|
TRAINING PROGRAM
Sunday, November 7, 2010
|
|
Sunday Full-Day Tutorials
|
|
S1 Virtualization with VMware vSphere: The Fundamentals NEW!
Rupen Sheth and Shridhar Deuskar, VMware
Who should attend: System administrators and architects who are interested in deploying VMware vSphere, including ESX and vCenter Server, in a production environment. No experience with VMware products is required. Experience with shared storage (SAN and NAS) and networking (switches and VLANs) is recommended.
VMware vSphere is the latest virtualization environment
from VMware, consisting of ESX/ESXi hosts and vCenter servers for
hosting and managing virtual machines. It provides capabilities
to support various infrastructure management features (consolidation,
patching/upgrading, automation, data protection) with features and
extensions to support high availability (VMware HA), fault tolerance
(VMware FT), and security (VMware vShield Manager). There are numerous
other enhancements to improve efficiency, control, and choice for
your virtual infrastructure.
Take back to work: The knowledge needed to design, install, and test a VMware vSphere–based virtual
infrastructure as the foundation for cloud computing.
Topics include:
- Virtualization overview
- Current vSphere core concepts and features
- vSphere installation and configuration (ESX, vCenter, and extensions)
- Networking and storage overview and configuration
- Virtual machines, virtual appliances, and the OVF
- Clusters, Resource Pools, VMware HA, VMware FT, and VMware DRS
- Demonstration of features
|
Sunday Morning Half-Day Tutorials
|
S3 DNSSEC Implementation Overview: It's Not That Scary If You Do It Right NEW!
Alan Clegg,
Internet Systems Consortium
Who should attend: System administrators and network engineers who are knowledgeable about DNS and have been asked by their managers to deploy DNSSEC.
Using an example of a recent deployment ISC performed for a customer, this tutorial will provide an overview of planning, implementation, and deployment of DNSSEC. Included will be discussion of Hardware Security Module (HSM) use and of implementation issues dealt with during the signing and deployment of the DNSSEC signed Portugal ccTLD (.PT). It will give the attendee the basic knowledge to deploy DNSSEC signed zones on authoritative servers and to configure validating recursive servers.
Take back to work: A thorough understanding of what you need to know and do to deploy DNSSEC in your organization.
Topics include:
- Determination of needs
- Hardware overview
- HSM (key storage) vs. crypto acceleration
- Evaluation of existing infrastructure and processes: what can be used and what must be extended
- Deployment considerations
- Evaluating signing requirements
- NSEC vs. NSEC3
- Key length
- Key rollover periods
- Testing the system
- Quality assurance: zone correctly signed, keys appropriately secure and ready for publication
S4 Nagios: Advanced Topics
John Sellens, SYONEX
Who should attend: Network and system administrators ready to implement or extend their use of the Nagios system and network monitoring tool.
Nagios is a very widely used tool for monitoring hosts and services on a network. It's very flexible, configurable, and can be extended in many ways, using home-grown or already existing extensions.
This tutorial will cover the advanced features and abilities of Nagios and related tools, which are especially useful in larger or more complex environments, or for higher degrees of automation or integration with other systems.
Take back to work: The information you need to immediately implement and use the advanced features of Nagios and related tools for monitoring systems and devices on your networks.
Topics include:
- Theory of operation
- Configuration for more complex environments
- Plug-ins: Their creation, use, and abuse
- Extensions: NRPE, NSCA, NDOUtils
- Add-ons: Graphing, integration with other tools
- Abuse: Unexpected uses and abuses of Nagios
S5 Techniques for Managing Huge Amounts of Data NEW!
Richard Elling, Nexenta Systems
Who should attend: Storage administrators and systems architects who are challenged
by the ever-increasing mass of information being stored.
This intermediate-level tutorial explores techniques for managing
100+ TB of data. Today's disk technology can easily place 250TB
in a single rack footprint at a reasonable hardware cost. But managing
large amounts of data is not easy—it must be accessible, searchable,
dependable, secure, fast, and able to grow. Engineering trade-offs
abound and all angles will be examined.
Take back to work: An understanding of the tips, tricks, and traps involved in implementing and managing huge amounts of data.
Topics include:
- Introduction to storage technologies
- Evolution of storage media
- Big movers in the storage world: data transports
- Magnetic tape technology, still alive and kicking
- Magnetic hard disk technology, the mainstay of modern storage
systems
- When good data goes bad
- How storage fails
- Techniques for error detection and correction
- RAID and emerging redundancy technologies
- Tools for evaluating data retention
- Considerations for long-term data maintenance
- Capacity planning and performance
- Fast, inexpensive, or dependable?
- Design for bandwidth
- Design for latency
- Design for retention
- Tips for managing user expectations
S6 Wireshark and the Art of Debugging Networks
Gerald Carter, Likewise Software
Who should attend: System and network administrators who are interested in learning more about the TCP/IP protocol and how network traffic monitoring and analysis can be used as a debugging, auditing, and security tool.
System logs can turn out to be incomplete or incorrect when you're trying to track down network application failures. Sometimes the quickest, or the only, way to find the cause is to look at the raw data on the wire. This course is designed to help you make sense of that data.
Take back to work: How to use the Wireshark protocol analyzer as a debugging and auditing tool for TCP/IP networks.
Topics include:
- Introduction to Wireshark (Ethereal) for local and remote network tracing
- TCP/IP protocol basics
- Analysis of popular application protocols such as DNS, DHCP, HTTP, NFS, CIFS, and LDAP
- How some kinds of TCP/IP network attacks can be recognized
|
Sunday Afternoon Half-Day Tutorials
|
S7 Getting It Out the Door Successfully
NEW!
Strata Rose Chalup, Project Management Consultant
Who should attend: Sysadmins, managers, and engineers who are involved with shipping a product or live service to external customers.
When introducing large changes in features or functionality, whether
in an IT infrastructure, established product/service, or new
initiative, your pilot and release process can save you time, money,
and aggravation—but only if you do it right. We all know stories
of pilot programs that killed the original idea, or the release
with fanfare that was rolled back a month later. Whether to internal
or external customers, there's a class of infrastructure and process
work you can do up front that will minimize your pain later—and
the sooner, the better!
Take back to work: Tried and true methods for ensuring that you have something of quality to release by your deadline.
Topics include:
- Stack the odds for success
- New school or old school? It depends
- Agile process flow
- Traditional process flow
- Laying out the puzzle pieces
- Infrastructure, yeah, but what else?
- Integrating with other teams
- Engineering for supportability
- Plan for failure and happy surprises
- To phone home, or not?
- Release process
- Release prep
- License management
- QA and deployment issues
- Source code control
- Code and component structure for smooth deploys
- Managing IT and engineering development
- What else besides code? Lots!
- Catastrophic success
- Planning for the worst best
- When sales throws wild cards
- Accounting and finance
- Proving the win
- COGS, ROI, and you
- On beyond Zebra: working with Bizdev
- Product Manager, Provost, Principal Investigator
- Setting up for case studies
- Escalation management with partners
S8 Databases: What You Need to Know
John Sellens, SYONEX
Who should attend: System and application administrators who need to support databases and database-backed applications.
