Slashdot Mirror
Server Optimization For Newbies?
supaneko writes "I recently took a new job as a network and server administration for a small IT company. I am absolutely shocked at how much is taking place within this company that I have little to no experience with. To help bolster my experience, I purchased a used server to use for hands-on training and practice. My ultimate goal is to have a complete, secure LAMP server available to the public running CentOS. I have been browsing the Net for various guides and tips on setup, optimization, security, and maintenance, but nothing I've found really gives me a hands-on approach to the topics I want to learn about. When you all started out, what route did you take to pick up the server setup and maintenance skills you have now? Is there anything in particular that you would recommend to someone who has excellent skills with consumer PCs and servers but is a total newbie to corporate and enterprise networking and servers?"
Slackware. Forget about Redhat and all the other GUI-fied distributions. Install Slackware and do everything yourself. It's the only way to learn.
How did you get a job as a company's sole "network and server administration" (sic) when you are a "total newbie to corporate and enterprise networking and servers"?
In every case I've experienced where someone was hired for a sysadmin job with absolutely no experience, there was a more senior person on staff there to mentor/train them. But it doesn't sound like that's the case here.
So... either (a) you were completely up front with your employer about your lack of experience and they hired you anyway, in which case there's no problem because they have limited needs, know you're learning and don't expect much; or (b) you lied to them, in which case the answer is "quit and go get a job you're actually qualified for".
Read my blog.
Where do you work? I'd just like to know, so that I don't deal with your firm. If they're hiring such unskilled talent, I don't think I could trust them to store my personal and private data securely.
Virtualization is probably the greatest training technologies ever created, especially for the Network Administrator and Server Administrator.
I disagree, strongly.
He already said he's using his own server for educational purposes. If he breaks something, he'll have to fix it.
We learn by doing, there is no other way.
Also, the virtual platform can be hard to set up and optimize itself, and can cause confusing or misleading stats from your platform's performance monitoring tools.
obviously no deficiencies vs. no obvious deficiencies
When you all started out, what route did you take to pick up the server setup and maintenance skills you have now?
We went to school and took a job at something we're good at.
"Violence is the last refuge of the competent, and, generally, the first refuge of the incompetent" - Thing_1
First off, Optimization is less important.
You can spend days, week, or even longer... trying to make your systems run better and with fewer problems... but problems will crop up. And if you spent all that time just "Optimizing," you might find yourself between a rock and a hard place...
I learned early on that Backups are ever so important. Our shop doesn't do tape backups, but we do Disk-to-Disk backups of our virtual machines, and the backups are off-site. We also do a traditional file backup as well, with versioning.
Depending on your shop, money may or may not be an issue. Whatever you want to do, it can be done for every budget. The cheaper ways just require more time/expertise on your part, and that means it might not pass the "Mack Truck Test*." If your company wants something somebody else can step in with a basic training of how things work, you'll have to go with a more expensive solution.
Once everything is working like it should, then start working on improving it.
--Pathway
*: The Mack Truck Test - If a system requires some expertise to operate, and the sysadmin is hit by a Mack Truck, how long will it take for somebody else to fill the role of sysadmin? If the amount of time is acceptable to the employer, then it passes the Mack Truck Test.
10 bucks says he is owned in under a week....
Nothing beats experience, throw a box up on the net unprotected with no real data on it and
see how long you can make it survive. Hint: securing the machine at the os level is the easy
part, securing the crap code someone wrote running on it is the real challenge. In my experience
it is very seldom someone gains access using a os exploit as a means to gain entry. More often than
not the box is behind a firewall, nothing but port 80 open to the world. Also, do yourself a favor
and read up a little on implementing a dmz which is a absolute must.
Got Code?
I read this as, "hey can you guys help me keep a job I got by schmoozing and am completely unqualified for?"
This is a real kick in the nuts to someone like me, who as a certified Linux administrator with more than 6 years of real working experience, can't find work because I'm too expensive or not such a good bullshit artist as yourself. I'm an honest guy who gets the job done and always has professional behavior in the workplace.
You should be ashamed of yourself. This is why I would love to see a professional administrators association. Human Resources and others in charge of hiring aren't very effective at separating the wheat from the chaff.
They're using their grammar skills there.
I really really really hope you will royally screw up some day, end up as news, and get fired. Who the fuck do you think you are to give that kind of "advice"? You seem to be convinced that "trained, skilled people" don't make mistakes. Wrong, we all make mistakes, no matter how trained, skilled, or experienced you are. Instead of that troll of a comment, why don't you post a list of books he can read, sites he can visit, or stuff he can get? Oh, because you're just a stupid troll who has no idea either? Thought so.
