This document outlines the training steps to become a System Administrator. The training will be split into theoretical and practical sections under the form of an extended project that will cover the different facets of fundamental notions in order to get acquainted and master them.
The Training program helps to introduce its followers with :
- Linux
- Shell Scripting
- DevOps
- Cloud Environment
- Web Architecture
- Virtualization
- Continuous Integration/ Continuous Deployment (CI/CD)
- Code Versioning
- Architecture Design
- Documentation
- Logging and log monitoring
- Troubleshooting and debugging
- Best Practices
At the end of this program, it is expected to have an application that is containerized, deployed inside of a Kubernetes Cluster (for the production environment) as well as inside of a Docker Compose environment (for the pre-production environment) that extend across multiple Linux devices. The code delivery is to be automated through the use of Gitlab CI/CD. The Application is to use multiple types of databases (Mongodb, Mariadb, Redis, and Elasticsearch) as well as a distributed S3 environment for storage.
The source code of the application will be provided with this training guide. It is also worth mentioning that since your background is in development, it is highly encouraged and, at a certain level of expertise, expected that you intervene at the code level to fix bugs and/or ameliorate the code in order for it to become cloud native.
In order to be effective and well based, there are certain theoretical notions that you must be familiar with and comprehend. Mastery of these notions is not required. Mastery comes with practice and experience. With that being said, when the day comes and you need to further explore these concepts in-depth, you need to be able to reference them directly and pinpoint the exact notion that you need as well as its relation to others.
With linux, you need to be able to : Navigate between different directories using relative and absolute paths; Create, copy, move, and replace files and directories; Edit files; Add and remove users; Attribute access to users; Restrict and/or Grant access to certain files or directories for certain users; Remotely connect to other devices and administer them; Enable and Restrict connections through different ports of the machine; Install missing packages; Etc.
In order to be able perform the aforementioned operations, you need to get familiar with :
- The command line
- Access permissions
- Users, user groups, and privileges
- Storage
- Security and best practices
- The file system
- Firewalls and networking
- The difference between linux distributions
- Repositories as well as package installation
- Remote system administration
- Remote file transfer
References :
- Intro to Linux that contains an explanation on the different distributions
- Basic Linux commands
- Environment variables under Linux
- Navigating between folders under Linux
- Listing files under Linux
- Copying files under Linux
- Moving files under Linux
- Linux access permissions 1
- Linux access permissions 2
- Linux file ownership
- Pipes and piping under Linux
- Finding text in files under Linux
- Introduction to regular expression (regex)
- Firewall configuration under Debian Linux using UFW
- Firewall configuration under Redhat Linux using FirewallD
- Installing packages under Debian Linux
- Adding repositories under Debian Linux
- Enabling SSH on Ubuntu
- Copying files over SSH under Linux
- Dumping TCP packages under Linux
- File editing using NANO under Linux
- File editing using VIM under Linux
- Bash tutorial
When it comes to architectures, you need to be familiar with the following :
- 1 tier architectures
- 2 tier architectures
- N tier architectures
- Service Oriented Architectures (SOA)
- Micro services architectures
- Multi Site architectures
The purpose of this section is to be familiar with the different types of deployment architectures, their evolution and the use cases for each.
References:
You need to get familiar with the different types of authentications, especially Basic Authentication and JWT Authentication. After which, you need to have an in-depth familiarity with Role-Based Access Control (RBAC) and how to define roles and groups. It is also preferable to have knowledge about OpenID Connect and OAuth 2.0, and SAML authentication systems.
You need to have a basic understanding of the HTTP protocol, REST connections, Socket/Web Socket connections as well as the difference between synchronous (sync) and asynchronous (async) connections between servers and clients ( or servers to servers).
You need to be familiar with Gateways, Reverse Proxies, Load Balancing, and application layer routing for incoming traffic.