Databases used to run almost exclusively on dedicated database servers, with one or more database administrators (DBAs) dedicated to their care. These days, with the easy availability of database software such as MySQL and PostgreSQL, databases are popping up in many more places and are used by many more applications.
As a system administrator you need to understand databases, their care and feeding. This course provides an introduction to database concepts, use, and implementation, specifically aimed at system administrators.
Take back to work: A better understanding of databases and their use and of how to deploy and support common database software and database-backed applications.
Topics include:
- An introduction to database concepts
- The basics of SQL (Structured Query Language)
- Common applications of databases
- Berkeley DB and its applications
- MySQL installation, configuration, and management
- PostgreSQL installation, configuration, and management
- Security, user management, and access controls
- Ad hoc queries with standard interfaces
- ODBC and other access methods
- Database access from other tools (Perl, PHP, sqsh, etc.)
S9 Working with SELinux
Rik Farrow, Security Consultant
Who should attend: Sysadmins and security managers of Linux systems who want or are
required to use SELinux. Participants must be familiar with Linux
system administration: previous frustration using SELinux
is expected but not required.
This tutorial focuses on getting SELinux working again in enforcing
mode after it has been disabled. SELinux is included by default in
many popular distros, along with a policy targeted at sandboxing
popular network services and some applications. But even minor
changes to a server's files, or enabling features in a currently
running server, will cause SELinux to prevent an application from
working. The usual fix is to disable SELinux.
Take back to work: An awareness of new tools and techniques for debugging problems with SELinux configuration and applications: how to switch SELinux from permissive (or disabled) mode to enforcing and how to sandbox other, not currently covered applications.
Topics include:
- SELinux uncloaked
- Types, contexts, and roles
- Context-based policy
- Extensions to familiar commands
- Using the audit file
- Tools for deciphering log messages
- Adjusting file/directory context
- Fixing common access problems
- Using Booleans to adjust policy
- Extending policy
- Using audit2allow to correct policy
- Adding new policy modules
S10 Have a Drink from the Network Services Firehose
Gerald Carter, Likewise Software
Who should attend: System and network administrators who, whether to brush up
on overall network expertise or to cover for a collegue
who is out sick one day, need a fast introduction to
core network services.
There is a collection of network services we use
every day when performing basic tasks such as checking
email, sharing documents, and browsing the Web.
For each topic, we'll answer the questions:
- What does it do?
- Why do I have it or need it on my network?
- What are the popular (or at least common) applications I might
run into?
- How does it work on Solaris, Linux, and *BSD systems?
- What is in the configuration files and where do they live?
Take back to work: An introduction
to the stable of core services every network requires
to function properly.
Topics include:
- DHCP (Dynamic Host Control Protocol)
- DNS (Domain Name System)
- Electronic mail servers
- LDAP (Lightweight Directory Access Protocol)
- NFS (Network File System) and automounters
- Web servers
|
Monday, November 8, 2010
|
|
Monday Full-Day Tutorials
|
M1 VMware Cloud and Cloud Architecture Design
NEW!
John Arrasjid and
Ben Lin, VMware
Who should attend: System administrators and architects who are interested in deploying
a VMware Cloud.
VMware Cloud is a suite of VMware technologies used to stand up
private clouds (on premises and off premises) and public clouds.
VMware Cloud includes several technologies to provide multi-tenancy,
resource elasticity, segmentation of resources, and provisioning
mechanisms.
Taking the S1 Fundamentals class or having some experience with VMware
vSphere, VMware Chargeback, and Distributed Virtual Switches is a
prerequisite to this class.
Take back to work: The knowledge needed to design a VMware Cloud for use as an enterprise private cloud.
Topics include:
- VMware Cloud core concepts and features
- Cloud design considerations
- Cloud design patterns and best practices
- Demonstration of features
M3 ZFS: A Filesystem for Modern Hardware
Richard Elling, Nexenta Systems
Who should attend: Systems engineers, integrators, and administrators who are interested in deploying ZFS on Solaris, Mac OS X, or FreeBSD.
Participants should be familiar with storage devices, RAID systems,
logical volume managers, backup, and file system features. Special
emphasis will be placed on integration considerations for virtualization,
NAS, and databases.
File systems developed in the mid-20th century were severely
constrained by the storage hardware available at the time. ZFS was
conceived with an eye toward the hardware of the future and how
storage will evolve. This presented an opportunity to rethink how
file systems use storage hardware. The result is a new way of managing
data which can evolve as the hardware changes while remaining
compatible with earlier notions of file system use. Along the way,
new concepts such as the Hybrid Storage Pool provide new opportunities for optimization, efficiency,
and data protection. In this tutorial,
ZFS will be examined from the bottom up, to build a solid understanding
of the data-hardware interface, and then from the top down, to provide
insight into the best ways to use ZFS for applications.
Take back to work: A solid understanding
of the concepts behind ZFS and how to make the best decisions when
implementing storage at your site.
Topics include:
- Evolution of hardware and file systems
- Storage pools
- RAID data protection
- Import/export and shared storage
- Pool parameters and features
- On-disk format
- Data sets
- Volumes
- POSIX-compliant file systems
- Snapshots
- Replication
- Practical considerations and best practices
- Deployment and migration
- Virtualization
- Sharing
- Performance, observability, and tuning
- Data protection
- Hybrid storage pools
- Backup, restore, and archiving
|
Monday Morning Half-Day Tutorials
|
M4 Time Management for System Administrators: The Basics
Thomas A. Limoncelli, Google
Who should attend: Sysadmins and developers who need more time in
their day or who have problems getting projects done because of
constant interruptions; those who want more control over their time
and the ability to schedule work instead of working at the whim of
their users.
If you agree with any of these statements, this class is for you:
- I don't have enough time to get all my work done.
- As a sysadmin, I can't schedule, prioritize, or plan my work.
- I'm spending all my time mopping the floor; I don't have time to fix
the leaking pipe.
- My boss says I don't work hard enough, but I'm always working my ____ off!
Take back to work: The skills you need to get more done in less time.
Topics include:
- Why typical "time management" books don't work for sysadmins
- What makes "to-do" lists fail, and how to make them work
- How to eliminate "I forgot" from your vocabulary
- How to prevent unwanted interruptions
- How to prioritize tasks so that users think you're a genius
- Ways to have more time for fun (for people with a social life)
- Three policies that make everyone more productive
- How to prioritize your work instead of letting other people boss you around
- How to plan and control your day instead of your work controlling you
- How to do everything you need to get done and only work 40 hours per week
- How to leave the office every day with a smile on your face
M5 Real-World Insights on How to Secure and Route Your Linux Network NEW!
Jason Faulkner, Rackspace
Who should attend: Novice and intermediate Linux system and network administrators, or anyone who wants to understand the ins and outs of networking on Linux.