While your advice is good, it's off topic and not directly related to his question, which was optimization. You can run an unoptimized VM just as easily as you can run an unoptimized real machine. Furthermore, the VM host can benefit from optimizations and must be at least stable to run VM's in the first place. This guy is new, lets not ask him to run 2 servers (VM Host + VM) on 1 system right out of the gate. It's all in a days work for some of us, but this guy is new and wants to learn.
That said, I'll drop my 2 cents onto the original question. One of the problems with learning to run a webserver is that traffic doesn't happen overnight. What runs great when you're browsing your websites may not run so great when 10 or 100 people are simultaneously viewing your website.
Setting up LAMP is fairly well documented, but writing and running efficient applications is not. You should look into methods of traffic generation to simulate real-world loads (stress testing). I'm not talking about a looped wget --delete-after, maybe give a few stress testing articles a read
"Lame" - Galaxar
Taking a job where you don't have any experience is fine when you have someone to learn from. However, having cleaned up my fair share of messes, or as I call them 'live learning environments'. I would suggest you start working for someone with experience AND play in a virtual environment.
Virtualization is the future but this career field is beyond the infantile stage of hiring someone with no experience and having them in charge of your business. Entry level admins aren't THAT expensive. What do I mean by that? Most IT workers can halt a business if not destroy it completely with less than a day's work. There is a certain working order to getting to know how to do things right. Do tech work, watching the seasoned admins do their job well and getting in on the front lines. When you have learned all you can from them, move on to a new business or move up where you are. Don't take someones business and brag about how good you are because you are too proud to take an entry level position. Then then call up /. crying because you are in over your head.
I mean good lord, the number of people in the last 6 months I have had to work with in forums because they didnt understand what FSMO roles were, or what a port was, or get this having to clean up a router because the idiot thought that /24 meant 1-24. (their router had been like that for almost a year).
My advice? Quit and take a job where you can learn from someone, check your ego and learn. All you are going to do by yourself is pick up a bunch of bad habits and a HUGE ego because no one is going to be there to tell you how much of an idiot you are being.
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
People only buy them because of their accomplishment, not realy to use the book because obviously anyone who buys those topics are either ignorant or professional. Attractive only of the small printing style, unique animal, and tacky colors. Let this die already. Save the paper.
Which, unfortunately, isn't that common.
Experience is the best teacher, but unfortunately it's not a particularly fast one. Anyone on /. can point you at a few interesting things like Slackware, Google and O'Reilly's back catalogue, and plenty of people already have.
What I would advise is:
1. Learn to see past the bullshit. There's a lot of it in IT, generally being spewed by salesmen and managers who pretend they know more than they do. In my experience, the less intelligible the communication (ie. the more buzzwords), the more likely it is you're talking to someone who doesn't have a clue. The word "Enterprise" is a good barometer there - it's often used completely unnecessarily and in the IT world has almost zero meaning.
Example: A Dell 2950 with every component that can be made redundant made redundant isn't an "Enterprise Server". It's a server. If you haven't specced it with redundant power supplies and disks, I wouldn't even class it as a server. It's a PC in a very expensive case.
2. Sometimes it's worth paying for a solution. /. would have you believe that Open Source is the Answer to All Our Prayers, and that Richard Stallman is the Messiah. Not true - there are plenty of products which don't have a half-decent open source alternative. Courier is a great IMAP server but at the end of the day, Exchange is a very capable product and is fantastically hard to beat feature-wise. Zimbra comes close but who knows what kind of a future it's got as it's owned by Yahoo. And I defy you to find a F/OSS business accounts system which isn't half-arsed. You can't say to the tax authorities "Errr... about those accounts we're due to submit - yeah, we just realised that our accounts system hasn't been updated to account for the recent changes in tax law and so we're having to wait until it is. Don't know how long that will take".
3. Security, security, security. Understand the ideas rather than just mindlessly installing the patches - a hardened Apache installation with a locked down PHP configuration behind a firewall operating some fancy layer 7 intrusion prevention system is great, and will help mitigate many forms of attack - but at the end of the day if you've got a badly designed PHP application all that'll happen is that intruders will access your data through a pretty web-based user interface.
4. Look at what the business does right now, think of how things could be made better and put together a system to make things better. It doesn't necessarily have to be something that will see the light of day - it could just be feasibility checking - but it'll give you something useful to do with definite goals which will teach you a great deal and at the same time may very well benefit the business.
I'd recommend the notebook approach, but I prefer to use a wiki. There's less chance of it being destroyed ... because the first thing you learned was how to make backups wasn't it.
