelines for capacity planning and customized monitoring.

Topics include:

Performance tuning strategies

Practical goals
Monitoring intervals
Useful statistics
Tools, tools, tools

Server tuning

Filesystem and disk tuning
Memory consumption and swap space
System resource monitoring

NFS performance tuning

NFS server constraints
NFS client improvements
NFS over WANs
Automounter and other tricks

Network performance, design, and capacity planning

Locating bottlenecks
Demand management
Media choices and protocols
Network topologies: bridges, switches, and routers
Throughput and latency considerations
Modeling resource usage

Application tuning

System resource usage
Memory allocation
Code profiling
Job scheduling and queuing
Real-time issues
Managing response time

S5 Replacing Real Servers with Virtual Machines Using Amazon Elastic Compute Cloud (EC2) (Hands-on; laptop recommended) NEW!
David J. Malan, Harvard

Who should attend: System administrators who want their own server or cluster without yet another box under their desk; instructors who want more control over their course's infrastructure, who want to provide each of their students with their own virtual machine, or who want to assign projects with high computational or space needs; and CTOs who want to scale their infrastructure within minutes to meet unusual loads or who want to load-test their own infrastructure by simulating unusual loads.

Take back to work: How to do it, and whether it's the right thing for you to do.

Topics include:

Spawning and managing Amazon EC2 instances
Evaluating EC2's costs (in dollars and man-hours)
Amazon's command-line utilities and Web-based console
Burning your own images for others to use
Backing up your data to S3
Stress-testing a server
Load-balancing across VMs
How to do it at no cost (for academic purposes)

Laptop requirements: Each student should have a laptop with wireless access.

S6 Understanding Systems Through Network Observation NEW!
Bruce Potter, The Shmoo Group

Who should attend: System and network administrators, IT managers, and IT security staff who want to learn how to better understand what's running on their systems through network-based information.

Modern enterprises can easily consist of many thousands of systems. While we would like to think we could walk into our datacenter and indentify the purpose of each system and the software each is running, there are times when that's just not possible. Networks grow organically over time, and it can be difficult to keep tabs on exactly what's going on in each system. Even with robust system management capability in place, you still want an independent way of validating what's occurring throughout your enterprise.

Ideally, administrators would be able to address each system directly through various management tools, get a list of all the software that's running, and have a perfect view of what's happening. Unfortunately, due to differing zones of administrative control or lack of system-level tools, it can be difficult to determine which services are being heavily utilized, whether there are unexpected hidden services running, or even what purpose a particular system serves. The more systems you have to monitor, the more difficult it can be to gain a deep understanding in a reasonable amount of time.

Attendees will learn how to leverage various network assets in order to assess your network. We will examine ways to cut through the noise and rapidly classify systems into different types and purposes. We will also show how to use these network capabilities, even if you don't have log-in credentials, to dive deep into a system in order to understand what a given system is doing. Finally, we will provide tips and techniques for finding rogue services running in your enterprise.

Take back to work: How to use the network to your advantage and leverage that information to administer your systems better.

Topics include:

The need for deeper understanding
Network versus system analysis: pros, cons, and toolkits
Passive network analysis: overview, limitations, and how to integrate it into your operations
Understanding NetFlow and other flow-based architectures
Where to deploy NetFlow sensors for maximum effectiveness
Configuring Cisco devices for NetFlow
Software-based flow tools: how to use softflowd or Argus when you don't have access to a NetFlow-capable router
Packet capture to fill in gaps in your NetFlow use
Using flow data to gather high-level information on a variety of system types quickly
Low-level system analysis: software running, performance analysis, and potential danger signs
OSS alternatives and some commercial tools

S7 Management Skills, Or, Don't Panic! NEW!
Maurita Plouff, Consultant

Who should attend: System administrators who have an interest in management as a career path or who have already found themselves managing others in teams and distributed groups, with or without the title.

The technically adept system administrator may soon find that managing system administrators requires a new set of skills. Management is an intensely social job: in nearly every aspect, you must deal with people to get things done. Communication skills are more important than ever before, and people are less predictable than computers! Many system administrators find themselves managing people without much training. This tutorial addresses multiple areas of the manager's responsibilities.

Take back to work: Insights, tools, and tips on how to manage technical people to get the job done with the people and resources you have.

Topics include:

The critical differences in being a manager
Understanding and predicting people
Team dynamics
Managing up and down
Effective oral and written communication
Meeting management
Mentoring, coaching, and delegation
How to avoid becoming "The Suit"

Monday, November 2, 2009

Monday Full-Day Tutorials

M1 Solaris 10 Performance, Observability, and Debugging
James Mauro, Sun Microsystems

Who should attend: Anyone who supports or may support Solaris 10 machines.

Take back to work: How to apply the tools and utilities available in Solaris 10 to resolve performance issues and pathological behavior, and simply to understand the system and workload better.

Topics include:

Solaris 10 features overview
Solaris 10 tools and utilities

The conventional stat tools (mpstat, vmstat, etc.)
The procfs tools (ps, prstat, map, pfiles, etc.)
lockstat and plockstat
Using kstat
DTrace, the Solaris dynamic tracing facility
Using mdb in a live system

Understanding memory use and performance
Understanding thread execution flow and profiling
Understanding I/O flow and performance
Looking at network traffic and performance
Application and kernel interaction
Putting it all together

M2 Configuring and Deploying Linux-HA
Alan Robertson, IBM Linux Technology Center

Who should attend: System administrators and IT architects who architect, evaluate, install, or manage critical computing systems. It is suggested that participants have basic familiarity with system V/LSB-style startup scripts, shell scripting, and XML. Familiarity with high availability concepts is not assumed.

The Linux-HA project (https://linux-ha.org/) is the oldest and most powerful open source high-availability (HA) package available, comparing favorably to well-known commercial HA packages. Although the project is called Linux-HA (or "heartbeat"), it runs on a variety of POSIX-like systems, including FreeBSD, Solaris, and OS X.

Linux-HA provides highly available services on clusters from one to more than 16 nodes with no single point of failure. These services and the servers they run on are monitored. If a service should fail to operate correctly, or a server should fail, the affected services will be quickly restarted or migrated to another server, dramatically improving service availability.

Linux-HA supports rules for expressing dependencies between services, and powerful rules for locating services in the cluster. Because these services are derived from init service scripts, they are familiar to system administrators and are easy to configure and manage.

Take back to work: Both the basic theory of high availability systems and practical knowledge of how to plan, install, and configure highly available systems using Linux-HA.