We will be talking about how to configure IP addresses and static
routes, securing Linux servers on a network level, using the iproute2
utilities for advanced routing and IP configurations, and some
things to look out for with Linux networks. You'll learn why you
should throw away "ifconfig" on Linux in favor of "ip," how to
create and optimize iptables rule sets, and even how to do some
basic load balancing using ipvsadm.
Take back to work: Real-world insights on how to expertly secure and route your Linux-centric network.
Topics include:
- Basics
- Networking review
- Basic network configuration (Sysconfig-based configuration, ifconfig/route, iproute2)
- Other useful network troubleshooting tools (ethtool, sysctl -a, ip route get [ip address])
- Firewalls
- High-level firewall architecture
- iptables (syntax, chains, tables, targets, matches, assembling the pieces into a rule, optimization, complex rulesets, custom chains)
- Other ways to block packets (ebtables, arptables, null-routing)
- Advanced routing
- Metric-based routing
- Multiple routing tables
- Multicast routing
- Other topics
- Simple LB using ipvsadm
- Network tuning using sysctls
M6 Perl 6 for Perl Users and Sysadmins NEW!
Tobias Oetiker, OETIKER+PARTNER AG, Switzerland
Who should attend: People who work with Perl and would like to try their hand at working with a real implementation of Perl 6.
Perl 6 was conceived over ten years ago. The long gestation time has prompted
many eulogies and second system syndrome remarks. All the while Larry Wall and a
bunch of diehards have been working at designing and implementing a new
language called Perl 6. Perl 6 is heavily inspired by Perl 5, but it also
introduces many new ideas on all levels.
For years Perl 6 existed mainly on paper. With Rakudo we now have a real
implementation of the language at our disposal. This course is based on
actual working Rakudo code, focusing on upgrading your Perl knowledge to
Perl 6.
Take back to work: The ability to harness Perl 6 for solving problems with less effort and more fun than ever before.
Topics include:
- Getting Rakudo up and running
- Perl 6 basic concepts
- Perl 5 to Perl 6 feature match
- Object-oriented programming in Perl 6
- Perl 6 one-liners
- Lots of actual running Perl 6 code
- Some cool Perl 6 features you can use to impress your friends and frighten your enemies
M7 NASes for the Masses
NEW!
Lee Damon, University of Washington
Who should attend: Beginner or intermediate system administrators or anyone else in need of a small (1TB to 24TB) file server for office or home.
Take back to work: The basic ideas and understanding necessary to build/buy and implement file services for a small office or home use.
Topics include:
- Pros and cons of different base OSes
- Off-the-shelf NAS servers
- RAID, including popular levels, software
vs. hardware implementations, data reliability, and build time
- ZFS
- Backups
- Issues of setup and maintenance
|
Monday Afternoon Half-Day Tutorials
|
M8 Advanced Time Management: Team Efficiency
NEW!
Thomas A. Limoncelli, Google
Who should attend: All sysadmins, whether they are a team of 100 or a team of one, who want to collaborate efficiently within their team and with others.
All attendees must bring a laptop: we will be practicing these techniques live. All techniques taught will apply to users of any wiki or
collaborative document system, but the labs and demos will be done
using Google Apps.
Take back to work: Techniques to help your IT team work better, faster, and more transparently.
Topics include:
- Efficient meetings
- Why meetings are a big waste of time
- How to improve bad meetings, and how to skip unfixable meetings
- Being a better meeting facilitator using shared documents
- Taking detailed meeting notes using multi-user text editors
- Lab: Using Google Wave to host an online meeting with detailed notes
- Using Google Moderator to manage Q&A sessions
- How to get people to volunteer for tasks
- Lab: Planning a weekly meeting
- Eliminate email overload
- What are the causes?
- Gmail searching and filtering tips (demo)
- Three rules for more productive mailing list operation
- How to use collaborative document systems such as wikis and Google Docs
- To coordinate a system upgrade (with a large team)
- To maintain common reference material (emergency contact lists, etc.)
- To cooperatively write a budget or presentation slides
- Lab: Group budget writing
- Lab: Group presentation editing
- Collect data and surveys using Web survey tools
- Lab: Gathering sign-up information for a team BBQ
- Lab: Using a spreadsheet to manage a pool of test machines
- Communicate more effectively with users; create screen-casts to help users
- Improved "institutional memory" using wikis
- Document processes to trick other people into doing your work
- Creating a simple home page and FAQ system for your users
- Creating a department home page easily
M9 Understanding Service Levels and Service Level Agreements
NEW!
Mike Ciavarella, Coffee Bean Software Pty Ltd
Who should attend: Sysadmins who want to understand how SLAs work, and, more importantly, how to make them work for you, not against you.
With the uptake of formalized service delivery models such as ITIL,
it has become commonplace for organizations to use SLAs (Service Level Agreements) as an indicator of service delivery
performance, both for internally delivered services and when
dealing with third parties.
Service Level Agreements are a part of daily life for
system administrators. Whether it's your own performance
being measured against internal metrics, or
dealing with third-party providers and their service,
you need to be able to understand and work with
(and within) Service Level Agreements. This class looks at how Service Levels are defined, measured, and
delivered, from the point of view of establishing and working within
the framework of a Service Level Agreement (SLA).
Take back to work: How to understand and work with (and within) Service Level Agreements.
Topics include:
- What is, and what is not, a "Service"
- Which services can be effectively managed
with SLAs
- Metrics: what works, what doesn't, and
why
- How to read SLAs, and how to read between the lines of an SLA
- Balancing the requirements of supplier
and customer when setting up an SLA
- "Why SLAs fail"
M10 Recovering from Linux Hard Drive Disasters
Theodore Ts'o, Google
Who should attend: Linux system administrators and users.
Ever had a hard drive fail? Ever kick yourself because you didn't keep
backups of critical files, or you discovered that your regularly nightly
backup didn't succeed?
Of course not: everybody keeps regular backups and verifies them to make
sure they are successful. But for those people who think they might
nevertheless someday need this information, this tutorial will discuss
ways of recovering from storage disasters caused by failures somewhere
in the hardware or software stack.
Take back to work: How to recover from storage disasters caused by failures somewhere in the hardware or software stack.
Topics include:
- How data is stored on hard drives
- Recovering from a corrupted partition table
- Recovering from failed software RAID systems
- Low-level techniques to recover data from a corrupted ext2/3/4 filesystem when backups aren't available
- Using e2image to back up critical ext2/3/4 filesystem metadata
- Using e2fsck and debugfs to sift through a corrupted filesystem
- Preventive measures to avoid needing to use heroic measures
M11 IPv6: An Introduction NEW!
Rudi Van Drunen, Competa IT and
Xlexit Technology
Who should attend: System administrators who need to prepare for migration to IPv6 and
want to know what's involved or who just want to know more about IPv6.
Since IPv4 numbers really are running out fast, we need to think about moving to IPv6 as soon as possible. This tutorial brings you the basics
on IPv6, what is involved in moving, and how to go about making your move to IPv6.
Take back to work: Knowledge of IPv6, what is involved in moving to IPv6, and how
to start now building tunnels between IPv4 and IPv6.
