Check out the new USENIX Web site.
LISA '09 Banner

LISA '09 is sponsored by
USENIX
USENIX
in cooperation with
LOPSA
SNIA

TRAINING PROGRAM

Overview | Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | By Instructor | Series

  Sunday, November 1, 2009
  Sunday Full-Day Tutorials
 

S1 Solaris Dynamic Tracing (DTrace): Finding the Light Where There Was Only Darkness Mauro
James Mauro, Sun Microsystems

Who should attend: Sysadmins and other production support staff that need to look at systems and figure out what they're doing or why they're running slowly on a regular basis. Some general programming knowledge will be assumed, along the lines of writing shell, awk, or Perl scripts, as well as general familiarity with using and administering systems running some variant of UNIX.

This tutorial covers using the Dynamic Tracing (DTrace) technology that originated in Solaris and OpenSolaris and is now available in Mac OS X 10.5 (Leopard) and FreeBSD 8.0. DTrace is a framework that allows for dynamically inserting points of instrumentation, called probes, in the operating system (kernel) as well as user processes.

This session will combine slides with live demos of DTrace on several operating systems.

Take back to work: How to use Dynamic Tracing (DTrace) technology to understand the behavior of your systems and the workloads they run, whether you're chasing a performance problem or pathological behavior or you simply wish to better understand how applications are using the underlying system.

Topics include:

  • Introduction to DTrace
    • What DTrace is and is not
    • Overview of the DTrace framework
    • Overview of DTrace providers
    • DTrace architecture
    • Differences in DTrace among the current operating systems that support DTrace
    • DTrace Resources
  • DTrace components
    • Providers
    • Probes
    • Variables
    • Predicates, actions, and subroutines
    • Aggregations
    • The D Language and writing DTrace scripts
  • Using DTrace
    • Providers and their arguments
    • DTrace and CPU consumers
    • DTrace and memory use
    • DTrace and disk IO
    • DTrace and network IO
    • DTrace and user processes and threads
    • The DTrace toolkit
  • DTrace in open source software
    • DTrace and Java
    • DTrace and Perl
    • DTrace and PHP
    • DTrace and Ruby on Rails
    • DTrace and MySQL
  • Advanced topics
    • DTrace destructive actions
    • DTrace speculative buffers
    • DTrace USDT Probes
    • Inserting DTrace probes in application code

S2 Log Analysis with the Simple Event Correlator (SEC) (Hands-on) NEW! John R
John Rouillard, Consultant

Who should attend: Anyone who wants to unleash the power of SEC for log analysis.

Our past determines our present. How good a job are you doing at managing your past? We all have horror stories of failures that could have been prevented if only somebody had bothered to look at the application/system/software logs a few week earlier.

This course covers the basics of using the Simple Event Correlator (SEC), an open source application written in Perl, which gathers and provides a real-time report on log data gathered from log files ranging from tomcat to firewalls. Any text-based data stream can be analyzed using SEC. With SEC's correlation operations and contexts, you can gather related information across multiple systems or software logs and present it as a single report, allowing faster response to changing conditions.

To get the most from this course, you should bring a laptop capable of running SEC under a UNIX-like environment (Cygwin or DSL/Qemu provide a good environment for Windows users).

Take back to work: A thorough understanding of the basics of SEC, so that you will be able to extract the useful nuggets of information without drowning in the vast sea of log data.

Topics include:

  • The basics:
    • Testing and debugging rulesets
    • Modifying running rulesets
    • Command-line parameters
    • Runtime control of SEC
    • Hands-on analysis of data streams in the classroom
  • Synthesizing new correlation operations using basic rule types
  • Using contexts to extend the set of correlation operations
  • Performance-tuning your SEC ruleset
  • Ancillary tools:
    • For analyzing logs for patterns
    • For filtering/modifying the event stream to enhance correlation and improve performance
    • For analyzing the Windows event log
  • Sample applications:
    • Log analysis: syslog, java/tomcat, etc.
    • Security event monitoring/reaction: firewall rules, ssh, snort, etc.

S3 Administering Linux in Production Environments Æleen Frisch
Æleen Frisch, Exponential Consulting

Who should attend: Both current Linux system administrators and administrators from sites considering converting to Linux or adding Linux systems to their current computing resources.

Linux system administrators in production environments face many challenges: the inevitable skepticism about whether an open source operating system will perform as required; how well Linux systems will integrate with existing computing facilities; how to locate, install, and manage high-end features which the standard distributions may lack; and many more. Sometimes the hardest part of ensuring that the system meets production requirements is matching the best solution with the particular local need. This course is designed to give you a broad knowledge of production-worthy Linux capabilities, as well as where Linux currently falls short. The material in the course is all based on extensive experience with production systems.

This course will cover configuring and managing Linux computer systems in production environments. We will be focusing on the administrative issues that arise when Linux systems are deployed to address a variety of real-world tasks and problems arising from both commercial and research and development contexts.

Take back to work: The knowledge necessary to add reliability and availability to your systems and to assess and implement tools needed for production-quality Linux systems.

Topics include:

  • Recent kernel developments
  • High-performance I/O
    • Advanced file systems and the LVM
    • Disk striping
    • Optimizing I/O performance
  • Advanced compute-server environments
    • HPC with Beowulf
    • Clustering and high availability
    • Parallelization environments/facilities
    • CPU performance optimization
  • Enterprise-wide security features, including centralized authentication
  • Automation techniques and facilities
  • Linux performance tuning

S4 System and Network Performance Tuning Staveley
Marc Staveley, Independent Consultant

Who should attend: Novice and advanced UNIX system and network administrators, and UNIX developers concerned about network performance impacts. A basic understanding of UNIX system facilities and network environments is assumed.

We will explore procedures and techniques for tuning systems, networks, and application code. Starting from the single system view, we will examine how the virtual memory system, the I/O system, and the file system can be measured and optimized. We'll extend the single host view to include Network File System tuning and performance strategies. Detailed treatment of networking performance problems, including network design and media choices, will lead to examples of network capacity planning. Application issues, such as system call optimization, memory usage and monitoring, code profiling, real-time programming, and techniques for controlling response time will be addressed. Many examples will be given, along with guidelines for capacity planning and customized monitoring based on your workloads and traffic patterns. Question and analysis periods for particular situations will be provided.

Take back to work: Procedures and techniques for tuning your systems, networks, and application code, along with guidelines for capacity planning and customized monitoring.

Topics include:

  • Performance tuning strategies
    • Practical goals
    • Monitoring intervals
    • Useful statistics
    • Tools, tools, tools
  • Server tuning
    • Filesystem and disk tuning
    • Memory consumption and swap space
    • System resource monitoring
  • NFS performance tuning
    • NFS server constraints
    • NFS client improvements
    • NFS over WANs
    • Automounter and other tricks
  • Network performance, design, and capacity planning
    • Locating bottlenecks
    • Demand management
    • Media choices and protocols
    • Network topologies: bridges, switches, and routers
    • Throughput and latency considerations
    • Modeling resource usage
  • Application tuning
    • System resource usage
    • Memory allocation
    • Code profiling
    • Job scheduling and queuing
    • Real-time issues
    • Managing response time

S5 Replacing Real Servers with Virtual Machines Using Amazon Elastic Compute Cloud (EC2) (Hands-on; laptop recommended) NEW! Malan
David J. Malan, Harvard

Who should attend: System administrators who want their own server or cluster without yet another box under their desk; instructors who want more control over their course's infrastructure, who want to provide each of their students with their own virtual machine, or who want to assign projects with high computational or space needs; and CTOs who want to scale their infrastructure within minutes to meet unusual loads or who want to load-test their own infrastructure by simulating unusual loads.

Take back to work: How to do it, and whether it's the right thing for you to do.