Topics include:

General HA principles
Compilation and installation of the Linux-HA ("heartbeat") software
Overview of Linux-HA configuration
Overview of commonly used resource agents
Managing services supplied with init(8) scripts
Sample Linux-HA configurations for Apache, NFS, DHCP, DNS, and Samba
Writing and testing resource agents conforming to the Open Cluster Framework (OCF) specification
Creating detailed resource dependencies
Creating co-location constraints
Writing resource location constraints
Causing failovers on user-defined conditions

M3 Automating Network Configuration and Management NEW!
D. Brent Chapman, Netomata, Inc.

Who should attend: Network and system administrators who want to bring the benefits of automated configuration and management to their networks. These benefits include consistency, reliability, repeatability, and scalability; the automation techniques covered apply to the whole range of network devices (routers, switches, load balancers, firewalls, etc.) and services (SNMP status and performance monitoring, DNS, DHCP, ACLs, routing, etc.). Students should already be generally familiar with networking fundamentals (addressing, naming, routing, etc.), the roles and basic methods of operation of common network devices and services, and how these devices and services are typically configured and managed by hand; this tutorial isn't going to teach you what a firewall is or how it works, for example, but it will teach you how to automate the configuration and management of a typical firewall.

This tutorial introduces students to a variety of network automation principles and practices, as well as to specific network automation tools such as Netomata Config Generator (NCG) for generating device/service config files, RANCID and ZipTie for managing configs on devices, and Nagios and MRTG for SNMP network status and performance monitoring. In addition, the tutorial shows how to integrate these network automation tools with host automation tools such as Puppet and Cfengine.

Take back to work: Effective techniques for automating the configuration and management of common network devices and services, as well as approaches to getting the most out of automation and arguments to convince peers, managers, and executives that automation is worth the effort.

Topics include:

Benefits of automation
Aspects of automation

Keeping track of what is connected to your network, and how
Generating configs
Getting configs to and from devices
Change management and control
Principles of automation
Levels of automation

Tools

RANCID
ZipTie
NCG (Netomata Config Generator)
Vendor-specific device configuration tools

Automating configuration of network devices

Routers
Switches
Firewalls
Load balancers
PDUs

Automating configuration of network services

SNMP status monitoring (e.g., Nagios)
SNMP trend monitoring (e.g., MRTG)
DNS
DHCP
ACLs
VLANs
VPNs

Integration with host automation systems, such as Puppet and Cfengine
Best practices, pearls of wisdom, tips and tricks
Emerging trends and special circumstances

Virtualization
Cloud computing (including public, private, and hybrid clouds)
QA labs, testbeds, and development environments
IPv6
CoBIT
ITIL

Strategies for promoting automation in your organization

Arguments to convince management to support automation
Arguments to convince staff to support automation
Methods for gradually automating existing networks

M4 Care and Feeding of Hadoop Clusters NEW!
Jimmy Lin, Cloudera

Who should attend: Engineers and system administrators who are interested in evaluating the operational aspects of Hadoop or are already charged with the installation and upkeep of medium to large Hadoop clusters. No previous experience with Hadoop is required.

This class will take an in-depth look at the operation of Hadoop clusters, focusing on the practical procedures required to safely and efficiently operate a Hadoop cluster. Although not hands-on, the presentation material will focus on the specific command lines required. Demonstrations will be presented.

Take back to work: Confidence in your ability to safely and efficiently operate a Hadoop cluster.

Topics include:

Planning and designing a Hadoop deployment using anywhere from four to 4,000 computers
The functional underpinnings of Hadoop and how user code is automatically executed across the computers in a Hadoop cluster
How to consult with engineering teams on the proper way to write and deploy programs on either dedicated or shared Hadoop clusters
Downloading, configuring, and distributing the Hadoop software
Starting, stopping, and monitoring the status of both the Hadoop Distributed File System (HDFS) and Map-Reduce components
How to perform periodic maintenance, especially with respect to ensuring data integrity
Configuring and managing the Map-Reduce job scheduler and user queues
How to choose the correct series of steps to safely upgrade the Hadoop software to a newer release, as well as how to safely back out from such an upgrade (and understand the costs of such a backout)
Adding large amounts of data to the HDFS
Adding or removing machines from the cluster, including seamlessly migrating to an entirely different bank of computers
Moving large data between HDFS instances
How to write simple Hadoop programs in shell script and PIG to perform data analysis

M5 ZFS: A Filesystem for Modern Hardware NEW! Elling
Richard Elling, Enterprise Systems Consultant

Who should attend: Systems engineers, integrators, and administrators who are interested in deploying ZFS on Solaris, Mac OS X, or FreeBSD. Participants should be familiar with storage devices, RAID systems, logical volume managers, backup, and file system features. Special emphasis will be placed on integration considerations for virtualization, NAS, and databases.

File systems developed in the mid 20th century were severely constrained by the storage hardware available at the time. ZFS was conceived with an eye toward the hardware of the future and how storage will evolve. This presented an opportunity to rethink how file systems use storage hardware. The result is a new way of managing data which can evolve as the hardware changes while remaining compatible with earlier notions of file system use. Along the way, new concepts such as the Hybrid Storage Pool provide new opportunities for optimization, efficiency, and data protection. In this tutorial, ZFS will be examined from the bottom up, to build a solid understanding of the data-hardware interface, and then from the top down, to provide insight into the best ways to use ZFS for applications.

Take back to work: A solid understanding of the concepts behind ZFS and how to make the best decisions when implementing storage at your site.

Topics include:

Evolution of hardware and file systems
Storage pools

RAID data protection
Import/export and shared storage
Pool parameters and features
On-disk format

Data sets

Volumes
POSIX-compliant file systems
Snapshots
Replication

Practical considerations and best practices

Deployment and migration
Virtualization
Sharing
Performance, observability, and tuning
Data protection
Hybrid storage pools
Backup, restore, and archiving

Monday Morning Half-Day Tutorials

M6 RRDtool First Steps
Tobias Oetiker, Consultant and Author of RRDtool

Who should attend: Scripters and programmers who would like to create a custom monitoring application with great presentation tools. Attendees are expected to have some scripting experience.

Over the past few years RRDtool has become the standard method for handling time-series data in the networking area. RRDtool takes care of all the work related to data storage and presentation. Many users only access RRDtool through some front-end application like Cacti or Cricket.

In this half-day tutorial you will learn how RRDtool works from a programmer's point of view and how you can use it to write your own custom monitoring applications. An emphasis will be put on presentation aspects. The best data is worth only as much as your bosses and customers understand and appreciate the graphs you create with it.