Topics include:
- The IPv6 frame and addressing
- Services (autoconfig, DHCP6, DNS)
- Applications
- Dual stack (IPv4 and IPv6) operation
- Tunnelling
- Security aspects
- How to start now
|
Tuesday, November 9, 2010
|
|
Tuesday Full-Day Tutorials
|
T1 Introduction to the Open Source Xen Hypervisor
Todd Deshane and Patrick Wilbur, Clarkson University
Who should attend: System administrators and architects who are interested in running server services in virtual machines and deploying the open source Xen hypervisor in a production environment. No prior experience with Xen is required; however, a basic knowledge of Linux is helpful.
The Xen hypervisor, an innovative virtualization infrastructure
to provide fast and secure execution to multiple virtual machines, has been used to virtualize a wide range of guest operating
systems, including Windows, Linux, Solaris, and *BSD. Widely regarded as a compelling
alternative to proprietary virtualization platforms and hypervisors
for x86-compatible platforms, it is commonly deployed in industrial
and commercial environments as a promising approach to dynamic
datacenters and virtual servers.
Take back to work: How to build and deploy the Xen hypervisor.
Topics include:
- Basic overview of virtualization
- Xen architecture overview
- Virtual machine creation and operation
- Installation and configuration
- Performance: tools and methodology
- Best practices using Xen
T2 Administering Linux in Production Environments
Æleen Frisch,
Exponential Consulting
Who should attend: Both current Linux system administrators and administrators from sites considering converting to Linux or adding Linux systems to their current computing resources.
Linux system administrators in production environments face many
challenges: the inevitable skepticism about whether an open source
operating system will perform as required; how well Linux systems will
integrate with existing computing facilities; how to locate, install,
and manage high-end features which the standard distributions may
lack; and many more. Sometimes the hardest part of ensuring that the
system meets production requirements is matching the best solution
with the particular local need. This course is designed to give you a
broad knowledge of production-worthy Linux capabilities, as well as
where Linux currently falls short. The material in the course is all
based on extensive experience with production systems.
This course will cover configuring and managing Linux computer systems in production environments. We will be focusing on the administrative issues that arise when Linux systems are deployed to address a variety of real-world tasks and problems arising from both commercial and research and development contexts.
Take back to work: The knowledge
necessary to add reliability and availability to your systems and to assess and implement tools needed for production-quality Linux
systems.
Topics include:
- Recent kernel developments
- High-performance I/O
- Advanced file systems and the LVM
- Disk striping
- Optimizing I/O performance
- Advanced compute-server environments
- HPC with Beowulf
- Clustering and high availability
- Parallelization environments/facilities
- CPU performance optimization
- Enterprise-wide security features, including centralized authentication
- Automation techniques and facilities
- Linux performance tuning
T3 Configuration Management Solutions with Cfengine 3
Mark Burgess, Cfengine, Inc.
Who should attend: Anyone with a basic knowledge of configuration management who is interested in learning the next-generation tool.
Following a complete rewrite of Cfengine with its popular new syntax
and powerful pattern matching capabilities, this full-day tutorial
presents an introduction suitable for new users, as well as for users of
Cfengine 2.
The tutorial is peppered with configuration examples, which can
now be self-contained and modularized to an unprecedented degree
in the new language.
Take back to work: An understanding of the new features of the completely rewritten Cfengine 3, including its new syntax and benefits.
Topics include:
- Moving from ad hoc scripts to automation
- The importance of convergence
- The promise model
- Templates and data types
- Quickstart configuration
- Creating configuration libraries
- Upgrading from Cfengine 2
- Example configurations and demos
- Achieving compliance with standards and regulations
- Cfengine on Windows and the registry
- Monitoring and self-healing
- Brief overview of the community and commercial Cfengine roadmap
SANS Security 464 Hacker Detection for System Administrators: Catching the Wily Hacker (Day 1)
Seth Misenar, Context Security
Who should attend: Systems administrators who interact on a regular basis with their security team or with an auditor; any system administrator who is curious about the things security teams require.
Take back to work: Full course documentation and open source tools with documentation for running the eight hands-on labs we'll cover during class; Four quarterly 90-minute tool update and threat briefings, delivered live on the Web (the next is scheduled for February 4, 2011).
Topics include:
- Why bad things happen to good system administrators: five common misconfigurations and mistakes that lead to a system being compromised
- Security methodology and thought process in daily system administration activities
- A sysadmin's view of what matters in systems architectures
- Security monitoring: not knowing makes the auditors and hackers happy
- The hard part: knowing what is normal for Windows and UNIX systems
- The harder part: knowing what is abnormal for Windows and UNIX systems
- Hardening Windows and UNIX systems is easier than you thought
- Command line kung fu for UNIX and Windows
- Understanding network traffic for system administrators
- Malware: why it is still effective in your environment
|
Tuesday Morning Half-Day Tutorials
|
T4 Backups, Archiving, and Life Cycle Management: Riding the Wave of Data Proliferation NEW!
Jacob Farmer, Cambridge Computer Services
Who should attend: System administrators involved in the design and management of backup systems and policymakers responsible for protecting their organization's data.
Most IT organizations report exponential data growth over time, and whether
your data doubles every year, every two years, or every five years, the simple
fact remains that if your data capacities double, then both the capacity and
the performance of your backup system must double. All of this doubling
stresses traditional approaches to data management. Thus, it is no surprise
that backup/recovery is one of the most costly and unforgiving operations
in the data center. Meanwhile, most IT organizations also report that the
vast majority of their unstructured data is seldom or never accessed. Files
accumulate year after year, choking the backup systems and driving up costs.
This course explores two main ways to manage the data deluge: (1) optimize
backup systems by eliminating bottlenecks, streamlining operations, and
bulking up backup infrastructure; and (2) manage the life cycles of
unstructured data so that files that are not in active use can be managed
separately from files that are in active use. We start by offering a simple
framework for defining business requirements and comparing solutions at a
high level. We then delve into the various mechanisms for lifecycle
management and for eliminating backup system bottlenecks. Some time is spent
exploring storage systems that have built-in mechanisms for data protection
and lifecycle management.
Take back to work: Ideas for immediate, effective, inexpensive improvements to your backup systems and a vision for how you might deploy a lifecycle management system that fits your organization.
Topics include:
- Formulating strategies for data protection and lifecycle management
- Identifying and addressing backup system bottlenecks
- Managing fixed content
- Hierarchical storage management and data migration
- In-band versus out-of-band approaches to file lifecycle management
- Breathing new life into tape storage
- Deduplication: separating hype from reality
- Object-based storage models for backup and archiving
- Self-healing and self-protecting storage systems
- Leveraging the cloud for backup and archiving
T5 Advanced Shell Programming
Mike Ciavarella, Coffee Bean Software Pty Ltd
Who should attend: Junior or intermediate system administrators or anyone with a basic knowledge of programming, preferably with some experience in Bourne/Korn shells (or their derivatives).
The humble shell script is still a mainstay of UNIX/Linux system administration, despite the wide availability of other scripting languages. This tutorial details techniques that move beyond the quick-and-dirty shell script.