Topics include:

  • Spawning and managing Amazon EC2 instances
  • Evaluating EC2's costs (in dollars and man-hours)
  • Amazon's command-line utilities and Web-based console
  • Burning your own images for others to use
  • Backing up your data to S3
  • Stress-testing a server
  • Load-balancing across VMs
  • How to do it at no cost (for academic purposes)
Laptop requirements: Each student should have a laptop with wireless access.


S6 Understanding Systems Through Network Observation NEW! Potter
Bruce Potter, The Shmoo Group

Who should attend: System and network administrators, IT managers, and IT security staff who want to learn how to better understand what's running on their systems through network-based information.

Modern enterprises can easily consist of many thousands of systems. While we would like to think we could walk into our datacenter and indentify the purpose of each system and the software each is running, there are times when that's just not possible. Networks grow organically over time, and it can be difficult to keep tabs on exactly what's going on in each system. Even with robust system management capability in place, you still want an independent way of validating what's occurring throughout your enterprise.

Ideally, administrators would be able to address each system directly through various management tools, get a list of all the software that's running, and have a perfect view of what's happening. Unfortunately, due to differing zones of administrative control or lack of system-level tools, it can be difficult to determine which services are being heavily utilized, whether there are unexpected hidden services running, or even what purpose a particular system serves. The more systems you have to monitor, the more difficult it can be to gain a deep understanding in a reasonable amount of time.

Attendees will learn how to leverage various network assets in order to assess your network. We will examine ways to cut through the noise and rapidly classify systems into different types and purposes. We will also show how to use these network capabilities, even if you don't have log-in credentials, to dive deep into a system in order to understand what a given system is doing. Finally, we will provide tips and techniques for finding rogue services running in your enterprise.

Take back to work: How to use the network to your advantage and leverage that information to administer your systems better.

Topics include:

  • The need for deeper understanding
  • Network versus system analysis: pros, cons, and toolkits
  • Passive network analysis: overview, limitations, and how to integrate it into your operations
  • Understanding NetFlow and other flow-based architectures
  • Where to deploy NetFlow sensors for maximum effectiveness
  • Configuring Cisco devices for NetFlow
  • Software-based flow tools: how to use softflowd or Argus when you don't have access to a NetFlow-capable router
  • Packet capture to fill in gaps in your NetFlow use
  • Using flow data to gather high-level information on a variety of system types quickly
  • Low-level system analysis: software running, performance analysis, and potential danger signs
  • OSS alternatives and some commercial tools

S7 Management Skills, Or, Don't Panic! NEW! Plouff
Maurita Plouff, Consultant

Who should attend: System administrators who have an interest in management as a career path or who have already found themselves managing others in teams and distributed groups, with or without the title.

The technically adept system administrator may soon find that managing system administrators requires a new set of skills. Management is an intensely social job: in nearly every aspect, you must deal with people to get things done. Communication skills are more important than ever before, and people are less predictable than computers! Many system administrators find themselves managing people without much training. This tutorial addresses multiple areas of the manager's responsibilities.

Take back to work: Insights, tools, and tips on how to manage technical people to get the job done with the people and resources you have.

Topics include:

  • The critical differences in being a manager
  • Understanding and predicting people
  • Team dynamics
  • Managing up and down
  • Effective oral and written communication
  • Meeting management
  • Mentoring, coaching, and delegation
  • How to avoid becoming "The Suit"
  Monday, November 2, 2009
  Monday Full-Day Tutorials

M1 Solaris 10 Performance, Observability, and Debugging Mauro
James Mauro, Sun Microsystems

Who should attend: Anyone who supports or may support Solaris 10 machines.

Take back to work: How to apply the tools and utilities available in Solaris 10 to resolve performance issues and pathological behavior, and simply to understand the system and workload better.

Topics include:

  • Solaris 10 features overview
  • Solaris 10 tools and utilities
    • The conventional stat tools (mpstat, vmstat, etc.)
    • The procfs tools (ps, prstat, map, pfiles, etc.)
    • lockstat and plockstat
    • Using kstat
    • DTrace, the Solaris dynamic tracing facility
    • Using mdb in a live system
  • Understanding memory use and performance
  • Understanding thread execution flow and profiling
  • Understanding I/O flow and performance
  • Looking at network traffic and performance
  • Application and kernel interaction
  • Putting it all together

M2 Configuring and Deploying Linux-HA Alan
Alan Robertson, IBM Linux Technology Center

Who should attend: System administrators and IT architects who architect, evaluate, install, or manage critical computing systems. It is suggested that participants have basic familiarity with system V/LSB-style startup scripts, shell scripting, and XML. Familiarity with high availability concepts is not assumed.

The Linux-HA project (https://linux-ha.org/) is the oldest and most powerful open source high-availability (HA) package available, comparing favorably to well-known commercial HA packages. Although the project is called Linux-HA (or "heartbeat"), it runs on a variety of POSIX-like systems, including FreeBSD, Solaris, and OS X.

Linux-HA provides highly available services on clusters from one to more than 16 nodes with no single point of failure. These services and the servers they run on are monitored. If a service should fail to operate correctly, or a server should fail, the affected services will be quickly restarted or migrated to another server, dramatically improving service availability.

Linux-HA supports rules for expressing dependencies between services, and powerful rules for locating services in the cluster. Because these services are derived from init service scripts, they are familiar to system administrators and are easy to configure and manage.

Take back to work: Both the basic theory of high availability systems and practical knowledge of how to plan, install, and configure highly available systems using Linux-HA.

Topics include:

  • General HA principles
  • Compilation and installation of the Linux-HA ("heartbeat") software
  • Overview of Linux-HA configuration
  • Overview of commonly used resource agents
  • Managing services supplied with init(8) scripts
  • Sample Linux-HA configurations for Apache, NFS, DHCP, DNS, and Samba
  • Writing and testing resource agents conforming to the Open Cluster Framework (OCF) specification
  • Creating detailed resource dependencies
  • Creating co-location constraints
  • Writing resource location constraints
  • Causing failovers on user-defined conditions

M3 Automating Network Configuration and Management NEW! Chapman
D. Brent Chapman, Netomata, Inc.

Who should attend: Network and system administrators who want to bring the benefits of automated configuration and management to their networks. These benefits include consistency, reliability, repeatability, and scalability; the automation techniques covered apply to the whole range of network devices (routers, switches, load balancers, firewalls, etc.) and services (SNMP status and performance monitoring, DNS, DHCP, ACLs, routing, etc.). Students should already be generally familiar with networking fundamentals (addressing, naming, routing, etc.), the roles and basic methods of operation of common network devices and services, and how these devices and services are typically configured and managed by hand; this tutorial isn't going to teach you what a firewall is or how it works, for example, but it will teach you how to automate the configuration and management of a typical firewall.

This tutorial introduces students to a variety of network automation principles and practices, as well as to specific network automation tools such as Netomata Config Generator (NCG) for generating device/service config files, RANCID and ZipTie for managing configs on devices, and Nagios and MRTG for SNMP network status and performance monitoring. In addition, the tutorial shows how to integrate these network automation tools with host automation tools such as Puppet and Cfengine.

Take back to work: Effective techniques for automating the configuration and management of common network devices and services, as well as approaches to getting the most out of automation and arguments to convince peers, managers, and executives that automation is worth the effort.