Take back to work: Ideas for building the monitoring application of your dreams.

Topics include:

RRDtool overview

Problems to be solved
Round Robin Database setup
Data acquisition
Graphing

Programming with RRDtool

The command line interface
The pipe interface
The Perl API

In-depth graphing

Concepts
Simple graphs
The joy of RPN
Graph disassembly
How to make graphs talk

Scaling RRDtool

The RRD file format
Optimizing OS interaction
Tweaking Linux for speed

Latest developments

M8 Working with SELinux
Rik Farrow, Security Consultant

Who should attend: Sysadmins and security managers of Linux systems who want or are required to use SELinux. Participants must be familiar with Linux system administration; previous frustration while using SELinux is expected but not required.

This tutorial focuses on getting SELinux working again in enforcing mode after it has been disabled. SELinux is included by default in many popular distros along with a policy targeted at sandboxing popular network services and some applications. But even minor changes to a server's files, or enabling features in a currently running server, will cause SELinux to prevent an application from working. The usual fix is to disable SELinux.

Take back to work: An awareness of new tools and techniques for debugging problems with SELinux configuration and applications. The goal is to switch SELinux back from permissive or disabled mode to enforcing and to be able to sandbox other not currently covered applications.

Topics include:

SELinux uncloaked

Types, contexts, and roles
Context-based policy
Extensions to familiar commands

Using the audit file

Tools for deciphering log messages

Adjusting file/directory context

Fixing common access problems

Using booleans to adjust policy
Extending policy

Using audit2allow to correct policy
Adding new policy modules

Monday Afternoon Half-Day Tutorials

M9 RRDtool Advanced Topics
Tobias Oetiker, Consultant and Author of RRDtool

Who should attend: Sysadmins who may only have accessed RRDtool through some front-end application such as Cacti or Cricket and would like to get a look under the hood. Attendees are expected to have some scripting experience.

Over the past few years RRDtool has become the standard method for handling time-series data in the networking area. RRDtool takes care of all the work related to data storage and presentation. In this half-day tutorial you will see RRDtool in action: many examples will be demonstrated and explained live.

Take back to work: How to use RRDtool directly to handle time-series data in the networking area.

Topics include:

RRDtool overview

Rundown on components of RRDtool
Update on new functionality in version 1.3

The RRD database format

How RRDtool stores data
Interaction with the OS cache subsystem
Linux tricks
Fixing "bad data" after the fact

How to set up an RRD performance test
RRD graphing

Simple graphs and autoconfiguration
Alternate scaling
Working with transparency
Creating gradients
RPN magic

Putting it together

Scripting interface
The graphv, updatev, and info interfaces

M10 IPv6: An Introduction NEW!
Rudi Van Drunen, Competa IT/Xlexit

Who should attend: System administrators who need to prepare for migration to IPv6 and want to know what's involved or who just want to know more about IPv6.

Since IPv4 numbers really are running out fast, we need to think about moving to IPv6 as soon as possible. This tutorial brings you the basics on IPv6, what is involved in moving, and how to go about making your move to IPv6.

Take back to work: Knowledge of IPv6, what is involved in moving to IPv6, and how to start now building tunnels between IPv4 and IPv6.

Topics include:

The IPv6 frame and addressing
Services (autoconfig, DHCP6, DNS)
Applications
Dual stack (IPv4 and IPv6) operation
Tunnelling
Security aspects
How to start now

M11 Packaging for Sysadmins NEW!
David Nalley, Fedora Project

Who should attend: System administrators with a modicum of experience who have an interest in further automating their environments and advanced sysadmins who have little or no experience with packaging.

Packaging software is a must for consistent and automated system provisioning and maintenance, yet very few people employ packaging. This tutorial explores why sysadmins should package software, what additional benefits accrue to software packagers, and how to make it happen.

Take back to work: An understanding of the benefits of packaging and how to put the techniques learned in class to use immediately.

Topics include:

Why package software

Automation
Consistency

Packaging's serendipitous benefits
How to package software

rpm packaging
deb packaging
Solaris packaging
Windows packaging

Tuesday, November 3, 2009

Tuesday Full-Day Tutorials

T1 Virtualization with VMware vSphere 4.0: The Fundamentals NEW!
John Arrasjid and Rupen Sheth, VMware

Who should attend: System administrators and architects who are interested in deploying a VMware vSphere 4.0, including ESX and vCenter Server, in a production environment. No experience with VMware products is required. Experience with shared storage (SAN and NAS) and networking (switches and VLANs) is recommended.

VMware vSphere 4.0 is the new virtualization environment from VMware, consisting of ESX/ESXi hosts and vCenter servers for hosting and managing virtual machines. It provides capabilities to support various infrastructure management features (consolidation, patching/upgrading, automation, data protection) with features and extensions to support high availability (VMware HA), fault tolerance (VMware FT), and security (VMware vShield Zones). There are numerous other enhancements to improve efficiency, control, and choice for your virtual infrastructure.

Take back to work: The knowledge needed to design, install, and test a VMware vSphere based virtual infrastructure. Advanced areas will be covered in tutorial W1.

Topics include:

Virtualization overview
vSphere core concepts and features
vSphere installation and configuration (ESX, vCenter and extensions)
Networking and storage overview and configuration
Virtual machines, virtual appliances, and the OVF
Clusters, Resource Pools, VMware HA, VMware FT, and VMware DRS
Demonstration of features

T2 Configuration Management Solutions with Cfengine 3 NEW!
Mark Burgess, Cfengine, Inc.

Who should attend: Anyone with a basic knowledge of configuration management who is interested in learning the next-generation tool.

Following a complete rewrite of Cfengine with its popular new syntax and powerful pattern matching capabilities, this full-day tutorial presents an introduction suitable for new users, as well as for users of Cfengine 2.

The tutorial is peppered with configuration examples, which can now be self-contained and modularized to an unprecedented degree in the new language.

Take back to work: An understanding of the new features of the completely rewritten Cfengine 3, including its new syntax and benefits.

Topics include:

Moving from ad hoc scripts to automation
The importance of convergence
The promise model
Templates and data types
Quickstart configuration
Creating configuration libraries
Upgrading from Cfengine 2
Example configurations and demos
Achieving compliance with standards and regulations
Cfengine on Windows and the registry
Monitoring and self-healing
Brief overview of the community and commercial Cfengine roadmap

T3 Remote Security Testing of Web 2.0 Applications (Hands-on) NEW!
David Rhoades and Steve Pinkham, Maven Security Consulting

Who should attend: Pen testers, IT security auditors, and developers. Concepts covered provide real-world issues to consider when developing code and designing security requirements for Web apps. Students should be familiar with HTTP. Experience with basic remote Web app security testing techniques, such as fuzzing, is a plus; however, a crash course will be included in the first hands-on exercise.