Take back to work: An understanding of how to use the "lowly" shell to achieve lofty goals.
Topics include:
- Common mistakes and unsafe practices
- Modular shell script programming
- Building blocks: awk, sed, etc.
- Writing secure shell scripts
- Performance tuning
- Choosing the right utilities for the job
- Addressing portability at the design stage
- When not to use shell scripts
T6 Project Troubleshooting
Strata Rose Chalup, Project Management Consultant
Who should attend: Anyone with an existing project that isn't going well and they're not sure why, or with a big initiative at work that they'd like to turn into a project but can't seem to get beyond a certain point with it.
Take back to work: Project refactoring tools, a better understanding of where attention is best focused to keep a project on track, and specific advice about project difficulties you may be encountering.
Topics include:
- Problem-solving patterns
- Best practices
- How to recognize an "albatross" and what
to do about it
- Specific project workflow fixes
T7 RRDtool First Steps
Tobias Oetiker, OETIKER+PARTNER AG, Switzerland
Who should attend: Scripters and programmers who would like to create a custom monitoring application with great presentation tools. Attendees are expected to have some scripting experience.
Over the past few years RRDtool has become the standard method for handling
time-series data in the networking area. RRDtool takes care of all the work
related to data storage and presentation. Many users only access RRDtool
through some front-end application like Cacti or Cricket.
In this half-day tutorial you will learn how RRDtool works from a
programmer's point of view and how you can use it to write your own custom
monitoring applications. An emphasis will be put on presentation aspects.
The best data is worth only as much as your bosses and customers understand
and appreciate the graphs you create with it.
Take back to work: Ideas for building the monitoring application of your dreams.
Topics include:
- RRDtool overview
- Problems to be solved
- Round Robin Database setup
- Data acquisition
- Graphing
- Programming with RRDtool
- The command line interface
- The pipe interface
- The Perl API
- In-depth graphing
- Concepts
- Simple graphs
- The joy of RPN
- Graph disassembly
- How to make graphs talk
- Scaling RRDtool
- The RRD file format
- Optimizing OS interaction
- Tweaking Linux for speed
- Latest developments
|
Tuesday Afternoon Half-Day Tutorials
|
T8 Next-Generation Storage Networking
FULLY REVISED FOR 2010!
Jacob Farmer, Cambridge Computer Services
Who should attend: Sysadmins running day-to-day operations and those who set or enforce budgets.
There has been tremendous innovation in the data storage industry
over the past few years. New storage architectures have come to
market to challenge traditional SAN and NAS products with nimble
new designs that are much better suited to serving the increasingly
virtual nature of applications and server infrastructure. Meanwhile,
the allure of cloud computing and the emergence of affordable
enterprise-class solid state storage devices have inspired ever
more innovative approaches to storage caching, addressing, tiering,
and deduplication. This course is a survey of the latest trends
and advances in the data storage industry. We trace the I/O path
from application to storage media and look at a wide variety of
solutions to the ever-changing challenges of data storage.
Take back to work: An understanding of modern storage architectures, various approaches to scaling both performance and capacity, and a framework for comparing and contrasting various types of storage solutions.
Topics include:
- The fundamentals of storage virtualization: the storage I/O path
- Shortcomings of conventional SAN and NAS architectures
- Spindle virtualization
- Deduplication of primary storage
- Object storage models and content-addressable storage
- Leveraging the cloud for primary storage
- Application acceleration with solid state storage devices (SSDs)
- Automated tiered storage and information life cycle management (ILM)
T9 Documentation Techniques for Sysadmins
Mike Ciavarella, Coffee Bean Software Pty Ltd
Who should attend: System administrators who need to produce documention for the systems they manage or who want to improve their documentation skills.
Particular emphasis is placed on documentation as a time-saving tool rather than a workload imposition.
Take back to work: The ability to make immediate, practical use of the documentation techniques presented in this tutorial in your day-to-day tasks.
Topics include:
- Why system administrators need to document
- The document life cycle
- Targeting your audience
- An adaptable document framework
- Common mistakes
- Tools to assist the documentation process
T10 Problem-Solving for IT Professionals
Strata Rose Chalup, Project Management Consultant
Who should attend: IT support people who would like to have a better grasp of problem-solving as a discipline.
In the world of IT support, you build up a lot of specialized domains
of knowledge that may or may not interact. We're going to trace common patterns of interaction and show you how you can
apply basic principles to isolate symptoms and interactions between
subsystems. As you will see, most types of troubleshooting rely
on what you might call call "guided intuition"—focusing your
attention down a probable path of diagnosis, and then making an
intuitive leap.
If you haven't practiced your intuitive pole vaulting lately, don't
worry. By using checklists and patterns to do brute-force
troubleshooting, you will gradually build up a reservoir of
understanding that will eventually have you shouting "Aha!" while
other folks are still scratching their heads in puzzlement.
Take back to work: A solid grounding in how to solve problems, with a framework on which to build specialized troubleshooting techniques that are specific to your environment.
Topics include:
- Client-server interaction patterns
- Multi-variant problem solving
- Using formal logic in problem solving
- Building workflow checklists for troubleshooting
T11 RRDtool Advanced Topics
Tobias Oetiker, OETIKER+PARTNER AG, Switzerland
Who should attend: Sysadmins who may only have accessed RRDtool through some front-end application such as Cacti or Cricket and would like to get a look under the hood. Attendees are expected to have some scripting experience.
Over the past few years RRDtool has become the standard method for handling time-series data in the networking area. RRDtool takes care of all the work related to data storage and presentation. In this half-day tutorial you will see RRDtool in action: many examples will be demonstrated and explained live.
Take back to work: How to use RRDtool directly to handle time-series data in the networking area.
Topics include:
- RRDtool overview
- Rundown on components of RRDtool
- Update on new functionality in version 1.3
- The RRD database format
- How RRDtool stores data
- Interaction with the OS cache subsystem
- Linux tricks
- Fixing "bad data" after the fact
- How to set up an RRD performance test
- RRD graphing
- Simple graphs and autoconfiguration
- Alternate scaling
- Working with transparency
- Creating gradients
- RPN magic
- Putting it together
- Scripting interface
- The graphv, updatev, and info interfaces
|
Wednesday, November 10, 2010
|
|
Wednesday Full-Day Tutorials
|
W2 Linux Performance Tuning NEW!
Theodore Ts'o, Google
Who should attend: Intermediate and advanced Linux system administrators who want to understand their systems better and get the most out of them.
The Linux operating system is commonly used in both the data center
and for scientific computing applications; it is used in embedded
systems as small as a wristwatch, as well as in large mainframes. As
a result, the Linux system has many tuning knobs, so that it can be
optimized for a wide variety of workloads. Some tuning of the Linux
operating system has been done "out of the box" by
enterprised-optimized distributions, but there are still many
opportunities for a system administrator to improve the performance of
his or her workloads on a Linux system.