Topics include:

  • Benefits of automation
  • Aspects of automation
    • Keeping track of what is connected to your network, and how
    • Generating configs
    • Getting configs to and from devices
    • Change management and control
    • Principles of automation
    • Levels of automation
  • Tools
    • RANCID
    • ZipTie
    • NCG (Netomata Config Generator)
    • Vendor-specific device configuration tools
  • Automating configuration of network devices
    • Routers
    • Switches
    • Firewalls
    • Load balancers
    • PDUs
  • Automating configuration of network services
    • SNMP status monitoring (e.g., Nagios)
    • SNMP trend monitoring (e.g., MRTG)
    • DNS
    • DHCP
    • ACLs
    • VLANs
    • VPNs
  • Integration with host automation systems, such as Puppet and Cfengine
  • Best practices, pearls of wisdom, tips and tricks
  • Emerging trends and special circumstances
    • Virtualization
    • Cloud computing (including public, private, and hybrid clouds)
    • QA labs, testbeds, and development environments
    • IPv6
    • CoBIT
    • ITIL
  • Strategies for promoting automation in your organization
    • Arguments to convince management to support automation
    • Arguments to convince staff to support automation
    • Methods for gradually automating existing networks

M4 Care and Feeding of Hadoop Clusters NEW! Lin
Jimmy Lin, Cloudera

Who should attend: Engineers and system administrators who are interested in evaluating the operational aspects of Hadoop or are already charged with the installation and upkeep of medium to large Hadoop clusters. No previous experience with Hadoop is required.

This class will take an in-depth look at the operation of Hadoop clusters, focusing on the practical procedures required to safely and efficiently operate a Hadoop cluster. Although not hands-on, the presentation material will focus on the specific command lines required. Demonstrations will be presented.

Take back to work: Confidence in your ability to safely and efficiently operate a Hadoop cluster.

Topics include:

  • Planning and designing a Hadoop deployment using anywhere from four to 4,000 computers
  • The functional underpinnings of Hadoop and how user code is automatically executed across the computers in a Hadoop cluster
  • How to consult with engineering teams on the proper way to write and deploy programs on either dedicated or shared Hadoop clusters
  • Downloading, configuring, and distributing the Hadoop software
  • Starting, stopping, and monitoring the status of both the Hadoop Distributed File System (HDFS) and Map-Reduce components
  • How to perform periodic maintenance, especially with respect to ensuring data integrity
  • Configuring and managing the Map-Reduce job scheduler and user queues
  • How to choose the correct series of steps to safely upgrade the Hadoop software to a newer release, as well as how to safely back out from such an upgrade (and understand the costs of such a backout)
  • Adding large amounts of data to the HDFS
  • Adding or removing machines from the cluster, including seamlessly migrating to an entirely different bank of computers
  • Moving large data between HDFS instances
  • How to write simple Hadoop programs in shell script and PIG to perform data analysis

M5 ZFS: A Filesystem for Modern Hardware NEW!  Elling
Richard Elling, Enterprise Systems Consultant

Who should attend: Systems engineers, integrators, and administrators who are interested in deploying ZFS on Solaris, Mac OS X, or FreeBSD. Participants should be familiar with storage devices, RAID systems, logical volume managers, backup, and file system features. Special emphasis will be placed on integration considerations for virtualization, NAS, and databases.

File systems developed in the mid 20th century were severely constrained by the storage hardware available at the time. ZFS was conceived with an eye toward the hardware of the future and how storage will evolve. This presented an opportunity to rethink how file systems use storage hardware. The result is a new way of managing data which can evolve as the hardware changes while remaining compatible with earlier notions of file system use. Along the way, new concepts such as the Hybrid Storage Pool provide new opportunities for optimization, efficiency, and data protection. In this tutorial, ZFS will be examined from the bottom up, to build a solid understanding of the data-hardware interface, and then from the top down, to provide insight into the best ways to use ZFS for applications.

Take back to work: A solid understanding of the concepts behind ZFS and how to make the best decisions when implementing storage at your site.

Topics include:

  • Evolution of hardware and file systems
  • Storage pools
    • RAID data protection
    • Import/export and shared storage
    • Pool parameters and features
    • On-disk format
  • Data sets
    • Volumes
    • POSIX-compliant file systems
    • Snapshots
    • Replication
  • Practical considerations and best practices
    • Deployment and migration
    • Virtualization
    • Sharing
    • Performance, observability, and tuning
    • Data protection
    • Hybrid storage pools
    • Backup, restore, and archiving
  Monday Morning Half-Day Tutorials

M6 RRDtool First Steps Oetiker
Tobias Oetiker, Consultant and Author of RRDtool

Who should attend: Scripters and programmers who would like to create a custom monitoring application with great presentation tools. Attendees are expected to have some scripting experience.

Over the past few years RRDtool has become the standard method for handling time-series data in the networking area. RRDtool takes care of all the work related to data storage and presentation. Many users only access RRDtool through some front-end application like Cacti or Cricket.

In this half-day tutorial you will learn how RRDtool works from a programmer's point of view and how you can use it to write your own custom monitoring applications. An emphasis will be put on presentation aspects. The best data is worth only as much as your bosses and customers understand and appreciate the graphs you create with it.

Take back to work: Ideas for building the monitoring application of your dreams.

Topics include:

  • RRDtool overview
    • Problems to be solved
    • Round Robin Database setup
    • Data acquisition
    • Graphing
  • Programming with RRDtool
    • The command line interface
    • The pipe interface
    • The Perl API
  • In-depth graphing
    • Concepts
    • Simple graphs
    • The joy of RPN
    • Graph disassembly
    • How to make graphs talk
  • Scaling RRDtool
    • The RRD file format
    • Optimizing OS interaction
    • Tweaking Linux for speed
  • Latest developments

M8 Working with SELinux Farrow
Rik Farrow, Security Consultant

Who should attend: Sysadmins and security managers of Linux systems who want or are required to use SELinux. Participants must be familiar with Linux system administration; previous frustration while using SELinux is expected but not required.

This tutorial focuses on getting SELinux working again in enforcing mode after it has been disabled. SELinux is included by default in many popular distros along with a policy targeted at sandboxing popular network services and some applications. But even minor changes to a server's files, or enabling features in a currently running server, will cause SELinux to prevent an application from working. The usual fix is to disable SELinux.

Take back to work: An awareness of new tools and techniques for debugging problems with SELinux configuration and applications. The goal is to switch SELinux back from permissive or disabled mode to enforcing and to be able to sandbox other not currently covered applications.

Topics include:

  • SELinux uncloaked
    • Types, contexts, and roles
    • Context-based policy
    • Extensions to familiar commands
  • Using the audit file
    • Tools for deciphering log messages
  • Adjusting file/directory context
    • Fixing common access problems
  • Using booleans to adjust policy
  • Extending policy
    • Using audit2allow to correct policy
    • Adding new policy modules
  Monday Afternoon Half-Day Tutorials

M9 RRDtool Advanced Topics Oetiker
Tobias Oetiker, Consultant and Author of RRDtool

Who should attend: Sysadmins who may only have accessed RRDtool through some front-end application such as Cacti or Cricket and would like to get a look under the hood. Attendees are expected to have some scripting experience.

Over the past few years RRDtool has become the standard method for handling time-series data in the networking area. RRDtool takes care of all the work related to data storage and presentation. In this half-day tutorial you will see RRDtool in action: many examples will be demonstrated and explained live.

Take back to work: How to use RRDtool directly to handle time-series data in the networking area.

Topics include:

  • RRDtool overview
    • Rundown on components of RRDtool
    • Update on new functionality in version 1.3
  • The RRD database format
    • How RRDtool stores data
    • Interaction with the OS cache subsystem
    • Linux tricks
    • Fixing "bad data" after the fact
  • How to set up an RRD performance test
  • RRD graphing
    • Simple graphs and autoconfiguration
    • Alternate scaling
    • Working with transparency
    • Creating gradients
    • RPN magic
  • Putting it together
    • Scripting interface
    • The graphv, updatev, and info interfaces

M10 IPv6: An Introduction NEW! Rudi
Rudi Van Drunen, Competa IT/Xlexit

Who should attend: System administrators who need to prepare for migration to IPv6 and want to know what's involved or who just want to know more about IPv6.

Since IPv4 numbers really are running out fast, we need to think about moving to IPv6 as soon as possible. This tutorial brings you the basics on IPv6, what is involved in moving, and how to go about making your move to IPv6.