Traditional desktop applications are migrating to a browser-centric model at breakneck speeds. As the next generation of Web-based applications races into existence, end users and businesses alike need to consider the security implications of that model. In this workshop we will focus on core security issues and (primarily) remote security testing techniques to detect where flaws exist in the latest generation of online applications.

We will look at the latest popular technologies and examine how they introduce new security weaknesses or enhance older ones.

Take back to work: Hands-on experience remotely detecting and exploiting Web app security weaknesses.

Topics include:

Cross-domain issues

XSS (cross-site scripting)
CSRF (cross-site request forgery, AKA session riding)

SQL/XPATH/LDAP injection attacks
Path traversal and path forgery
Session management issues
Info leakage
Newer technologies that enhance and redefine old attacks

Rich Internet applications, especially Adobe AIR and JavaFX)
AJAX (Asynchronous JavaScript and XML)
JSON (JavaScript Object Notation: it's more than just data!)
Flex
Flash Remoting
REST (Representational State Transfer)
Mashups: Whom do you trust when your application pulls data (and code?) from third parties—even banner ads can be malicious!

System requirements: The toolkit will be a custom-built Ubuntu-based virtual machine geared to run on VirtualBox. You will need to bring your own notebook computer. Each student will be given a virtual machine chock-full of open-source tools, documentation, and targets for a fully self-contained Web app security testing dojo.

Before attending the workshop, install the latest stable 3.x version of VirtualBox, free from https://www.virtualbox.org/. VMware Player should also work, but VirtualBox is better for the workshop. VirtualBox runs on almost* any OS. [* Sorry, Amiga fans.]
Your OS should be updated with the latest security patches, for your own protection, if you opt to get onto the classroom/conference network.
If you use a Windows OS, the file system must be NTFS or better in order to handle large files. FAT32 will not work!
Optional: WiFi network card. Since the virtual machine will contain the targets, an Internet connection is not essential, but of course it's always handy.
You should have administrator access to the OS in case you need to install new software during class. This will not be necessary in most cases once VirtualBox is installed.
The hard drive should have at least 5 GB of free space.
Your computer should have 1 GB of RAM (more is better), 2 GB of RAM if you are using Vista.
Your computer needs to have a modern CPU (from the past 2 or 3 years). If it has 1+ GB of RAM, it's probably fine.

Tuesday Morning Half-Day Tutorials

T4 Solaris 10 Administration Workshop 1: Administration (Hands-on; laptop recommended)
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning the new administration features in Solaris 10 (and features in previous Solaris releases that they might not be using).

Solaris has always been the premier commercial operating system, and this remains the case today. Its novel features and applications (like ZFS, DTrace, and containers) keep it at the forefront of enterprise use, and many of these features have been copied in other operating systems.

This course covers a variety of system administration topics surrounding Solaris 10. Solaris 10 includes many features introduced since the last major release of Solaris, and there are new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration.

Take back to work: Intimate knowledge of the new features and best practices surrounding Solaris 10 administration.

Topics include:

Solaris versions, features, selection
SMF and FMA
Booting and installing
Patching
Important administration tools
What's next for Solaris
Quick performance overview

Laptop requirements: Each student should have a laptop with wired access for remote access into an instructor-provided Solaris 10 machine (if you do not have a laptop, we will make every effort to pair you up with another student to work as a group; your laptop does not need to be running Solaris).

T5 Time Management for System Administrators: A New Approach NEW!
Thomas A. Limoncelli, Google

Who should attend: Sysadmins and developers who need more time in their day or who have problems getting projects done because of constant interruptions; those who want more control over their time and the ability to schedule work instead of working at the whim of their users.

After teaching this tutorial for many years at LISA, I have revamped the material around a new approach, "the Three Kinds of Days." We begin by examining, in broad terms, the three kinds of days sysadmins have (booked with meetings, busy, and mixed) and tune our approach to each kind of day by using different time management techniques.

If you agree with any of these statements, this class is for you:

I don't have enough time to get all my work done.
As a sysadmin, I can't schedule, prioritize, or plan my work.
I'm spending all my time mopping the floor; I don't have time to fix the leaking pipe.
My boss says I don't work hard enough, but I'm always working my ____ off!

Take back to work: The skills you need to get more done in less time.

Topics include:

Why typical "time management" books don't work for sysadmins
What makes "to-do" lists fail, and how to make them work
How to eliminate "I forgot" from your vocabulary
How to prioritize tasks so that users think you're a genius
Ways to have more time for fun (for people with a social life)
How to leave the office every day with a smile on your face

T6 Automating System Administration with Perl, Part One NEW!
David N. Blank-Edelman, Northeastern University

Who should attend: System administrators who don't have the time to keep up with all of the advances in the Perl world that can benefit them. This class will build upon your existing Perl knowledge. You'll need at least an advanced-beginner to intermediate familiarity with the language to be able to use the material in this class.

Look at the seat to your left at any USENIX conference. Now look to your right. Chances are, if people near you are automating their system administration tasks, they are using Perl. Python and Ruby are both great languages, but there's a reason why Perl is still the predominant language in this field.

Take back to work: Perl approaches and techniques that can help improve your daily system administration life.

Topics include:

File systems
DNS and DHCP
Config files, all formats, including XML
Network mapping and monitoring, including such tools as SNMP, nmap, graphviz, and RRDtool

T7 Disk-to-Disk Backup and Eliminating Backup System Bottlenecks UPDATED FOR 2009!
Jacob Farmer, Cambridge Computer Services

Who should attend: System administrators involved in the design and management of backup systems and policymakers responsible for protecting their organization's data. A general familiarity with server and storage hardware is assumed. The class focuses on architectures and core technologies and is relevant regardless of what backup hardware and software you currently use.

The data protection industry is going through a mini-renaissance. In the past few years, the cost of disk media has dropped to the point where it is practical to use disk arrays in backup systems, thus minimizing and sometimes eliminating the need for tape. In the first incarnations of disk-to-disk backup—disk staging and virtual tape libraries—disk has been used as a direct replacement for tape media. While this compensates for the mechanical shortcomings of tape drives, it fails to address other critical bottlenecks in the backup system, and thus many disk-to-disk backup projects fall short of expectations. Meanwhile, many early adopters of disk-to-disk backup are discovering that the long-term costs of disk staging and virtual tape libraries are prohibitive.

