Best Practices in Network and System Administration - Engineers Ireland [PDF]

Best Practices in Network and. System Administration ... System administrators and network engineers manage systems and

57 downloads 23 Views 3MB Size

Recommend Stories


System Modernization Best Practices
The wound is the place where the Light enters you. Rumi

Best Management Practices (PDF)
You're not going to master the rest of your life in one day. Just relax. Master the day. Than just keep

SAPC Best Practices in PV System Installation
I tried to make sense of the Four Books, until love arrived, and it all became a single syllable. Yunus

Best Practices in Rapid Transit System Design
And you? When will you begin that long journey into yourself? Rumi

Best Practices and Web Practices
If you want to become full, let yourself be empty. Lao Tzu

DownloadThe Practice of System and Network Administration
This being human is a guest house. Every morning is a new arrival. A joy, a depression, a meanness,

The Practice of System and Network Administration
Pretending to not be afraid is as good as actually not being afraid. David Letterman

[PDF] The Practice of System and Network Administration
Nothing in nature is unbeautiful. Alfred, Lord Tennyson

PdF The Practice of System and Network Administration
How wonderful it is that nobody need wait a single moment before starting to improve the world. Anne

[PDF] Download The Practice of System and Network Administration
And you? When will you begin that long journey into yourself? Rumi

Idea Transcript


Best Practices in Network and System Administration Dónal Cunningham [email protected]

http://www.sage-ie.org

Outline • • • • •

Some notes on Infrastructure 10 rules to live by Network Administration System Administration Reading list/training Info

Infrastructure I • Space – Cabinets? Cages? Shared keys?

• Power – AC only? 220V only? – UPS area or in-cab? – Testing? UPS death?

• Air Conditioning • Fire supression • Should people be here?

Infrastructure II • Cable routing • Label EVERYTHING – (but don’t trust labels blindly) • Access (diversity – see later)

Rule 1 - Be Good Citizens • Visibility – Ticketing system – Updates must propagate outside your group

• Know your metrics – User perception (quick response) – CTO perception – Partner perception Remember! System administrators and network engineers manage systems and networks on behalf of other people

Rule 2 - Monitor your Systems • Status • Establish baselines • Watch trends • Use the right tools for the jobs • Use the right tools for your team • Start in a known state!

Routers • • • • •

Link traffic Capacity CPU Memory Environmental

• ACL hits, BGP routes...

Networks • Reachability – Ping – Traceroute – Routing loops • Latency – Directly affects end-user perception

Systems • • • • •

Disk CPU Memory Environment Services

Rule 3 – Perform Disaster Recovery Planning • Things break. All the time. • Quis custodiet ipsos custodes? – If your monitoring system breaks, who will notice? Who will care? • Timestamps are essential for correlation – NTP is your friend

• NO SINGLE POINTS OF FAILURE

3a - Networks • Redundant paths • Dynamic routing – minimal human intervention • Spares (GBICs and cables, too…) • Know your S.L.A.

3b - Systems • Load-balancing – DNS round-robin – F5/Cisco Director/Resonate Global Dispatch • Redundancy of service – MX backups – Leaf nodes should cache

3c - Backups

No, really. That’s it.

3d - Backups

USELESS unless you have tested restores!

3e - Backups • Remember “no single points of failure”? – This goes for backups, too! • • • •

Media fails Media devices fail Networks fail Try restoring on a different system…

Rule 4 - It’s not done until it’s documented

• YOU are the single point of failure! • You do want to go on holiday sometime, right? – If not, see Rule 9

4a - Change Control • Peer review – Show others how you think – Shows people what’s coming – Catches typos • Revision Control Systems – Roll-back. Say it again. Doesn’t it sound good?

Rule 5 – Establish Procedures • • • • •

Consistency Reproducibility ISO 9001 is all about procedures Helps to implement Rule 4 Peer review

Rule 6 – Practise Defence in Depth • Not all eggs in one basket – Heterogeneity – quis custodiet ipsos custodes? (Monitoring systems can fail too) • You get time to react between layers • Some are more important that others

6a - Defence in Depth • Software updates – OS and applications All software is buggy. Get over it. • Firewall – Can give false sense of security – Misconfigured? Worse than no firewall. • Monitor your network, too (IDS, honeypot) • Internal more likely than external

Rule 7 - It’s not done until it’s tested • Software installation is a risk – Yes, patches too! • Test systems – Must the software updates be applied right now? • Automate your testing, if possible

Rule 8 - Learn from Others • Don’t re-invent the wheel – Save yourself time – Save yourself money • Mailing lists – SAGE and local groups – NANOG • Conferences

8a - Other sources • Vendors – Sometimes they hire smart people • FAQs • Search engines • White papers • Books • Articles

Rule 9 - Learn to Relax • • • •

The Big Blue Room The most important metric - your family! DELEGATE! Go for a pint (beer, blackcurrant, whatever)

• Nothing messier than an exploding sysadmin...

Rule 10 - Non scriptum, non est “If it ain’t written down, it never happened” • Acceptable Use Policies – Have all users signed them? – ALL users? Including the sysadmins? – Can’t have perception of multi-tier system – Sometimes you have to fire technical people, too

Rule 11

Learn how to count to 10

Thank you. Questions?

Smile Life

When life gives you a hundred reasons to cry, show life that you have a thousand reasons to smile

Get in touch

© Copyright 2015 - 2024 PDFFOX.COM - All rights reserved.