sponsors
Full Training Program
Full Day
Rik Farrow began working with UNIX system security in 1984 and with TCP/IP networks in 1988. He taught his first security class in 1987 and started teaching internationally the following year. He has been a consultant since 1980 and has advised both firewall and intrusion detection companies in the design of their products. Rik has published two books, one on UNIX security and the other on system administration. He designed a five-day, hands-on class in Internet security for internal use by the Department of Defense. He wrote the "Network Defense" column for Network Magazine for over six years and is currently the editor of ;login:, the USENIX magazine. Rik lives with his wife in the high desert of northern Arizona, where he continues to work and do research, and he still ventures out to teach.
Lincoln 2 Room
Linux servers start out very secure; it's what you do with them when you use them that can create insecurities. A straight Linux server install runs minimal services and has few users and a very restrictive firewall, which is a great security posture but is pretty useless for most purposes. As users are added, services enabled, and holes punched through the firewall, the security can deteriorate quickly.
This class will show you how to maintain a strong security posture through careful configuration and proper use of Linux tools and services. Linux contains tools and software that can be enabled to slow brute-force attacks against user accounts, can notice when your accounts have weak passwords or are under attack, can keep services and software up to date, and can sandbox applications to prevent even zero-day attacks. The class will focus on attacks most recently seen, including attacks on mail and Web servers.
Linux system administrators and security managers familiar with Linux system administration, whether you manage a handful or clusters of Linux systems.
Techniques for securing and maintaining Linux servers.
- Minimizing risk with appropriate restrictions
- Managing and tracking application vulnerabilities
- Sandboxing to prevent attacks
- Monitoring logfiles
- Updates and configuration management
John Looney graduated from Computer Applications at Dublin City University, and specialized in supporting high-end commercial UNIX environments. He noticed that Irish sysadmin administrators had no formal training opportunities, and set up the Irish Linux User Group to provide a community and monthly free training sessions on the latest open source technologies to over 400 Irish engineers. He ran LinuxWorld Dublin in 2000. While at Hosting365 he built Ireland's largest shared hosting infrastructure for 30,000 customers on a shoestring budget.
Today, he's a Site Reliability Engineer responsible for Google's cluster infrastructure; initially the cluster fabric, GFS and Chubby, and more recently the datacenter automation and remote access technologies. He has built a five-month full-time graduate program to take junior engineers and retrain them to take the pager for Google.com. John is on the Computing Committee for Engineers Ireland.
Thurgood Marshall North Ballroom
Truly large-scale systems are still rare; in a world of outsourcing and cloud computing, it's harder for system administrators to get the opportunity to design large systems. It's even harder to get the design right. Most organizations don't have the in-house expertise to build a large system and thus outsource the detailed design to external contractors. If your organization doesn't have the expertise to design a large system, it's unlikely that it has the expertise to confirm a proposal is fit for purpose and cost-effective.
While anyone can wave their hands convincingly and come up with a rough outline of a large distributed system, those who also can fill in the detail are highly prized. This class will teach you how to design software systems like Imgur and Twitter, then estimate the hardware needed to ensure you can deliver to an SLA. You will learn how requirements like queries-per-second, multi-site reliability, and data-security impact the cost of implementation.
This will not cover concurrent programming and the software-engineering side of distributed systems.
System administrators, SREs, and DevOps who have some familiarity with distributed systems, server hardware, and systems programming, especially those who would like to work with, procure, or build large distributed systems.
The ability to design large distributed systems, to evaluate design proposals, and to explain such designs to third parties.
- Design patterns for large distributed systems
- Monitoring large-scale systems
- Large-scale design workshop and presentations
- Non-abstract design; taking a design and producing a "bill of materials"
- Designing for failure; how to work around rack, networking, and datacenter failures
Half Day Morning
Steven is a sysadmin on the Site Reliability Engineering team for Stack Exchange (operators of great Q&A sites such as Server Fault and Stack Overflow) and a Microsoft MVP in PowerShell. Steven also leads two local user groups, the Greater Milwaukee IT Pro User Community and the Greater Milwaukee Script Club. He speaks regularly to local user groups and can be found at various conferences.
Thurgood Marshall South Ballroom
Do you find yourself repeating a task often? Do you have to retrieve information or change settings on a number of servers or users at once or regularly? Do you find clicking repetitively just too slow to keep up?
If you answered any of these questions with a "Yes," don't miss this half-day class. We will cover a number of ways to make you more productive in less time—and it is far easier than you may think possible.
System administrators and anyone else who wants to be more productive on the Microsoft Windows platform.
Usable commands and patterns to make attendees more effective in working with the Windows platform, along with familiarity with the discovery patterns in PowerShell, so that they can continue to develop their skills.
- Introduction to PowerShell
- Finding the commands you need
- What's in the help files
- Discovering hidden gems in command output
- Working from the shell
- Navigating the file system, registry, and more
- Working with objects (everything in PowerShell is an object)
- Working with servers and workstations
- Discovering WMI/CIM
- Working with text
- Dealing with remote machines via WMI/CIM and PowerShell Remoting
- PowerShell Versions 2, 3 and the upcoming release of Version 4
Shumon Huque http://www.huque.com/~shuque/ is the Director of Engineering, Research, and Development for the University of Pennsylvania's Networking and Telecommunications division and also serves as the Lead Engineer for the MAGPI GigaPoP. He is involved in network engineering, systems engineering, and the design and operation of key infrastructure services at Penn (DNS, DHCP, authentication, email, Web, VoIP, Directory, etc). He holds Bachelor's and Master's degrees in computer science from Penn. In addition to his day job, Shumon teaches (part -time) a lab course on advanced network protocols at Penn's Engineering School.