Take back to work: Knowledge of IPv6, what is involved in moving to IPv6, and how to start now building tunnels between IPv4 and IPv6.

Topics include:

  • The IPv6 frame and addressing
  • Services (autoconfig, DHCP6, DNS)
  • Applications
  • Dual stack (IPv4 and IPv6) operation
  • Tunnelling
  • Security aspects
  • How to start now

M11 Packaging for Sysadmins NEW! Nalley
David Nalley, Fedora Project

Who should attend: System administrators with a modicum of experience who have an interest in further automating their environments and advanced sysadmins who have little or no experience with packaging.

Packaging software is a must for consistent and automated system provisioning and maintenance, yet very few people employ packaging. This tutorial explores why sysadmins should package software, what additional benefits accrue to software packagers, and how to make it happen.

Take back to work: An understanding of the benefits of packaging and how to put the techniques learned in class to use immediately.

Topics include:

  • Why package software
    • Automation
    • Consistency
  • Packaging's serendipitous benefits
  • How to package software
    • rpm packaging
    • deb packaging
    • Solaris packaging
    • Windows packaging
  Tuesday, November 3, 2009
  Tuesday Full-Day Tutorials

T1 Virtualization with VMware vSphere 4.0: The Fundamentals NEW! Sheth Arrasjid
John Arrasjid and Rupen Sheth, VMware

Who should attend: System administrators and architects who are interested in deploying a VMware vSphere 4.0, including ESX and vCenter Server, in a production environment. No experience with VMware products is required. Experience with shared storage (SAN and NAS) and networking (switches and VLANs) is recommended.

VMware vSphere 4.0 is the new virtualization environment from VMware, consisting of ESX/ESXi hosts and vCenter servers for hosting and managing virtual machines. It provides capabilities to support various infrastructure management features (consolidation, patching/upgrading, automation, data protection) with features and extensions to support high availability (VMware HA), fault tolerance (VMware FT), and security (VMware vShield Zones). There are numerous other enhancements to improve efficiency, control, and choice for your virtual infrastructure.

Take back to work: The knowledge needed to design, install, and test a VMware vSphere based virtual infrastructure. Advanced areas will be covered in tutorial W1.

Topics include:

  • Virtualization overview
  • vSphere core concepts and features
  • vSphere installation and configuration (ESX, vCenter and extensions)
  • Networking and storage overview and configuration
  • Virtual machines, virtual appliances, and the OVF
  • Clusters, Resource Pools, VMware HA, VMware FT, and VMware DRS
  • Demonstration of features

T2 Configuration Management Solutions with Cfengine 3 NEW! Burgess
Mark Burgess, Cfengine, Inc.

Who should attend: Anyone with a basic knowledge of configuration management who is interested in learning the next-generation tool.

Following a complete rewrite of Cfengine with its popular new syntax and powerful pattern matching capabilities, this full-day tutorial presents an introduction suitable for new users, as well as for users of Cfengine 2.

The tutorial is peppered with configuration examples, which can now be self-contained and modularized to an unprecedented degree in the new language.

Take back to work: An understanding of the new features of the completely rewritten Cfengine 3, including its new syntax and benefits.

Topics include:

  • Moving from ad hoc scripts to automation
  • The importance of convergence
  • The promise model
  • Templates and data types
  • Quickstart configuration
  • Creating configuration libraries
  • Upgrading from Cfengine 2
  • Example configurations and demos
  • Achieving compliance with standards and regulations
  • Cfengine on Windows and the registry
  • Monitoring and self-healing
  • Brief overview of the community and commercial Cfengine roadmap

T3 Remote Security Testing of Web 2.0 Applications (Hands-on) NEW!        Pinkham Rhoades
David Rhoades and Steve Pinkham, Maven Security Consulting

Who should attend: Pen testers, IT security auditors, and developers. Concepts covered provide real-world issues to consider when developing code and designing security requirements for Web apps. Students should be familiar with HTTP. Experience with basic remote Web app security testing techniques, such as fuzzing, is a plus; however, a crash course will be included in the first hands-on exercise.

Traditional desktop applications are migrating to a browser-centric model at breakneck speeds. As the next generation of Web-based applications races into existence, end users and businesses alike need to consider the security implications of that model. In this workshop we will focus on core security issues and (primarily) remote security testing techniques to detect where flaws exist in the latest generation of online applications.

We will look at the latest popular technologies and examine how they introduce new security weaknesses or enhance older ones.

Take back to work: Hands-on experience remotely detecting and exploiting Web app security weaknesses.

Topics include:

  • Cross-domain issues
    • XSS (cross-site scripting)
    • CSRF (cross-site request forgery, AKA session riding)
  • SQL/XPATH/LDAP injection attacks
  • Path traversal and path forgery
  • Session management issues
  • Info leakage
  • Newer technologies that enhance and redefine old attacks
    • Rich Internet applications, especially Adobe AIR and JavaFX)
    • AJAX (Asynchronous JavaScript and XML)
    • JSON (JavaScript Object Notation: it's more than just data!)
    • Flex
    • Flash Remoting
    • REST (Representational State Transfer)
    • Mashups: Whom do you trust when your application pulls data (and code?) from third parties—even banner ads can be malicious!

System requirements: The toolkit will be a custom-built Ubuntu-based virtual machine geared to run on VirtualBox. You will need to bring your own notebook computer. Each student will be given a virtual machine chock-full of open-source tools, documentation, and targets for a fully self-contained Web app security testing dojo.

  • Before attending the workshop, install the latest stable 3.x version of VirtualBox, free from https://www.virtualbox.org/. VMware Player should also work, but VirtualBox is better for the workshop. VirtualBox runs on almost* any OS. [* Sorry, Amiga fans.]
  • Your OS should be updated with the latest security patches, for your own protection, if you opt to get onto the classroom/conference network.
  • If you use a Windows OS, the file system must be NTFS or better in order to handle large files. FAT32 will not work!
  • Optional: WiFi network card. Since the virtual machine will contain the targets, an Internet connection is not essential, but of course it's always handy.
  • You should have administrator access to the OS in case you need to install new software during class. This will not be necessary in most cases once VirtualBox is installed.
  • The hard drive should have at least 5 GB of free space.
  • Your computer should have 1 GB of RAM (more is better), 2 GB of RAM if you are using Vista.
  • Your computer needs to have a modern CPU (from the past 2 or 3 years). If it has 1+ GB of RAM, it's probably fine.
  Tuesday Morning Half-Day Tutorials

T4 Solaris 10 Administration Workshop 1: Administration (Hands-on; laptop recommended)   StaveleyGalvin
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning the new administration features in Solaris 10 (and features in previous Solaris releases that they might not be using).

Solaris has always been the premier commercial operating system, and this remains the case today. Its novel features and applications (like ZFS, DTrace, and containers) keep it at the forefront of enterprise use, and many of these features have been copied in other operating systems.

This course covers a variety of system administration topics surrounding Solaris 10. Solaris 10 includes many features introduced since the last major release of Solaris, and there are new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration.

Take back to work: Intimate knowledge of the new features and best practices surrounding Solaris 10 administration.

Topics include:

  • Solaris versions, features, selection
  • SMF and FMA
  • Booting and installing
  • Patching
  • Important administration tools
  • What's next for Solaris
  • Quick performance overview

Laptop requirements: Each student should have a laptop with wired access for remote access into an instructor-provided Solaris 10 machine (if you do not have a laptop, we will make every effort to pair you up with another student to work as a group; your laptop does not need to be running Solaris).


T5 Time Management for System Administrators: A New Approach NEW! Limoncelli
Thomas A. Limoncelli, Google

Who should attend: Sysadmins and developers who need more time in their day or who have problems getting projects done because of constant interruptions; those who want more control over their time and the ability to schedule work instead of working at the whim of their users.