The good news is that the next generation of disk-enabled data protection solutions has reached a level of maturity where they can assist—and sometimes even replace—conventional enterprise backup systems. These new D2D solutions leverage the random access properties of disk devices to use capacity much more efficiently and to obviate many of the hidden backup-system bottlenecks that are not addressed by first-generation solutions. The challenge to the backup system architect is to cut through the industry hype, sort out all of these new technologies, and figure out how to integrate them into an existing backup system.

This tutorial identifies the major bottlenecks in conventional backup systems and explains how to address them. The emphasis is placed on the various roles for inexpensive disk in your data protection strategy; however, attention is given to SAN-enabled backup, the current state and future of tape drives, and iSCSI.

Take back to work: Ideas for immediate, effective, inexpensive improvements to your backup systems.

Topics include:

Identifying and eliminating backup system bottlenecks
Conventional disk staging
Virtual tape libraries
Removable disk media
Incremental forever and synthetic full backup strategies
Block- and object-level incremental backups
Information lifecycle management and nearline archiving
Data replication
CDP (Continuous Data Protection)
Snapshots
Current and future tape drives
Capacity Optimization (Single-Instance File Systems)
Minimizing and even eliminating tape drives
iSCSI

T8 Bringing Your Web Pages to Life with jQuery NEW!
Tobias Oetiker, Consultant

Who should attend: People who know programming and HTML and want to bring their Web pages to life using JavaScript. No prior JavaScript skills are required.

I have been creating Web pages using plain HTML and some CSS for a long time now, but the whole DHTML and AJAX craze remained somewhat of a closed book to me. This all changed when I set my mind to integrating a Picasa Web Album into my home page and could not find any code out there that did what I had in mind.

JavaScript has a bad reputation for being highly browser-specific. This has changed in recent years, both through the browsers becoming more uniform in their JavaScript support and with the advent of some nifty JavaScript libraries.

In this course you can join me in getting up to speed with JavaScript programming. After covering some basics, I will give you a step-by-step tour through the code that got it all started, integrating photos stored on Picasa Web into a plain Web page. I will be using jQuery as a basis for the JavaScript examples.

Take back to work: The ability to start integrating interactive JavaScript elements into your Web pages.

Topics include:

JavaScript 101
jQuery feature overview
Lots of example code
A walk-through of a real-world jQuery application
How to write maintainable code in JavaScript

T9 Advanced Shell Programming
Mike Ciavarella, Consultant

Who should attend: Junior or intermediate system administrators or anyone with a basic knowledge of programming, preferably with some experience in Bourne/Korn shells (or their derivatives).

The humble shell script is still a mainstay of UNIX/Linux system administration, despite the wide availability of other scripting languages. This tutorial details techniques that move beyond the quick-and-dirty shell script.

Take back to work: An understanding of how to use the "lowly" shell to achieve lofty goals.

Topics include:

Common mistakes and unsafe practices
Modular shell script programming
Building blocks: awk, sed, etc.
Writing secure shell scripts
Performance tuning
Choosing the right utilities for the job
Addressing portability at the design stage
When not to use shell scripts

Tuesday Afternoon Half-Day Tutorials

T10 Solaris 10 Administration Workshop 2: Virtualization (Hands-on; laptop recommended)
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning about the new virtualization features in Solaris 10.

This course covers the gamut of virtualization options in Solaris 10. It includes new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration.

Take back to work: Intimate knowledge of the Solaris 10 virtualization choices and best practices surrounding Solaris 10 administration.

Topics include:

Virtualization choices in Solaris
Zones/Containers
LDOMs and Domains
Virtualbox
xVM (a.k.a. Xen)

System Requirements: Each student should have a laptop with wired access for remote access into an instructor-provided Solaris 10 machine (if you do not have a laptop, we will make every effort to pair you up with another student to work as a group; your laptop does not need to be running Solaris).

T11 Design Patterns for System Administrators NEW!
Thomas A. Limoncelli, Google

Who should attend: System administrators and managers at all skill levels who support many users or a growing user base.

We will discuss design patterns and rules of thumb that I have learned over my 20 years as a system administrator, plus info from The Practice of System and Network Administration (Addison-Wesley) and Time Management for System Administrators (O'Reilly). We will examine case studies; students will be encouraged to contribute their own examples and patterns.

Take back to work: A hodgepodge of tricks and tips to make your life easier.

Topics include:

General sysadmin stuff:

Making big changes without tearing down the world
How to make ACLs more sustainable
Rules for DNS and other namespaces when setting up a new company
How to avoid supporting many, many releases
Maintaining an inventory that never goes out of date
The best time to upgrade a compiler
Simple ways to improve communication with your fellow SAs, management, and customers
Making the "buy vs. build" decision
Constant evolution beats "big initiatives" (unless you are the CEO)
How to encourage users to conserve disk space
A state-machine is worth a thousand words

Organizational stuff:

How to organize your help desk for maximum performance
Why bug-tracking software is different from user-request-tracking software
How to ensure that project managers work well with SAs
How to make your users trust you from day one
Three policies your boss should write that save your sanity
How to make sure your users go to the help desk instead of to your desk
How to get your boss to hire an assistant to do all your work

T12 Automating System Administration with Perl, Part Two NEW!
David N. Blank-Edelman, Northeastern University

Take back to work: Perl approaches and techniques that can help improve your daily system administration life.

Topics include:

User activity, including process and network connection management
Database administration
Email protocols (SMTP, POP3, IMAP)
Security tools such as message digests (MD5/SHA-2), network sniffing, and better password mechanisms

T13 Next-Generation Storage Networking UPDATED FOR 2009!
Jacob Farmer, Cambridge Computer Services

Who should attend: Sysadmins running day-to-day operations and those who set or enforce budgets. This tutorial is technical in nature, but it does not address command-line syntax or the operation of specific products or technologies. Rather, the focus is on general architectures and various approaches to scaling in both performance and capacity. Since storage networking technologies tend to be costly, there is some discussion of the relative cost of different technologies and of strategies for managing cost and achieving results on a limited budget.