This class will cover the tools that can be used to monitor and
analyze a Linux system, and key tuning parameters to optimize Linux
for specific server applications, covering the gamut from memory
usage to filesystem and storage stacks, networking, and application
tuning.
Take back to work: The ability to hone your Linux systems for the specific tasks they need to perform.
Topics include:
- Strategies for performance tuning
- Characterizing your workload's requirements
- Finding bottlenecks
- Tools for measuring system performance
- Memory usage tuning
- Filesystem and storage tuning
- NFS performance tuning
- Network tuning
- Latency vs. throughput
- Capacity planning
- Profiling
- Memory cache and TLB tuning
- Application tuning strategies
SANS Security 464 Hacker Detection for System Administrators: Catching the Wily Hacker (Day 2)
Seth Misenar, Context Security
See the full class description.
|
Wednesday Morning Half-Day Tutorials
|
W3 Monitoring Servers, Networks, and Lunchrooms with Zenoss NEW!
David Nalley, The Fedora Project
Who should attend: Sysadmins and managers who are looking to use or evaluating Zenoss as a monitoring platform, those who are new to monitoring, and those who are experiencing scaling or scope issues with other tools.
To quote Tom Limoncelli, "It's not a service if you aren't
monitoring it." A decade ago, monitoring effectively meant either
cobbled together, home-grown scripts or massive and inflexible
enterprise applications. In the intervening time, monitoring has
become a must-have for even the smallest environment, the hodgepodge
collection of scripts has grown to become unmaintainable, and the
massive enterprise applications, while working well, are slow to
respond to the changes happening everywhere. In that interim,
monitoring with open source software has effectively become the de
facto standard, because, like the browser and operating system,
monitoring is now a commodity.
Take back to work: The ability to put the basics of Zenoss and monitoring theory in general into practice immediately, with some understanding of some of Zenoss's more esoteric features.
Zenoss is free/libre open source software for monitoring applications,
networks, servers, and even whether the restroom is in use.
Topics include:
- Monitoring theory
- Status monitoring
- Performance monitoring
- Predictive monitoring
- Overview of Zenoss capabilities
- Overview of Zenoss installation
- Methods to jumpstart monitoring
- Auto discovery
- Templating and inheritance
- Deep inspection of monitoring capabilities
- SNMP
- WMI
- Network Service Checks
- Nagios
- Syslog
- WBEM
- Esoteric things
- Dealing with the information/alerts
- Taking your monitoring to the next level
- Automated dependency checking
- Integration with configuration management systems
- ZenPacks—monitoring everything
- Event transforms
W4 A Sysadmin's Guide to Navigating the Business World NEW!
Mark Burgess, Cfengine; Carolyn Rowland, National Institute of Standards and
Technology (NIST)
Who should attend: IT people and sysadmins interested in taking their career to the next level, improving their relationship with senior management, and increasing their value and marketability.
As a system administrator, you are already a crack technical analyst or
engineer, but does your management understand the value and importance of your
work? When you ask for staff or funding to support new or existing efforts,
does management readily support you? Does management look to you to develop
the future of IT services in your organization? Do you feel you have
enough time to focus on projects and innovation instead of fire-fighting?
If you answered no to several of the above questions, then this course is for
you. The first step toward improving your professional quality of life is to
create a positive and collaborative relationship with your management. So why
not take responsibility for the relationship? Senior management makes the
decisions about budget, staffing, and, often, new services, without understanding
the full impact of their decisions. What if you could make yourself part of
that process? What if it was easy to ask your management for more resources
because they already believed strongly in your positive contribution to the
organization?
System administrators often have all the responsibility for IT systems, but none of the
control. In this course we bring the two sides together by
teaching the system administrator how to communicate effectively so that management
will listen and understand. You can use the tactics presented here to
increase your value in the organization and improve your marketability.
Make business look good, and you become an important asset to your organization.
Your management will appreciate
these skills because you will be demonstrating your value in ways they
understand and that empower them to make smart IT investment decisions. In
turn, your professional credibility increases, putting you in a position to
influence decisions impacting your role in the organization.
Take back to work: Skills to help you develop a productive relationship with your management.
Topics include:
- How to approach management to ask for resources you need
- Empowering management to make good IT decisions
- Demonstrating the value of your work in a way that management will understand
- Convincing management of the importance of time to innovate (R&D)
- Reducing time spent fire-fighting (efficiencies and cost savings)
- Growing organizational loyalty for your team
- How to build the perception that you are customer-focused and mission-oriented
- Ways to communicate the benefits of supporting a strong IT presence
- Increased organizational competitiveness
- Increased employee productivity
- Cost avoidance and efficiencies
- Risk management
- Knowledge and information management
- How to develop a collaborative relationship with your management
that enables both sides to be successful
W5 Cfengine 3 for Cfengine 2 Users NEW!
Æleen Frisch, Exponential Consulting
Who should attend: Anyone currently using Cfengine 2 or who needs to convert Cfengine 2 promises to Cfengine 3.
Do you use Cfengine? Have you heard that there is a new version but
don't know how it differs from what you have now? Have you heard a
little or a lot about the new version but have not had a chance to install
or experiment with it yet? Would you like an easy and quick way to
learn how to upgrade your installation?
If your answer to any of these questions is yes, this class will
be very helpful to you. It will cover the major features of the
Community Edition of Cfengine 3, with frequent references to Cfengine 2
constructs and configuration patterns.
This class will be useful even if you take Mark Burgess's T3 class, Configuration Management Solutions with Cfengine 3!
Take back to work: How to migrate from Cfengine 2 to Cfengine 3, with an understanding of the new features and syntax of Cfengine 3.
Topics include:
- New Cfengine 3 syntax
- Unified and integrated treatment of files
- Process handling
- Local entry-mode operation
|
Wednesday Afternoon Half-Day Tutorials
|
W6 Practical Project Management for Sysadmins and IT Professionals
Strata Rose Chalup, Project Management Consultant
Who should attend: System administrators who want to stay hands-on as team leads or system architects and need a new set of skills with which to tackle bigger, more complex challenges. No previous experience with project management is required.
People who have been through traditional multi-day project management courses
will be shocked, yet refreshed, by the practicality of our approach. To get the
most out of this tutorial, participants should have some real-world project or
complex task in mind for the lab sections.
This tutorial focuses on complementing your own organizational style
(or lack thereof) with a toolbox of ways to organize and manage complex
tasks without drowning in paperwork or clumsy, meeting-intensive methodologies.
Also emphasized is how to bridge the gap between ad hoc methods and the kinds of
tracking and reporting traditionally trained managers will understand.
Take back to work: A no-nonsense grounding in methods that work without adding significantly to one's workload.
Topics include:
- Quick basics of project management
- Skill sets
- Problem areas
- Project management tools
W7 Over the Edge System Administration, Volume 1
David N. Blank-Edelman, Northeastern University
Who should attend: Old-timers
who think they've already seen it all and those who want to develop
inventive thinking early in their career. Join us and be prepared to
be delighted, disgusted, and amazed. Most of all, be ready to enrich
your network and system adminstration by learning to be different.