After teaching this tutorial for many years at LISA, I have revamped the material around a new approach, "the Three Kinds of Days." We begin by examining, in broad terms, the three kinds of days sysadmins have (booked with meetings, busy, and mixed) and tune our approach to each kind of day by using different time management techniques.

If you agree with any of these statements, this class is for you:

  • I don't have enough time to get all my work done.
  • As a sysadmin, I can't schedule, prioritize, or plan my work.
  • I'm spending all my time mopping the floor; I don't have time to fix the leaking pipe.
  • My boss says I don't work hard enough, but I'm always working my ____ off!

Take back to work: The skills you need to get more done in less time.

Topics include:

  • Why typical "time management" books don't work for sysadmins
  • What makes "to-do" lists fail, and how to make them work
  • How to eliminate "I forgot" from your vocabulary
  • How to prioritize tasks so that users think you're a genius
  • Ways to have more time for fun (for people with a social life)
  • How to leave the office every day with a smile on your face

T6 Automating System Administration with Perl, Part One NEW! David B-E
David N. Blank-Edelman, Northeastern University

Who should attend: System administrators who don't have the time to keep up with all of the advances in the Perl world that can benefit them. This class will build upon your existing Perl knowledge. You'll need at least an advanced-beginner to intermediate familiarity with the language to be able to use the material in this class.

Look at the seat to your left at any USENIX conference. Now look to your right. Chances are, if people near you are automating their system administration tasks, they are using Perl. Python and Ruby are both great languages, but there's a reason why Perl is still the predominant language in this field.

Take back to work: Perl approaches and techniques that can help improve your daily system administration life.

Topics include:

  • File systems
  • DNS and DHCP
  • Config files, all formats, including XML
  • Network mapping and monitoring, including such tools as SNMP, nmap, graphviz, and RRDtool

T7 Disk-to-Disk Backup and Eliminating Backup System Bottlenecks UPDATED FOR 2009! Farmer
Jacob Farmer, Cambridge Computer Services

Who should attend: System administrators involved in the design and management of backup systems and policymakers responsible for protecting their organization's data. A general familiarity with server and storage hardware is assumed. The class focuses on architectures and core technologies and is relevant regardless of what backup hardware and software you currently use.

The data protection industry is going through a mini-renaissance. In the past few years, the cost of disk media has dropped to the point where it is practical to use disk arrays in backup systems, thus minimizing and sometimes eliminating the need for tape. In the first incarnations of disk-to-disk backup—disk staging and virtual tape libraries—disk has been used as a direct replacement for tape media. While this compensates for the mechanical shortcomings of tape drives, it fails to address other critical bottlenecks in the backup system, and thus many disk-to-disk backup projects fall short of expectations. Meanwhile, many early adopters of disk-to-disk backup are discovering that the long-term costs of disk staging and virtual tape libraries are prohibitive.

The good news is that the next generation of disk-enabled data protection solutions has reached a level of maturity where they can assist—and sometimes even replace—conventional enterprise backup systems. These new D2D solutions leverage the random access properties of disk devices to use capacity much more efficiently and to obviate many of the hidden backup-system bottlenecks that are not addressed by first-generation solutions. The challenge to the backup system architect is to cut through the industry hype, sort out all of these new technologies, and figure out how to integrate them into an existing backup system.

This tutorial identifies the major bottlenecks in conventional backup systems and explains how to address them. The emphasis is placed on the various roles for inexpensive disk in your data protection strategy; however, attention is given to SAN-enabled backup, the current state and future of tape drives, and iSCSI.

Take back to work: Ideas for immediate, effective, inexpensive improvements to your backup systems.

Topics include:

  • Identifying and eliminating backup system bottlenecks
  • Conventional disk staging
  • Virtual tape libraries
  • Removable disk media
  • Incremental forever and synthetic full backup strategies
  • Block- and object-level incremental backups
  • Information lifecycle management and nearline archiving
  • Data replication
  • CDP (Continuous Data Protection)
  • Snapshots
  • Current and future tape drives
  • Capacity Optimization (Single-Instance File Systems)
  • Minimizing and even eliminating tape drives
  • iSCSI

T8 Bringing Your Web Pages to Life with jQuery NEW! Oetiker
Tobias Oetiker, Consultant

Who should attend: People who know programming and HTML and want to bring their Web pages to life using JavaScript. No prior JavaScript skills are required.

I have been creating Web pages using plain HTML and some CSS for a long time now, but the whole DHTML and AJAX craze remained somewhat of a closed book to me. This all changed when I set my mind to integrating a Picasa Web Album into my home page and could not find any code out there that did what I had in mind.

JavaScript has a bad reputation for being highly browser-specific. This has changed in recent years, both through the browsers becoming more uniform in their JavaScript support and with the advent of some nifty JavaScript libraries.

In this course you can join me in getting up to speed with JavaScript programming. After covering some basics, I will give you a step-by-step tour through the code that got it all started, integrating photos stored on Picasa Web into a plain Web page. I will be using jQuery as a basis for the JavaScript examples.

Take back to work: The ability to start integrating interactive JavaScript elements into your Web pages.

Topics include:

  • JavaScript 101
  • jQuery feature overview
  • Lots of example code
  • A walk-through of a real-world jQuery application
  • How to write maintainable code in JavaScript

T9 Advanced Shell Programming Ciavarella
Mike Ciavarella, Consultant

Who should attend: Junior or intermediate system administrators or anyone with a basic knowledge of programming, preferably with some experience in Bourne/Korn shells (or their derivatives).

The humble shell script is still a mainstay of UNIX/Linux system administration, despite the wide availability of other scripting languages. This tutorial details techniques that move beyond the quick-and-dirty shell script.

Take back to work: An understanding of how to use the "lowly" shell to achieve lofty goals.

Topics include:

  • Common mistakes and unsafe practices
  • Modular shell script programming
  • Building blocks: awk, sed, etc.
  • Writing secure shell scripts
  • Performance tuning
  • Choosing the right utilities for the job
  • Addressing portability at the design stage
  • When not to use shell scripts
  Tuesday Afternoon Half-Day Tutorials

T10 Solaris 10 Administration Workshop 2: Virtualization (Hands-on; laptop recommended)   StaveleyGalvin
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning about the new virtualization features in Solaris 10.

Solaris has always been the premier commercial operating system, and this remains the case today. Its novel features and applications (such as ZFS, DTrace, and Containers) keep it at the forefront of enterprise use, and many of these features have been copied in other operating systems.

This course covers the gamut of virtualization options in Solaris 10. It includes new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration.

Take back to work: Intimate knowledge of the Solaris 10 virtualization choices and best practices surrounding Solaris 10 administration.

Topics include:

  • Virtualization choices in Solaris
  • Zones/Containers
  • LDOMs and Domains
  • Virtualbox
  • xVM (a.k.a. Xen)

System Requirements: Each student should have a laptop with wired access for remote access into an instructor-provided Solaris 10 machine (if you do not have a laptop, we will make every effort to pair you up with another student to work as a group; your laptop does not need to be running Solaris).


T11 Design Patterns for System Administrators NEW! Limoncelli
Thomas A. Limoncelli, Google

Who should attend: System administrators and managers at all skill levels who support many users or a growing user base.

We will discuss design patterns and rules of thumb that I have learned over my 20 years as a system administrator, plus info from The Practice of System and Network Administration (Addison-Wesley) and Time Management for System Administrators (O'Reilly). We will examine case studies; students will be encouraged to contribute their own examples and patterns.

Take back to work: A hodgepodge of tricks and tips to make your life easier.