There has been tremendous innovation in the data storage industry over the past few years. Proprietary, monolithic SAN and NAS solutions are beginning to give way to open-system solutions and distributed architectures. Traditional storage interfaces such as parallel SCSI and Fibre Channel are being challenged by iSCSI (SCSI over TCP/IP), SATA (serial ATA), SAS (serial attached SCSI), and even Infiniband. New filesystem designs and alternatives to NFS and CIFS are enabling high-performance filesharing measured in gigabytes (yes, "bytes," not "bits") per second. New spindle management techniques are enabling higher-performance and lower-cost disk storage. Meanwhile, a whole new set of efficiency technologies are allowing storage protocols to flow over the WAN with unprecedented performance. This tutorial is a survey of the latest storage networking technologies, with commentary on where and when these technologies are most suitably deployed.

Take back to work: An understanding of general architectures, various approaches to scaling in both performance and capacity, relative costs of different technologies, and strategies for achieving results on a limited budget.

Topics include:

Fundamentals of storage virtualization: the storage I/O path
Shortcomings of conventional SAN and NAS architectures
In-band and out-of-band virtualization architectures
The latest storage interfaces: SATA (serial ATA), SAS (serial attached SCSI), 4Gb Fibre Channel, Infiniband, iSCSI
Content-Addressable Storage (CAS)
Information Life Cycle Management (ILM) and Hierarchical Storage Management (HSM)
The convergence of SAN and NAS
High-performance file sharing
Parallel file systems
SAN-enabled file systems
Wide-area file systems (WAFS)

T15 Documentation Techniques for Sysadmins
Mike Ciavarella, University of Melbourne, Australia

Who should attend: System administrators who need to produce documention for the systems they manage or who want to improve their documentation skills.

Particular emphasis is placed on documentation as a time-saving tool rather than a workload imposition.

Take back to work: The ability to make immediate, practical use of the documentation techniques presented in this tutorial in your day-to-day tasks.

Topics include:

Why system administrators need to document
The document life cycle
Targeting your audience
An adaptable document framework
Common mistakes
Tools to assist the documentation process

Wednesday, November 4, 2009

Wednesday Full-Day Tutorials

W1 Virtualization with VMware vSphere 4.0: Advanced Topics NEW!
John Arrasjid and Rupen Sheth, VMware

Who should attend: System administrators and architects interested in advanced features of vSphere 4.0. This session will provide in-depth technical discussions and is geared toward those already experienced with the VMware Infrastructure, including those with advanced VI3 skills who are interested in learning more to help them in transitioning to a VMware vSphere 4 environment.

This tutorial will cover advanced topics related to vSphere 4.0, the latest VMware technology platform. We will focus on new and advanced concepts pertaining to networking and storage, provisioning, availability, and disaster recovery. This session will also include layered technologies that augment vSphere 4.0 capabilities. Live demonstrations will be given, time and connectivity permitting. Students' technical questions will be answered in the last part of the day.

Take back to work: A firm understanding of how to use the more advanced features of VMware vSphere 4.0.

Topics include:

Best practices overview
New and/or advanced networking and storage concepts
Design strategies for virtualization
vShield security solutions
Disaster recovery solutions
Demonstration of features

W2 Practical Python for System Administrators
Steve Holden, Holden Web

Who should attend: System administrators looking for scripting tools to assist them in performing more complex system administration tasks. Python experience is not necessary, but familiarity with scripting would be useful.

This tutorial will introduce you to many of Python's features by example. It will present scripts to solve practical administration problems and then discuss potential modifications to broaden the scope of the script or specialize it. It will also take a look at Python's object-oriented features and explain how object-oriented solutions can be more flexible and easier to maintain.

Along the way we will introduce some of Python's more advanced features, including generator functions, the iteration protocol, and properties, and we will discuss Python's database API and its built-in graphical capabilities. Examples will be presented in such a way as to give you the ability to adapt existing scripts, as well as to write your own.

Take back to work: The ability to make your work easier through reliable automation of many complex tasks, both by adapting existing scripts and by writing your own.

Topics include:

System heartbeat monitors
UDP-based logging utilities
Log analysis tasks

Wednesday Morning Half-Day Tutorials

W3 Solaris 10 Administration Workshop 3: File Systems (Hands-on; laptop recommended)
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning about the new filesystem features in Solaris 10.

Solaris has always been the premier commercial operating system, and this remains the case today. Its novel features and applications (such as ZFS, DTrace, and Containers) keep it at the forefront of enterprise use, and many of these features have been copied in other operating systems. This course covers Solaris 10 filesystem topics. It includes new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration.

Take back to work: Intimate knowledge of the Solaris 10 filesystem choices and best practices surrounding Solaris 10 administration.

Topics include:

Root disk layout
Mirroring and related topics
ZFS
Choosing the most appropriate file system

Laptop requirements: Each student should have a laptop with wired access for remote access into an instructor-provided Solaris 10 machine; your laptop does not need to be running Solaris. If you do not have a laptop, we will make every effort to pair you with another student.

W4 Linux Performance Tuning NEW!
Theodore Ts'o, IBM Linux Technology Center

Who should attend: Intermediate and advanced Linux system administrators who want to understand their systems better and get the most out of them.

The Linux operating system is commonly used in both the data center and by scientific computing; it is used in embedded systems as small as a wristwatch, as well as in large mainframes. As a result, the Linux system has many tuning knobs so that it can be optimized for this wide variety of workloads. Some tuning of the Linux operating system has been done "out of the box" by enterprised-optimized distributions, but there are still many opportunities for a system administrator to improve the performance of his or her workloads on a Linux system.

This class will cover the tools that can be used to monitor and analyze a Linux system and key tuning parameters to optimize Linux for specific server applications, covering the gamut from memory usage to filesystem and storage stacks, networking, and application tuning.

Take back to work: The ability to hone the performance of your Linux systems for the specific tasks they need to perform.

Topics include:

Strategies for performance tuning

Characterizing your workload's requirements
Finding bottlenecks
Tools for measuring system performance

Memory tuning
Filesystem and storage tuning
NFS performance tuning
Network tuning

Latency vs. throughput

Application tuning

W5 Over the Edge System Administration, Volume 1
David N. Blank-Edelman, Northeastern University

Who should attend: Old-timers who think they've already seen it all and those who want to develop inventive thinking early in their career. Join us and be prepared to be delighted, disgusted, and amazed. Most of all, be ready to enrich your network and system adminstration by learning to be different.

It's time to learn how to break the rules, abuse the tools, and generally turn your system administration knowledge inside out. This class is a cornucopia of ideas for creative ways to take the standard (and sometimes not-so-standard) system administration tools and techniques and use them in ways no one would expect. We'll also cover some tools you may have missed.

Note: The teacher takes no responsibility should your head explode during this class.

Take back to work: New approaches to old problems, along with some ways to solve the insolubles.