For the virtualization section, you need to understand the difference between Virtualization and Emulation as well as the difference between Virtual Machines and Containers. This is a simple introduction to the concept but very helpful to understand the distinction between the terms.
After being introduced to the aforementioned concepts, you need to further explore Containers and Containerization with Docker. For which, you need to explore the following concepts of the docker ecosystem:
- Docker images
- Docker tags
- Docker registries
- Docker image inheritance and hierarchy
- Environment variables
- Volumes and Volume Binding
- Networking and the difference between Private and Public networks
- Docker multi-stage images
References :
- Docker Basics tutorial
- Docker for beginners
- Docker images
- Docker tags
- Docker arguments (ARG) and environment variables (ENV)
- Docker image inheritance and hierarchy
- Networking in Docker
- Port mapping in Docker
- Docker volumes
You need to be familiar with the basics of code versioning tool Git as well as the concept and the utility of the Continuous Integration/Continuous Deployment (CI/CD). The tools that you will be using all along your training are Gitlab for code versioning and Gitlab CI/CD for the Continuous Integration and Continuous Deployment.
For your final theoretical concept, you need to be familiar with different deployment architectures be it classical ( mono server), multi-site deployments, and deployments using container orchestration tools through the use of the following two technologies :
- Docker compose
- Kubernetes
In the practical section of the training program, you will be required to complete a series of exercises that will help you apply the knowledge acquired in the previous section. (Follow the links for more details on the tasks to perform)
- Your first exercise will focus on the Linux System Administration part of the training as it is the basis of a system
administrator’s skills.
- Section 1 : You will be asked to provide a series of commands that perform a particular series of tasks (to be disclosed later on)
- Section 2 : After validating your first exercise, you will be asked to convert the series of tasks into an executable script.
- Your next task, will revolve around application runtime, containerization, and CI/CD
- Section 1 : you will be asked to clone a git repository, and start a series of applications.
- Section 2 : After starting the applications, you will be asked to containerize them
- Section 3 : After the containerization, you will be asked to automate the building and delivery of the images through the use of Gitlab CI/CD
- After mastering application runtime, containerization, and CI/CD, you will be configuring deployments for the
applications
- Section 1 : You will start by creating a docker compose deployment configuration for the application suite
- Section 2 : Next, you need to render your applications accessible through a gateway
- Section 3 : Configure the automatic deployment of the docker-compose environment on a raspberry-pi
- Section 4 : Furthermore, you will be creating a Kubernetes deployment configuration for the application suite
- Section 5 : Lastly, configure the automatic deployment of the kubernetes environment on a raspberry-pi overriding that of docker-compose
- Your last task will revolve around the following :
- Section 1 : Configuring auto deployment of different environments of the application suite into the previously created Kubernetes clusters
- Section 2 : Configuring automated backups of sensitive data
- Section 3 : Deploying and configuring tools that will help you ingest logs from these clusters as well as monitoring the health of the deployed applications
Please refer to the outline document before you start working.
The follow-up of and feedback about your progress will be conducted on task by task basis. A task will be considered “done” when it fulfills its intended purpose and it satisfies the quality requirements of your mentor. With that in mind, please take your time with each task and don’t jump steps. The order of the tasks, be it theoretical or practical, is as such for a reason.
It should be noted that further tasks might be added along the way, depending on your progress, to help you better explore a system, a technology, or an architecture or to increase the level of challenge in order to help you become familiar with even more things.
Whilst the required tasks are few in numbers and might seem benign in the beginning, they are the basis of 90% of the work of a system administrator/devops specialist. Getting them right is not evident and mastering them all is no easy feat. Also, whilst this training program does not cover all facets and aspects of the work of a System Administrator, it helps you acquire fundamentals and apply them. In reality, tools change all the time and it is hard to be always up to date with all the new tools and technologies. What differentiates a good engineer from another is the comprehension of the basics as well as their pragmatism and rationale behind their decision.
Best of luck.