Topics include:

  • General sysadmin stuff:
    • Making big changes without tearing down the world
    • How to make ACLs more sustainable
    • Rules for DNS and other namespaces when setting up a new company
    • How to avoid supporting many, many releases
    • Maintaining an inventory that never goes out of date
    • The best time to upgrade a compiler
    • Simple ways to improve communication with your fellow SAs, management, and customers
    • Making the "buy vs. build" decision
    • Constant evolution beats "big initiatives" (unless you are the CEO)
    • How to encourage users to conserve disk space
    • A state-machine is worth a thousand words
  • Organizational stuff:
    • How to organize your help desk for maximum performance
    • Why bug-tracking software is different from user-request-tracking software
    • How to ensure that project managers work well with SAs
    • How to make your users trust you from day one
    • Three policies your boss should write that save your sanity
    • How to make sure your users go to the help desk instead of to your desk
    • How to get your boss to hire an assistant to do all your work

T12 Automating System Administration with Perl, Part Two NEW! Blank-Edelman
David N. Blank-Edelman, Northeastern University

Who should attend: System administrators who don't have the time to keep up with all of the advances in the Perl world that can benefit them. This class will build upon your existing Perl knowledge. You'll need at least an advanced-beginner to intermediate familiarity with the language to be able to use the material in this class. Part One of this class is not required.

Look at the seat to your left at any USENIX conference. Now look to your right. Chances are, if people near you are automating their system administration tasks, they are using Perl. Python and Ruby are both great languages, but there's a reason why Perl is still the predominant language in this field. Join me as we continue to explore the latest Perl tools and best practices.

Take back to work: Perl approaches and techniques that can help improve your daily system administration life.

Topics include:

  • User activity, including process and network connection management
  • Database administration
  • Email protocols (SMTP, POP3, IMAP)
  • Security tools such as message digests (MD5/SHA-2), network sniffing, and better password mechanisms

T13 Next-Generation Storage Networking UPDATED FOR 2009! Farmer
Jacob Farmer, Cambridge Computer Services

Who should attend: Sysadmins running day-to-day operations and those who set or enforce budgets. This tutorial is technical in nature, but it does not address command-line syntax or the operation of specific products or technologies. Rather, the focus is on general architectures and various approaches to scaling in both performance and capacity. Since storage networking technologies tend to be costly, there is some discussion of the relative cost of different technologies and of strategies for managing cost and achieving results on a limited budget.

There has been tremendous innovation in the data storage industry over the past few years. Proprietary, monolithic SAN and NAS solutions are beginning to give way to open-system solutions and distributed architectures. Traditional storage interfaces such as parallel SCSI and Fibre Channel are being challenged by iSCSI (SCSI over TCP/IP), SATA (serial ATA), SAS (serial attached SCSI), and even Infiniband. New filesystem designs and alternatives to NFS and CIFS are enabling high-performance filesharing measured in gigabytes (yes, "bytes," not "bits") per second. New spindle management techniques are enabling higher-performance and lower-cost disk storage. Meanwhile, a whole new set of efficiency technologies are allowing storage protocols to flow over the WAN with unprecedented performance. This tutorial is a survey of the latest storage networking technologies, with commentary on where and when these technologies are most suitably deployed.

Take back to work: An understanding of general architectures, various approaches to scaling in both performance and capacity, relative costs of different technologies, and strategies for achieving results on a limited budget.

Topics include:

  • Fundamentals of storage virtualization: the storage I/O path
  • Shortcomings of conventional SAN and NAS architectures
  • In-band and out-of-band virtualization architectures
  • The latest storage interfaces: SATA (serial ATA), SAS (serial attached SCSI), 4Gb Fibre Channel, Infiniband, iSCSI
  • Content-Addressable Storage (CAS)
  • Information Life Cycle Management (ILM) and Hierarchical Storage Management (HSM)
  • The convergence of SAN and NAS
  • High-performance file sharing
  • Parallel file systems
  • SAN-enabled file systems
  • Wide-area file systems (WAFS)

T15 Documentation Techniques for Sysadmins Ciavarella
Mike Ciavarella, University of Melbourne, Australia

Who should attend: System administrators who need to produce documention for the systems they manage or who want to improve their documentation skills.

Particular emphasis is placed on documentation as a time-saving tool rather than a workload imposition.

Take back to work: The ability to make immediate, practical use of the documentation techniques presented in this tutorial in your day-to-day tasks.

Topics include:

  • Why system administrators need to document
  • The document life cycle
  • Targeting your audience
  • An adaptable document framework
  • Common mistakes
  • Tools to assist the documentation process
  Wednesday, November 4, 2009
  Wednesday Full-Day Tutorials

W1 Virtualization with VMware vSphere 4.0: Advanced Topics NEW!     Sheth Arrasjid
John Arrasjid and Rupen Sheth, VMware

Who should attend: System administrators and architects interested in advanced features of vSphere 4.0. This session will provide in-depth technical discussions and is geared toward those already experienced with the VMware Infrastructure, including those with advanced VI3 skills who are interested in learning more to help them in transitioning to a VMware vSphere 4 environment.

This tutorial will cover advanced topics related to vSphere 4.0, the latest VMware technology platform. We will focus on new and advanced concepts pertaining to networking and storage, provisioning, availability, and disaster recovery. This session will also include layered technologies that augment vSphere 4.0 capabilities. Live demonstrations will be given, time and connectivity permitting. Students' technical questions will be answered in the last part of the day.

Take back to work: A firm understanding of how to use the more advanced features of VMware vSphere 4.0.

Topics include:

  • Best practices overview
  • New and/or advanced networking and storage concepts
  • Design strategies for virtualization
  • vShield security solutions
  • Disaster recovery solutions
  • Demonstration of features

W2 Practical Python for System Administrators Holden
Steve Holden, Holden Web

Who should attend: System administrators looking for scripting tools to assist them in performing more complex system administration tasks. Python experience is not necessary, but familiarity with scripting would be useful.

This tutorial will introduce you to many of Python's features by example. It will present scripts to solve practical administration problems and then discuss potential modifications to broaden the scope of the script or specialize it. It will also take a look at Python's object-oriented features and explain how object-oriented solutions can be more flexible and easier to maintain.

Along the way we will introduce some of Python's more advanced features, including generator functions, the iteration protocol, and properties, and we will discuss Python's database API and its built-in graphical capabilities. Examples will be presented in such a way as to give you the ability to adapt existing scripts, as well as to write your own.

Take back to work: The ability to make your work easier through reliable automation of many complex tasks, both by adapting existing scripts and by writing your own.

Topics include:

  • System heartbeat monitors
  • UDP-based logging utilities
  • Log analysis tasks
  Wednesday Morning Half-Day Tutorials

W3 Solaris 10 Administration Workshop 3: File Systems (Hands-on; laptop recommended)   StaveleyGalvin
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning about the new filesystem features in Solaris 10.

Solaris has always been the premier commercial operating system, and this remains the case today. Its novel features and applications (such as ZFS, DTrace, and Containers) keep it at the forefront of enterprise use, and many of these features have been copied in other operating systems. This course covers Solaris 10 filesystem topics. It includes new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration.

Take back to work: Intimate knowledge of the Solaris 10 filesystem choices and best practices surrounding Solaris 10 administration.

Topics include:

  • Root disk layout
  • Mirroring and related topics
  • ZFS
  • Choosing the most appropriate file system

Laptop requirements: Each student should have a laptop with wired access for remote access into an instructor-provided Solaris 10 machine; your laptop does not need to be running Solaris. If you do not have a laptop, we will make every effort to pair you with another student.


W4 Linux Performance Tuning NEW! Ts'o
Theodore Ts'o, IBM Linux Technology Center

Who should attend: Intermediate and advanced Linux system administrators who want to understand their systems better and get the most out of them.

The Linux operating system is commonly used in both the data center and by scientific computing; it is used in embedded systems as small as a wristwatch, as well as in large mainframes. As a result, the Linux system has many tuning knobs so that it can be optimized for this wide variety of workloads. Some tuning of the Linux operating system has been done "out of the box" by enterprised-optimized distributions, but there are still many opportunities for a system administrator to improve the performance of his or her workloads on a Linux system.