Topics include:

How to (ab)use perfectly good network transports by using them for purposes never dreamed of by their authors
How to increase user satisfaction during downtimes with 6 lines of Perl
How to improve your network services by intentionally throwing away data
How to drive annoying Web-only applications that don't have a command line interface—without lifting a finger
How to use ordinary objects you have lying around the house, such as Silly Putty, to make your life easier (seriously!)

Wednesday Afternoon Half-Day Tutorials

W6 Solaris 10 Administration Workshop 4: Security (Hands-on; laptop recommended)
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning about the new security features in Solaris 10 and features in previous Solaris releases they might not be using.

Solaris has always been the premier commercial operating system, but it is also somewhat different from other UNIX/Linux systems. It has novel features and applications (some have been copied in other operating systems), and there are things you need to know to use them effectively and securely.

This course covers a variety of topics surrounding Solaris 10 and security. Note that this is not a class about specific security vulnerabilities and hardening; rather, it examines new features in Solaris 10 for addressing the entire security infrastructure, as well as new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration. Also, this course does not include virtualization (containers et al.), as that is covered in Solaris 10 Administration Workshop 2.

Take back to work: During this exploration of the important new features of Solaris 10, you'll not only learn what it does and how to get it done, but also best practices. Also covered is the status of each of these new features, how stable it is, whether it is ready for production use, and expected future enhancements.

Topics include:

RBAC—Role Based Access Control: Giving users and application access to data and functions based on the role they are filling, as opposed to their login name
Privileges: A new Solaris facility based on the principle of least privilege. Instead of being root (or not), users are accorded 43 distinct bits of privilege, sometimes spanning classes of actions and sometimes being confined to a specific system call.
NFSv4: The latest version of NFS (based on an industry standard) features stateful connection, more and better security, write locks, and faster performance.
Flash archives and live upgrades (automated system builds)
Moving from NIS to LDAP
DTrace (security): Solaris 10's system profiling and debugging tool
FTP client and server enhancements for security, reliability, and auditing
PAM—the Pluggable Authentication Module: Enhancements for more detailed control of access to resources
Auditing enhancements
BSM—Basic Security Module: A security auditing system, including tools to assist with analysis, and a device allocation mechanism that provides object-reuse characteristics for removable or assignable devices
Service Management Facility (a replacement for rc files), with new "secure by default" settings
Solaris Cryptographic Framework: A built-in system for encrypting anything, from files on disks to data streams between applications
Kerberos enhancements
Packet filtering with IPfilters
BART—Basic Audit Reporting Tool: Like Tripwire, BART enables you to determine what file-level changes have occurred on a system, relative to a known baseline
Trusted Extension: additions to Solaris 10 to make it "Trusted Solaris"
Securing a Solaris 10 system

Laptop requirements: Each student should have a laptop with wireless access for remote access into an instructor-provided Solaris 10 machine; your laptop does not need to be running Solaris. If you do not have a laptop, we will make every effort to pair you up with another student.

W7 Recovering from Linux Hard Drive Disasters
Theodore Ts'o, IBM Linux Technology Center

Who should attend: Linux system administrators and users.

Ever had a hard drive fail? Ever kick yourself because you didn't keep backups of critical files, or you discovered that your regularly nightly backup didn't succeed? Of course not: everybody keeps regular backups and verifies them to make sure they are successful. But for those people who think they might nevertheless someday need this information, this tutorial will discuss ways of recovering from storage disasters caused by failures somewhere in the hardware or software stack.

Take back to work: How to recover from storage disasters caused by failures somewhere in the hardware or software stack.

Topics include:

How data is stored on hard drives
Recovering from a corrupted partition table
Recovering from failed software RAID systems
Low-level techniques to recover data from a corrupted ext2/ext3 filesystem when backups aren't available
Using e2image to back up critical ext2/3 filesystem metadata
Using e2fsck and debugfs to sift through a corrupted filesystem
Preventive measures to avoid needing to use heroic measures

W8 Over the Edge System Administration, Volume 2
David N. Blank-Edelman, Northeastern University

Join us for volume 2 of the wildly successful Over the Edge System Administration class series. Once again we'll learn how to break the rules, abuse the tools, and generally turn your system administration knowledge inside out with the help of a whole new set of examples. This class is a second cornucopia of ideas for creative ways to take the standard (and sometimes not-so-standard) system administration tools and techniques and use them in ways no one would expect. We'll also cover some tools you may have missed. This class will take some of the concepts from volume 1 and develop them even further.

We feel it is important to remind you: The teacher takes no responsibility should your head explode during this class.

Take back to work: Approaches to system administration you never dreamed of—but you wish you had!

Topics include:

How to exploit side effects to your benefit
Applying the arts and crafts you learned in camp to system administration
Pressing Web apps from places like Google and Yahoo! into service as sysadmin tools
How to perform SQL queries on your network equipment
How to use even more ordinary objects you have lying around the house to make your life easier (seriously!)

Thursday, November 5, 2009

Thursday Full-Day Tutorials

R1 VMware ESX Performance and Tuning

Richard McDougall, VMware

Who should attend: Anyone who is involved in planning or deploying virtualization on VMware ESX and wants to understand the performance characteristics of applications in a virtualized environment.

We will walk through the implications to performance and capacity planning in a virtualized world to learn about how to achieve best performance in a VMware ESX enviroment.

Take back to work: How to plan, understand, characterize, diagnose, and tune for best application performance on VMware ESX.

Topics include:

Introduction to virtualization
Understanding different hardware acceleration techniques for virtualization
Diagnosing performance using VMware tools
Diagnosing performance using guest OS tools in a virtual environment
Practical limits and overheads for virtualization
Storage performance
Network throughput and options
Using Virtual-SMP
Guest Operating System Types
Understanding the characteristics of key applications, including Oracle, MS SQLserver, and MS Exchange
Capacity planning techniques

-->

R2 VMware ESX Performance and Tuning NEW!

Richard McDougall, VMware

We will walk through the implications to performance and capacity planning in a virtualized world to learn about how to achieve best performance in a VMware ESX enviroment.

Take back to work: How to plan, understand, characterize, diagnose, and tune for best application performance on VMware ESX.