It's time to learn how to break the rules, abuse the tools,
and generally turn your system administration knowledge inside out.
This class is a cornucopia of ideas for creative ways to take the
standard (and sometimes not-so-standard) system administration tools
and techniques and use them in ways no one would expect. We'll also
cover some tools you may have missed.
Note: The teacher takes no responsibility should your head explode during this class.
Take back to work: New approaches
to old problems, along with some ways to solve the insolubles.
Topics include:
- How to (ab)use perfectly good network transports by using them for purposes never dreamed of by their authors
- How to increase user satisfaction during downtimes with 6 lines of Perl
- How to improve your network services by intentionally throwing away data
- How to drive annoying Web-only applications that don't have a command line interfacewithout lifting a finger
- How to use ordinary objects you have lying around the house, such as Silly Putty, to make your life easier (seriously!)
W8 Take a Gulp from the Sysadmin Automation Firehose
Æleen Frisch,
Exponential Consulting
Who should attend: System administrators who want to explore new
ways of automating administrative tasks. Shell scripts are
appropriate for many jobs, but more complex operations will
often benefit from sophisticated tools.
As the complexity of modern UNIX/Linux systems has increased, the tried-and-true method of "just write a shell script" has become outdated.
While simple tasks can still be performed this way, tools are
available that can make your job simpler, yet much more sophisticated,
especially when managing large numbers of systems.
Take back to work: An introduction to the most essential tools for making your work easier. For each tool, we will consider what tasks it does well, how to get started using it, and which of its advanced features to consider next.
Topics include:
- Expect: Automating interactive processes
- Bacula: Open source enterprise backup
- Nagios: Monitoring network and device performance
- RRDTool: Examining retrospective system data
- Front ends to RRDTool: Munin and others
- Other tools of interest and importance
|
Thursday, November 11, 2010
|
|
Thursday Full-Day Tutorials
|
R1 VMware ESX Performance and Tuning
Richard McDougall, VMware
Who should attend: Anyone who is involved in planning or deploying
virtualization on VMware ESX and wants to understand the performance
characteristics of applications in a virtualized environment.
We will walk
through the implications to performance and capacity planning in a
virtualized world to learn about how to achieve best performance in a
VMware ESX enviroment.
Take back to work: How to plan, understand, characterize, diagnose, and
tune for best application performance on VMware ESX.
Topics include:
- Introduction to virtualization
- Understanding different hardware acceleration techniques for virtualization
- Diagnosing performance using VMware tools
- Diagnosing performance using guest OS tools in a virtual environment
- Practical limits and overheads for virtualization
- Storage performance
- Network throughput and options
- Using Virtual-SMP
- Guest Operating System Types
- Understanding the characteristics of key applications, including Oracle, MS SQLserver, and MS Exchange
- Capacity planning techniques
R2 Issues in Infrastructure Design
Lee Damon, University of Washington
Who should attend: Anyone who is designing, implementing, or maintaining a UNIX environment with 2 to 20,000+ hosts; system administrators, architects, and managers who need to maintain multiple hosts, real or virtual, with few admins.
This intermediate class will examine many of the background issues that need to be considered during the design and implementation of a mixed-architecture, mixed hard- and virtual-architecture, or single-architecture UNIX environment. It will cover issues from authentication (single sign-on) to the Holy Grail of single system images.
This class won't implement a "perfect solution," as each site has different needs. We will look at some freeware and some commercial solutions, as well as many of the tools that exist to make a workable environment possible.
Take back to work: Answers to the questions you should ask while designing and implementing the mixed-architecture, mixed hard- and virtual-architecture, or single-architecture UNIX environment that will meet your needs.
Topics include:
- Administrative domains: Who is responsible for what, and what can users do for themselves?
- Desktop services vs. farming: Do you do serious computation on the desktop, or do you build a compute farm?
- Disk layout: How do you plan for an upgrade? Where do things go?
- Free vs. purchased solutions: Should you write your own, or hire a consultant or company?
- Homogeneous vs. heterogeneous: Homogeneous is easier, but will it do what your users need?
- Where does virtualization fit in?
- Extending your infrastructure into the clouds
- The essential master database: How can you keep track of what you have?
- Policies to make life easier
- Push vs. pull
- Getting the user back online in 5 minutes
- Remote administration: lights-out operation; remote user sites; keeping up with vendor patches, etc.
- Scaling and sizing: How do you plan on scaling?
- Security vs. sharing: Your users want access to everything. So do the crackers . . .
- Single sign-on: How can you do it securely?
- Single system images: Can users see just one environment, no matter how many OSes there are?
- Tools: The free, the purchased, the homegrown
R3 Pacemaker and Linux-HA: World-Class High Availability Software UPDATED FOR 2010!
Alan Robertson, IBM Linux Technology Center
Who should attend: System administrators and IT architects who architect, evaluate, install, or manage critical computing systems. It is suggested that participants have basic familiarity with system V/LSB-style startup scripts, shell scripting, and XML. Familiarity with high availability concepts is not assumed.
The Linux-HA project (https://linux-ha.org/), together with its child
project, Pacemaker, is the oldest and most
powerful open source high-availability (HA) package available,
comparing favorably to well-known commercial HA packages. This software runs on a variety of
POSIX-like systems, including FreeBSD, Solaris, and OS X.
Pacemaker+Linux-HA provides highly available services on clusters from one to more than 16 nodes with no single point of failure. These services and the servers they run on are monitored. If a service should fail to operate correctly, or a server should fail, the affected services will be quickly restarted or migrated to another server, dramatically
improving service availability.
Pacemaker supports rules for expressing dependencies between services, and powerful rules for locating services in the cluster. Because these services are derived from init service scripts, they are familiar to system administrators and are easy to configure and manage.
Take back to work: Both the basic theory of high availability systems and practical knowledge of how to plan, install, and configure highly available systems using Linux-HA and Pacemaker.
Topics include:
- General HA principles
- Installation of the Linux-HA
and Pacemaker software
- Configuration overview
- Overview of commonly used resource agents
- Managing services supplied with init(8) scripts
- Sample configurations for Apache, NFS, DHCP, DNS, and Samba
- Writing and testing resource agents conforming to the Open
Cluster Framework (OCF) specification
- Creating detailed resource dependencies
- Creating co-location constraints
- Writing resource location constraints
- Causing failovers on user-defined conditions
|
Thursday Morning Half-Day Tutorial
|
R4 Advanced UNIX Tools NEW!
Doug Hughes,
D. E. Shaw Research, LLC
Who should attend: Sysadmins who wish to refresh their memories about underutilized and underappreciated tools that have been part of the shell world for a long time.
Participants should be familiar with basic shell use, common commands
such as cut and ls, and some basic usage of things like awk. We will explore
advanced commands in a practical manner, with applications aimed at
performance analysis through frequency analysis, statistical methods,
and practical shell hackery.
Take back to work: How, why, and when to use a variety of tools that deserve respect and regular use.