This class will cover the tools that can be used to monitor and analyze a Linux system and key tuning parameters to optimize Linux for specific server applications, covering the gamut from memory usage to filesystem and storage stacks, networking, and application tuning.

Take back to work: The ability to hone the performance of your Linux systems for the specific tasks they need to perform.

Topics include:

  • Strategies for performance tuning
    • Characterizing your workload's requirements
    • Finding bottlenecks
    • Tools for measuring system performance
  • Memory tuning
  • Filesystem and storage tuning
  • NFS performance tuning
  • Network tuning
    • Latency vs. throughput
  • Application tuning

W5 Over the Edge System Administration, Volume 1 Blank-Edelman
David N. Blank-Edelman, Northeastern University

Who should attend: Old-timers who think they've already seen it all and those who want to develop inventive thinking early in their career. Join us and be prepared to be delighted, disgusted, and amazed. Most of all, be ready to enrich your network and system adminstration by learning to be different.

It's time to learn how to break the rules, abuse the tools, and generally turn your system administration knowledge inside out. This class is a cornucopia of ideas for creative ways to take the standard (and sometimes not-so-standard) system administration tools and techniques and use them in ways no one would expect. We'll also cover some tools you may have missed.

Note: The teacher takes no responsibility should your head explode during this class.

Take back to work: New approaches to old problems, along with some ways to solve the insolubles.

Topics include:

  • How to (ab)use perfectly good network transports by using them for purposes never dreamed of by their authors
  • How to increase user satisfaction during downtimes with 6 lines of Perl
  • How to improve your network services by intentionally throwing away data
  • How to drive annoying Web-only applications that don't have a command line interface—without lifting a finger
  • How to use ordinary objects you have lying around the house, such as Silly Putty, to make your life easier (seriously!)
  Wednesday Afternoon Half-Day Tutorials

W6 Solaris 10 Administration Workshop 4: Security (Hands-on; laptop recommended) StaveleyGalvin
Peter Baer Galvin, Corporate Technologies; Marc Staveley, Independent Consultant

Who should attend: Solaris systems managers and administrators interested in learning about the new security features in Solaris 10 and features in previous Solaris releases they might not be using.

Solaris has always been the premier commercial operating system, but it is also somewhat different from other UNIX/Linux systems. It has novel features and applications (some have been copied in other operating systems), and there are things you need to know to use them effectively and securely.

This course covers a variety of topics surrounding Solaris 10 and security. Note that this is not a class about specific security vulnerabilities and hardening; rather, it examines new features in Solaris 10 for addressing the entire security infrastructure, as well as new issues to consider when deploying, implementing, and managing Solaris 10. This will be a workshop featuring instruction and practice/exploration. Also, this course does not include virtualization (containers et al.), as that is covered in Solaris 10 Administration Workshop 2.

Take back to work: During this exploration of the important new features of Solaris 10, you'll not only learn what it does and how to get it done, but also best practices. Also covered is the status of each of these new features, how stable it is, whether it is ready for production use, and expected future enhancements.

Topics include:

  • RBAC—Role Based Access Control: Giving users and application access to data and functions based on the role they are filling, as opposed to their login name
  • Privileges: A new Solaris facility based on the principle of least privilege. Instead of being root (or not), users are accorded 43 distinct bits of privilege, sometimes spanning classes of actions and sometimes being confined to a specific system call.
  • NFSv4: The latest version of NFS (based on an industry standard) features stateful connection, more and better security, write locks, and faster performance.
  • Flash archives and live upgrades (automated system builds)
  • Moving from NIS to LDAP
  • DTrace (security): Solaris 10's system profiling and debugging tool
  • FTP client and server enhancements for security, reliability, and auditing
  • PAM—the Pluggable Authentication Module: Enhancements for more detailed control of access to resources
  • Auditing enhancements
  • BSM—Basic Security Module: A security auditing system, including tools to assist with analysis, and a device allocation mechanism that provides object-reuse characteristics for removable or assignable devices
  • Service Management Facility (a replacement for rc files), with new "secure by default" settings
  • Solaris Cryptographic Framework: A built-in system for encrypting anything, from files on disks to data streams between applications
  • Kerberos enhancements
  • Packet filtering with IPfilters
  • BART—Basic Audit Reporting Tool: Like Tripwire, BART enables you to determine what file-level changes have occurred on a system, relative to a known baseline
  • Trusted Extension: additions to Solaris 10 to make it "Trusted Solaris"
  • Securing a Solaris 10 system

Laptop requirements: Each student should have a laptop with wireless access for remote access into an instructor-provided Solaris 10 machine; your laptop does not need to be running Solaris. If you do not have a laptop, we will make every effort to pair you up with another student.


W7 Recovering from Linux Hard Drive Disasters Ts'o
Theodore Ts'o, IBM Linux Technology Center

Who should attend: Linux system administrators and users.

Ever had a hard drive fail? Ever kick yourself because you didn't keep backups of critical files, or you discovered that your regularly nightly backup didn't succeed? Of course not: everybody keeps regular backups and verifies them to make sure they are successful. But for those people who think they might nevertheless someday need this information, this tutorial will discuss ways of recovering from storage disasters caused by failures somewhere in the hardware or software stack.

Take back to work: How to recover from storage disasters caused by failures somewhere in the hardware or software stack.

Topics include:

  • How data is stored on hard drives
  • Recovering from a corrupted partition table
  • Recovering from failed software RAID systems
  • Low-level techniques to recover data from a corrupted ext2/ext3 filesystem when backups aren't available
  • Using e2image to back up critical ext2/3 filesystem metadata
  • Using e2fsck and debugfs to sift through a corrupted filesystem
  • Preventive measures to avoid needing to use heroic measures

W8 Over the Edge System Administration, Volume 2 Blank-Edelman
David N. Blank-Edelman, Northeastern University

Who should attend: Old-timers who think they've already seen it all and those who want to develop inventive thinking early in their career. Join us and be prepared to be delighted, disgusted, and amazed. Most of all, be ready to enrich your network and system adminstration by learning to be different. Previous attendance at Volume 1 of the series is recommended but not required.

Join us for volume 2 of the wildly successful Over the Edge System Administration class series. Once again we'll learn how to break the rules, abuse the tools, and generally turn your system administration knowledge inside out with the help of a whole new set of examples. This class is a second cornucopia of ideas for creative ways to take the standard (and sometimes not-so-standard) system administration tools and techniques and use them in ways no one would expect. We'll also cover some tools you may have missed. This class will take some of the concepts from volume 1 and develop them even further.

We feel it is important to remind you: The teacher takes no responsibility should your head explode during this class.

Take back to work: Approaches to system administration you never dreamed of—but you wish you had!

Topics include:

  • How to exploit side effects to your benefit
  • Applying the arts and crafts you learned in camp to system administration
  • Pressing Web apps from places like Google and Yahoo! into service as sysadmin tools
  • How to perform SQL queries on your network equipment
  • How to use even more ordinary objects you have lying around the house to make your life easier (seriously!)
  Thursday, November 5, 2009
  Thursday Full-Day Tutorials

R1 VMware ESX Performance and Tuning
McDougall
Richard McDougall, VMware

Who should attend: Anyone who is involved in planning or deploying virtualization on VMware ESX and wants to understand the performance characteristics of applications in a virtualized environment.

We will walk through the implications to performance and capacity planning in a virtualized world to learn about how to achieve best performance in a VMware ESX enviroment.

Take back to work: How to plan, understand, characterize, diagnose, and tune for best application performance on VMware ESX.