Topics include:

Introduction to virtualization
Understanding different hardware acceleration techniques for virtualization
Diagnosing performance using VMware tools
Diagnosing performance using guest OS tools in a virtual environment
Practical limits and overheads for virtualization
Storage performance
Network throughput and options
Using Virtual-SMP
Guest Operating System Types
Understanding the characteristics of key applications, including Oracle, MS SQLserver, and MS Exchange
Capacity planning techniques

Thursday Morning Half-Day Tutorials

R3 Take a Gulp from the Sysadmin Automation Firehose NEW!
Æleen Frisch, Exponential Consulting

Who should attend: System administrators who want to explore new ways of automating administrative tasks. Shell scripts are appropriate for many jobs, but more complex operations will often benefit from sophisticated tools.

As the complexity of modern UNIX/Linux systems has increased, the tried-and-true method of "just write a shell script" has become outdated. While simple tasks can still be performed this way, tools are available that can make your job simpler, yet much more sophisticated, especially when managing large numbers of systems.

Take back to work: An introduction to the most essential tools for making your work easier. For each tool, we will consider what tasks it does well, how to get started using it, and which of its advanced features to consider next.

Topics include:

Expect: Automating interactive processes
Bacula: Open source enterprise backup
Nagios: Monitoring network and device performance
RRDTool: Examining retrospective system data
Front ends to RRDTool: Munin and others
Other tools of interest and importance

R4 Wireshark and the Art of Debugging Networks
Gerald Carter, Likewise Software

Who should attend: System and network administrators who are interested in learning more about the TCP/IP protocol and how network traffic monitoring and analysis can be used as a debugging, auditing, and security tool.

System logs can turn out to be incomplete or incorrect when you're trying to track down network application failures. Sometimes the quickest, or the only, way to find the cause is to look at the raw data on the wire. This course is designed to help you make sense of that data.

Take back to work: How to use the Wireshark protocol analyzer as a debugging and auditing tool for TCP/IP networks.

Topics include:

Introduction to Wireshark (Ethereal) for local and remote network tracing
TCP/IP protocol basics
Analysis of popular application protocols such as DNS, DHCP, HTTP, NFS, CIFS, and LDAP
How some kinds of TCP/IP network attacks can be recognized

Thursday Afternoon Half-Day Tutorials

R5 Have a Drink from the Network Services Firehose NEW!
Gerald Carter, Likewise Software

Who should attend: System and network administrators who, whether to brush up on overall network expertise or to cover for a collegue who is out sick one day, need a fast introduction to core network services.

There are a collection of network services we use every day when performing basic tasks such as checking email, sharing documents, and browsing the Web.

For each topic, we'll answer the questions:

What does it do?
Why do I have it or need it on my network?
What are the popular (or at least common) applications I might run into?
How does it work on Solaris, Linux, and *BSD systems?
What is in the configuration files and where do they live?

Take back to work: An introduction to the stable of core services every network requires to function properly.

Topics include:

DHCP (Dynamic Host Control Protocol)
DNS (Domain Name System)
Electronic mail servers
LDAP (Lightweight Directory Access Protocol)
NFS (Network File System) and automounters
Web servers

R6 Nagios: Advanced Topics
John Sellens, SYONEX

Who should attend: Network and system administrators ready to implement or extend their use of the Nagios system and network monitoring tool.

Nagios is a very widely used tool for monitoring hosts and services on a network. It's very flexible, configurable, and can be extended in many ways, using home-grown or already existing extensions.

This tutorial will cover the advanced features and abilities of Nagios and related tools, which are especially useful in larger or more complex environments, or for higher degrees of automation or integration with other systems.

Take back to work: The information you need to immediately implement and use the advanced features of Nagios and related tools for monitoring systems and devices on your networks.

Topics include:

Theory of operation
Configuration for more complex environments
Plug-ins: Their creation, use, and abuse
Extensions: NRPE, NSCA, NDOUtils
Add-ons: Graphing, integration with other tools
Abuse: Unexpected uses and abuses of Nagios

Friday, November 6, 2009

Friday Full-Day Tutorials

F1 Introduction to the Open Source Xen Hypervisor

Jeanna Matthews and Zach Shepherd, Clarkson University

Who should attend: System administrators and architects who are interested in running server services in virtual machines and deploying the open source Xen hypervisor in a production environment. No prior experience with Xen is required; however, a basic knowledge of Linux is helpful.

The Xen hypervisor, an innovative virtualization infrastructure to provide fast and secure execution to multiple virtual machines, has been used to virtualize a wide range of guest operating systems, including Windows, Linux, Solaris, and *BSD. Widely regarded as a compelling alternative to proprietary virtualization platforms and hypervisors for x86-compatible platforms, it is commonly deployed in industrial and commercial environments as a promising approach to dynamic datacenters and virtual servers.

Take back to work: How to build and deploy the Xen hypervisor.

Topics include:

Basic overview of virtualization
Xen architecture overview
Virtual machine creation and operation
Installation and configuration
Performance: tools and methodology
Best practices using Xen

F3 Issues in Infrastructure Design
Lee Damon, University of Washington

Who should attend: Anyone who is designing, implementing, or maintaining a UNIX environment with 2 to 20,000+ hosts; system administrators, architects, and managers who need to maintain multiple hosts, real or virtual, with few admins.

This intermediate class will examine many of the background issues that need to be considered during the design and implementation of a mixed-architecture, mixed hard- and virtual-architecture, or single-architecture UNIX environment. It will cover issues from authentication (single sign-on) to the Holy Grail of single system images.

This class won't implement a "perfect solution," as each site has different needs. We will look at some freeware and some commercial solutions, as well as many of the tools that exist to make a workable environment possible.

Take back to work: Answers to the questions you should ask while designing and implementing the mixed-architecture, mixed hard- and virtual-architecture, or single-architecture UNIX environment that will meet your needs.

Topics include:

Administrative domains: Who is responsible for what, and what can users do for themselves?
Desktop services vs. farming: Do you do serious computation on the desktop, or do you build a compute farm?
Disk layout: How do you plan for an upgrade? Where do things go?
Free vs. purchased solutions: Should you write your own, or hire a consultant or company?
Homogeneous vs. heterogeneous: Homogeneous is easier, but will it do what your users need?
Where does virtualization fit in?
Extending your infrastructure into the clouds
The essential master database: How can you keep track of what you have?
Policies to make life easier
Push vs. pull
Getting the user back online in 5 minutes
Remote administration: lights-out operation; remote user sites; keeping up with vendor patches, etc.
Scaling and sizing: How do you plan on scaling?
Security vs. sharing: Your users want access to everything. So do the crackers . . .
Single sign-on: How can you do it securely?
Single system images: Can users see just one environment, no matter how many OSes there are?
Tools: The free, the purchased, the homegrown

Need help? Use our Contacts page.

Last changed: 14 Oct. 2009 ch