Topics include:
- Quick and dirty tools: paste, col, split, fold, yes, sdiff
- Frequency and statistical analysis with awk
- Topological sorting for ordering items
- xargs—why you should use it more
- diff, dircmp, diff3—compare and contrast
- Checking memory issues
- Advanced tricks with dd
|
Thursday Afternoon Half-Day Tutorials
|
R5 Over the Edge System Administration, Volume 2
David N. Blank-Edelman, Northeastern University
Who should attend: Old-timers
who think they've already seen it all and those who want to develop
inventive thinking early in their career. Join us and be prepared to
be delighted, disgusted, and amazed. Most of all, be ready to enrich
your network and system adminstration by learning to be different.
Previous attendance at Volume 1 of the series is recommended but not
required.
Join us for volume 2 of the wildly successful Over the
Edge System Administration class series. Once again we'll learn how to
break the rules, abuse the tools, and generally turn your system
administration knowledge inside out with the help of a whole new set
of examples. This class is a second cornucopia of ideas for creative
ways to take the standard (and sometimes not-so-standard) system
administration tools and techniques and use them in ways no one would
expect. We'll also cover some tools you may have missed. This class
will take some of the concepts from volume 1 and develop
them even further.
We feel it is important to remind you: The teacher takes no responsibility should your head explode during this class.
Take back to work: Approaches to system administration you never dreamed of—but you wish you had!
Topics include:
- How to exploit side effects to your benefit
- Applying the arts and crafts you learned in camp to system administration
- Pressing Web apps from places like Google and Yahoo! into service as sysadmin tools
- How to perform SQL queries on your network equipment
- How to use even more ordinary objects you have lying around the house to make your life easier (seriously!)
|
Friday, November 12, 2010
|
|
Friday Full-Day Tutorials
|
F1 Using Amazon Web Services NEW!
William LeFebvre, Digital Valence, LLC; Marc Staveley, Consultant
Who should attend: System administrators who currently use or are considering the use of Amazon Web Services (AWS), as well as individuals who are tasked with supporting AWS for production services,
especially if they are unfamiliar or uncomfortable with the command-line
tools and the Web-based interfaces supplied by Amazon. Experience with
cloud computing is not required. Experience with the installation
and support of basic tools and languages (especially Java and Ruby)
would be beneficial. Time will only permit us to study the creation
and support of Linux instances in the Amazon cloud.
Amazon offers a solid collection of cloud services through the
Amazon Web Services (AWS). These include virtual machines and
storage, load balancers, replicated databases, content data delivery,
and automatic scaling and monitoring. AWS provides a very rich API
to facilitate building applications that utilize these services,
but the actual user interfaces can be difficult to master. This
tutorial introduces the Amazon Web Services and describes the more
popular services and how they can all fit together to support an
infrastructure. It provides in-depth instruction on using the
user-level interfaces for the more popular services: EC2, EBS, ELB,
S3, Cloudfront, and others. Three interfaces will be taught: the
Web console, the Firefox plug-in Elasticfox, and the command-line
tools. Cautions and pitfalls will be presented along the way to
ensure that the student will not make some common mistakes of
first-time AWS users.
Take back to work: Knowledge of the techniques, pitfalls, commands, and programs that will help you make effective use of Amazon Web Services (the Amazon cloud).
Topics include:
- Introduction to AWS
- Elastic Compute Cloud (EC2)
- Elastic Block Store (EBS)
- Simple Storage Service (S3)
- Elastic Load Balancing (ELB)
- Relational Database Service (RDS)
- More in-depth topics: accessing EC2 instance data from within the instance, boot-time scripts in common AMIs
F2 Solaris Dynamic Tracing (DTrace)
James Mauro, Oracle Corporation
Who should attend: Sysadmins and other production support staff that need to look at systems and figure out what they're doing or why they're running slowly on a regular basis. Some general programming knowledge will be assumed,
along the lines of writing shell, awk, or Perl scripts, as well as
general familiarity with using and administering systems running
some variant of UNIX.
This tutorial covers using the Dynamic Tracing (DTrace) technology that
originated in Solaris and OpenSolaris and is now available in Mac OS X
10.5 (Leopard) and FreeBSD 8.0. DTrace is a framework that allows for
dynamically inserting points of instrumentation, called probes, in
the operating system (kernel) as well as user processes.
This session will combine slides with live demos of DTrace on several
operating systems.
Take back to work: How to use Dynamic Tracing (DTrace) technology to understand the behavior of your systems and the workloads they run, whether you're chasing a performance problem or pathological behavior or you simply wish to better understand how applications are using the underlying system.
Topics include:
- Introduction to DTrace
- DTrace components
- Using DTrace
- DTrace in open source software
- DTrace advanced topics
F3 Automating Network Configuration and Management
NEW!
D. Brent Chapman, Netomata, Inc.
Who should attend: Network and system administrators who want to bring the
benefits of automated configuration and management to their networks. These
benefits include consistency, reliability, repeatability, and scalability;
the automation techniques covered apply to the whole range of network
devices (routers, switches, load balancers, firewalls, etc.) and services
(SNMP status and performance monitoring, DNS, DHCP, ACLs, routing, etc.). Students should already be generally familiar with networking fundamentals
(addressing, naming, routing, etc.), the roles and basic methods of
operation of common network devices and services, and how these devices and
services are typically configured and managed by hand; this tutorial isn't
going to teach you what a firewall is or how it works, for example, but it
will teach you how to automate the configuration and management of a typical
firewall.
This tutorial introduces students to a variety of network automation
principles and practices, as well as to specific network automation tools
such as Netomata Config Generator (NCG) for generating device/service config files, RANCID and ZipTie for managing configs on devices, and Nagios and MRTG for SNMP network status and performance monitoring. In addition, the tutorial shows how to integrate these network
automation tools with host automation tools such as Puppet and Cfengine.
Take back to work: Effective techniques for automating the
configuration and management of common network devices and services, as well
as approaches to getting the most out of automation and arguments to
convince peers, managers, and executives that automation is worth the
effort.
Topics include:
- Benefits of automation
- Aspects of automation
- Keeping track of what is connected to your network, and how
- Generating configs
- Getting configs to and from devices
- Change management and control
- Principles of automation
- Levels of automation
- Tools
- RANCID
- ZipTie
- NCG (Netomata Config Generator)
- Vendor-specific device configuration tools
- Automating configuration of network devices
- Routers
- Switches
- Firewalls
- Load balancers
- PDUs
- Automating configuration of network services
- SNMP status monitoring (e.g., Nagios)
- SNMP trend monitoring (e.g., MRTG)
- DNS
- DHCP
- ACLs
- VLANs
- VPNs
- Integration with host automation systems, such as Puppet and Cfengine
- Best practices, pearls of wisdom, tips and tricks
- Emerging trends and special circumstances
- Virtualization
- Cloud computing (including public, private, and hybrid clouds)
- QA labs, testbeds, and development environments
- IPv6
- CoBIT
- ITIL
- Strategies for promoting automation in your organization
- Arguments to convince management to support automation
- Arguments to convince staff to support automation
- Methods for gradually automating existing networks
|
|
|