Topics include:

  • Introduction to virtualization
  • Understanding different hardware acceleration techniques for virtualization
  • Diagnosing performance using VMware tools
  • Diagnosing performance using guest OS tools in a virtual environment
  • Practical limits and overheads for virtualization
  • Storage performance
  • Network throughput and options
  • Using Virtual-SMP
  • Guest Operating System Types
  • Understanding the characteristics of key applications, including Oracle, MS SQLserver, and MS Exchange
  • Capacity planning techniques

-->

R2 VMware ESX Performance and Tuning NEW!
McDougall
Richard McDougall, VMware

Who should attend: Anyone who is involved in planning or deploying virtualization on VMware ESX and wants to understand the performance characteristics of applications in a virtualized environment.

We will walk through the implications to performance and capacity planning in a virtualized world to learn about how to achieve best performance in a VMware ESX enviroment.

Take back to work: How to plan, understand, characterize, diagnose, and tune for best application performance on VMware ESX.

Topics include:

  • Introduction to virtualization
  • Understanding different hardware acceleration techniques for virtualization
  • Diagnosing performance using VMware tools
  • Diagnosing performance using guest OS tools in a virtual environment
  • Practical limits and overheads for virtualization
  • Storage performance
  • Network throughput and options
  • Using Virtual-SMP
  • Guest Operating System Types
  • Understanding the characteristics of key applications, including Oracle, MS SQLserver, and MS Exchange
  • Capacity planning techniques
  Thursday Morning Half-Day Tutorials

R3 Take a Gulp from the Sysadmin Automation Firehose NEW!
Æleen Frisch Æleen Frisch, Exponential Consulting

Who should attend: System administrators who want to explore new ways of automating administrative tasks. Shell scripts are appropriate for many jobs, but more complex operations will often benefit from sophisticated tools.

As the complexity of modern UNIX/Linux systems has increased, the tried-and-true method of "just write a shell script" has become outdated. While simple tasks can still be performed this way, tools are available that can make your job simpler, yet much more sophisticated, especially when managing large numbers of systems.

Take back to work: An introduction to the most essential tools for making your work easier. For each tool, we will consider what tasks it does well, how to get started using it, and which of its advanced features to consider next.

Topics include:

  • Expect: Automating interactive processes
  • Bacula: Open source enterprise backup
  • Nagios: Monitoring network and device performance
  • RRDTool: Examining retrospective system data
  • Front ends to RRDTool: Munin and others
  • Other tools of interest and importance

R4 Wireshark and the Art of Debugging Networks Carter
Gerald Carter, Likewise Software

Who should attend: System and network administrators who are interested in learning more about the TCP/IP protocol and how network traffic monitoring and analysis can be used as a debugging, auditing, and security tool.

System logs can turn out to be incomplete or incorrect when you're trying to track down network application failures. Sometimes the quickest, or the only, way to find the cause is to look at the raw data on the wire. This course is designed to help you make sense of that data.

Take back to work: How to use the Wireshark protocol analyzer as a debugging and auditing tool for TCP/IP networks.

Topics include:

  • Introduction to Wireshark (Ethereal) for local and remote network tracing
  • TCP/IP protocol basics
  • Analysis of popular application protocols such as DNS, DHCP, HTTP, NFS, CIFS, and LDAP
  • How some kinds of TCP/IP network attacks can be recognized
  Thursday Afternoon Half-Day Tutorials

R5 Have a Drink from the Network Services Firehose NEW! Carter
Gerald Carter, Likewise Software

Who should attend: System and network administrators who, whether to brush up on overall network expertise or to cover for a collegue who is out sick one day, need a fast introduction to core network services.

There are a collection of network services we use every day when performing basic tasks such as checking email, sharing documents, and browsing the Web.

For each topic, we'll answer the questions:

  • What does it do?
  • Why do I have it or need it on my network?
  • What are the popular (or at least common) applications I might run into?
  • How does it work on Solaris, Linux, and *BSD systems?
  • What is in the configuration files and where do they live?

Take back to work: An introduction to the stable of core services every network requires to function properly.

Topics include:

  • DHCP (Dynamic Host Control Protocol)
  • DNS (Domain Name System)
  • Electronic mail servers
  • LDAP (Lightweight Directory Access Protocol)
  • NFS (Network File System) and automounters
  • Web servers

R6 Nagios: Advanced Topics Sellens
John Sellens, SYONEX

Who should attend: Network and system administrators ready to implement or extend their use of the Nagios system and network monitoring tool.

Nagios is a very widely used tool for monitoring hosts and services on a network. It's very flexible, configurable, and can be extended in many ways, using home-grown or already existing extensions.

This tutorial will cover the advanced features and abilities of Nagios and related tools, which are especially useful in larger or more complex environments, or for higher degrees of automation or integration with other systems.

Take back to work: The information you need to immediately implement and use the advanced features of Nagios and related tools for monitoring systems and devices on your networks.

Topics include:

  • Theory of operation
  • Configuration for more complex environments
  • Plug-ins: Their creation, use, and abuse
  • Extensions: NRPE, NSCA, NDOUtils
  • Add-ons: Graphing, integration with other tools
  • Abuse: Unexpected uses and abuses of Nagios
  Friday, November 6, 2009
  Friday Full-Day Tutorials

F1 Introduction to the Open Source Xen Hypervisor
Shepherd Matthews
Jeanna Matthews and Zach Shepherd, Clarkson University

Who should attend: System administrators and architects who are interested in running server services in virtual machines and deploying the open source Xen hypervisor in a production environment. No prior experience with Xen is required; however, a basic knowledge of Linux is helpful.

The Xen hypervisor, an innovative virtualization infrastructure to provide fast and secure execution to multiple virtual machines, has been used to virtualize a wide range of guest operating systems, including Windows, Linux, Solaris, and *BSD. Widely regarded as a compelling alternative to proprietary virtualization platforms and hypervisors for x86-compatible platforms, it is commonly deployed in industrial and commercial environments as a promising approach to dynamic datacenters and virtual servers.

Take back to work: How to build and deploy the Xen hypervisor.

Topics include:

  • Basic overview of virtualization
  • Xen architecture overview
  • Virtual machine creation and operation
  • Installation and configuration
  • Performance: tools and methodology
  • Best practices using Xen

F3 Issues in Infrastructure Design Damon
Lee Damon, University of Washington

Who should attend: Anyone who is designing, implementing, or maintaining a UNIX environment with 2 to 20,000+ hosts; system administrators, architects, and managers who need to maintain multiple hosts, real or virtual, with few admins.

This intermediate class will examine many of the background issues that need to be considered during the design and implementation of a mixed-architecture, mixed hard- and virtual-architecture, or single-architecture UNIX environment. It will cover issues from authentication (single sign-on) to the Holy Grail of single system images.

This class won't implement a "perfect solution," as each site has different needs. We will look at some freeware and some commercial solutions, as well as many of the tools that exist to make a workable environment possible.

Take back to work: Answers to the questions you should ask while designing and implementing the mixed-architecture, mixed hard- and virtual-architecture, or single-architecture UNIX environment that will meet your needs.

Topics include:

  • Administrative domains: Who is responsible for what, and what can users do for themselves?
  • Desktop services vs. farming: Do you do serious computation on the desktop, or do you build a compute farm?
  • Disk layout: How do you plan for an upgrade? Where do things go?
  • Free vs. purchased solutions: Should you write your own, or hire a consultant or company?
  • Homogeneous vs. heterogeneous: Homogeneous is easier, but will it do what your users need?
  • Where does virtualization fit in?
  • Extending your infrastructure into the clouds
  • The essential master database: How can you keep track of what you have?
  • Policies to make life easier
  • Push vs. pull
  • Getting the user back online in 5 minutes
  • Remote administration: lights-out operation; remote user sites; keeping up with vendor patches, etc.
  • Scaling and sizing: How do you plan on scaling?
  • Security vs. sharing: Your users want access to everything. So do the crackers . . .
  • Single sign-on: How can you do it securely?
  • Single system images: Can users see just one environment, no matter how many OSes there are?
  • Tools: The free, the purchased, the homegrown
?Need help? Use our Contacts page.

Last changed: 14 Oct. 2009 ch