A Wiki is better because:
you can cut and paste commands into it without errors - including urls
you can always read what you type into it
you will never spill coffee over it
age will never destroy it
you will never lose it in the office moves
you can share it with your colleagues
it will always be there when you're doing things at your computer (assuming you work with LAMP)
you can upload zips of config files, packages, etc
Whilst you could store passwords on it, I'd recommend against doing that :) a notebook (or keepass) is much better for them.
Set up an application server for a social group of people with whom you have a common interest; and with no connection to your employer. Don't spend an extra-ordinary amount of time on this outside project. This will teach you:
1) time management -- managing technology is 90% about managing time and non-technical people's expectations. People in social groups tend to understand this server is not a priority. Business users of business systems tend to be more demanding. Learning what is important is key.
2) communication skills -- when people's primary income is not dependent upon you providing a technical service, the users will often be more forthcoming in helping you maintain the server by being more communicative.
3) mentoring -- you will learn your technology much faster when you have to teach another. Working on an application server a couple nights a month in a relaxed social situation often provides insights the pressured environment of the workplace cannot provide.
Every mans' island needs an ocean; choose your ocean carefully.
No, but you enable optimisation thereby.
In system design, abstraction is one of the best things you can do for performance, because it forces you to insulate your components from each other, and forces you to think about the interfaces through which they interact.
In an appropriately abstracted system, if you find a performance problem, you can then swap out a piece and swap in a new one, and everything should still work. Or you can move a virtual server onto a new physical server, and everything should still work.
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
called.
VMWare's corporate owner decided to turn it into a conforming, completely not distinct, part of their bureacracy, and the founder/CEO of VMWare quit ( or Was Gotten Rid Of ), for insisting that VMWare required focus, management devoted to *its* function and survival in *its* market...
http://www.theinquirer.net/gb/inquirer/news/2008/07/09/emc-sacks-vmware-ceo-takes
http://www.marketwatch.com/news/story/vmware-shares-hit-competition-executive/story.aspx?guid={07369773-A431-4E60-9BE7-BFEE779EFD32}&dist=TQP_Mod_mktwN
Notice that competition is heating up ( Microsoft is committed to eradicating 'em ), and their overlord is committed to preventing them from having the autonomy to survive...
One thing that is consistent: if a company has focus on what it's doing, it can endure.
If it hasn't, because it does too many things, in too many directions, its profitability dies, then it starts doing the slash and burn style of management, then customer support goes to hell, then the spend time and resources taking their chunk of the market down with them.
( anyone here remember the cost of going with Caldera? )
Ah, not VBox, but VirtualBOX, I think.
After 5 years you look around and say "Wow! Lot's of things have changed!"
After 10 years it's "Everything has changed!"
After 30 years it's "Everything's just like a mainframe. I'm tired. I think I'll take a nap"
On what planet does Debian/Ubuntu get deployed in corporate environments for anything other than trivial tasks?
*MEEP.* (annoying buzzer sound + sign 'Do not hire.' flashing)
Earth. 3rd one out from the closest sun.
From where I'm standing, SuSE and RedHat are both "semi-professsional" wannabee distros. Ever since an update install of SuSE 8.0 required a powercycle with a SuSE CD and a KB attached and would only display that in a GUI screen which you only saw if you attached a Monitor to VGA 1 on the box in question, SuSE has had something of a Toy department feel to it. I remember people doing a remote server update and wondering for days what problem was, as something like this is actually unimaginable in the *nix world.
I love SuSE, I started off with SuSE 5 and 6, but time is way passed and Debian is the way to go. Today I'd might give Ubuntu Server a try aswell. Especially since LAMP seems to be a total zero-fuss issue with it.
Anything for which Debian 'isn't professional enough' (whatever that means anyway) is big enough to move to Sun HW and Solaris and armies of tie-wearing consultants and flocks of Sun Certified Whatevers filling stacks of Servers into airconditioned rooms upwards of 30m^2. Burning wads of my bosses cash and having me sitting at a desk, shooing interns about. ... And a scantly clad, barely legal pyt secretary tending to my needs.
No room for SuSE or RedHat here.
But honestly now: Everybody can shove in a RH CD and call themselves an admin. Debian people use debian because its better and they are good enough to know why. Sounds like a safer hire, doesn't it? But then again, that's just me and I've only been doing Linux since ... 11 years now.
Whatever, YMMV.
But you should look into Debian.
We suffer more in our imagination than in reality. - Seneca
Doing custom kernel builds has a few disadvantages:
- possible no easy updates/upgrades/security-patches
- with Linux it's really easy to change hardware in case of a failure, if you compile a custom kernel, you can't just copy the filesystems and start it up on different hardware (which is an option I prefer to keep open)
New things are always on the horizon