Shumon is the principal IPv6 architect at Penn and has been running production IPv6 networks and services for almost a decade.
Wilson C Room
This class will provide system administrators with a detailed understanding of the DNS Security Extensions (DNSSEC). It will provide practical information about configuring DNSSEC using the popular ISC BIND DNS software and will cover both using DNSSEC to cryptographically sign your own DNS zones and configuring DNS resolvers to validate DNSSEC signatures. Many examples of DNS/DNSSEC querying and debugging using the "dig" tool and other diagnostic tools and programs will also be covered. The last part of the course will cover prospects for newer and more exciting uses of the DNSSEC by application protocols that are in the pipeline, such as DANE and TLSA records.
System administrators and engineers who are tasked with providing DNS services, as well as anyone interested in knowing more about how DNS and DNSSEC works.
A detailed understanding of DNSSEC with the basic knowledge to configure and deploy it.
- DNS protocol basics
- DNSSEC extensions and how they work
- Configuring, deploying, and troubleshooting DNSSEC
- Application uses of DNSSEC
John Sellens has been involved in system and network administration since 1986 and is the author of several related USENIX papers, a number of ;login: articles, and the USENIX Short Topics book #7, System and Network Administration for Higher Reliability. He holds an M.Math. in computer science from the University of Waterloo and is a Chartered Accountant. He is the proprietor of SYONEX, a systems and networks consultancy, and is currently a member of the systems team at Magna International. From 1999 to 2004, he was the General Manager for Certainty Solutions in Toronto. Prior to joining Certainty, John was the Director of Network Engineering at UUNET Canada and was a staff member in computing and information technology at the University of Waterloo for 11 years.
Thurgood Marshall West Ballroom
Nagios is a very widely used tool for monitoring hosts and services on a network. It's very flexible and configurable, and can be extended in many ways using home-grown or already existing extensions. This tutorial will cover the advanced features and abilities of Nagios and related tools, which are especially useful in larger or more complex environments, or for higher degrees of automation or integration with other systems.
Network and system administrators ready to implement or extend their use of the Nagios system and network monitoring tool.
The information you need to immediately implement and use the advanced features of Nagios and related tools for monitoring systems and devices on your networks.
- Theory of operation
- Configuration for more complex environments
- Plug-ins: Their creation, use, and abuse
- Extensions: NRPE, NSCA, NDOUtils
- Add-ons: Graphing, integration with other tools
- Abuse: Unexpected uses and abuses of Nagios
Half Day Afternoon
Steven is a sysadmin on the Site Reliability Engineering team for Stack Exchange (operators of great Q&A sites such as Server Fault and Stack Overflow) and a Microsoft MVP in PowerShell. Steven also leads two local user groups, the Greater Milwaukee IT Pro User Community and the Greater Milwaukee Script Club. He speaks regularly to local user groups and can be found at various conferences.
Thurgood Marshall South Ballroom
Have you found yourself writing little PowerShell scripts to help you day to day? Do you have to share these with co-workers? Do you remember what that script you wrote six months ago does or the parameters that it needs? Join me in learning how to take your PowerShell scripting to the next level.
System administrators or anyone with basic PowerShell experience who needs to take it to the next level and create reusable, production-ready commands.
A pattern for taking your basic scripts and functions and turning them into professional, pipeline-ready, production-oriented commands, and the ability to assemble modules, which are the method for organizing and distributing PowerShell commands.
- Using basic commands
- Developing scripts and functions
- Packaging scripts and functions as a solution that is reusable, redistributable, and usable with the maximum variety of input data
- Error handling
- Creating help files
- Working with the pipeline (for receiving input and processing data)
- A variety of tips and tricks to make your functions robust and practical
- The ins and outs of packaging your commands as modules, creating module manifests, and
things to consider with module development
Richard Elling has been designing and building dependable, networked computer systems to solve complex problems for more than 25 years. He was an early adopter of ZFS and has developed benchmarks and analysis techniques for evaluation of data protection schemes and performability of systems. He wrote Designing Enterprise Solutions with Sun Cluster 3.0 (Prentice Hall, 2002) and has authored many white papers, Sun BluePrints, and refereed papers on dependable systems and performability. He is a regular contributor to the ZFS community and is currently the Director of Solution Engineering for Nexenta Systems.
Thurgood Marshall East Ballroom
Linux systems offer a staggering number of options for file systems. With a bit of work, you can get pretty much any legacy file system to be recognized. However, for current production needs, only a very few of those many, many choices actually matter: Ext4, Btrfs, and ZFS. This course will discuss these three file systems in gory detail and present the results of a variety of performance tests, run/supervised by the presenter, which were designed to test the file systems in real computing operations (as opposed to benchmark scenarios).
System administrators who wish to understand the structure and performance of modern file systems from an in-use point of view. This is not a course for kernel hackers, though; people wanting an in-depth look at the VFS code will not have their needs met.
An understanding of the benefits of and differences between the three file systems under a variety of realistic scenarios.
- Virtual file system (VFS) overview
- Ext4 structure and goals
- Btrfs structure and goals
- ZFS structure and goals
- Performance results
Michele Chubirka, aka "Mrs. Y.," is a recovering UNIX engineer working in network security. She is also the host of the Healthy Paranoia podcast, the security feed of Packetpushers, and official nerd hunter. She likes long walks in hubsites, traveling to security conferences, and spending time in the Bat Cave. She sincerely believes that every problem can be solved with a "for" loop. When not blogging or podcasting, she can be found using up her 15 minutes in the Twittersphere or Google+ as @MrsYisWhy.
Joe Weston is a workshop facilitator, consultant, and author of the book Mastering Respectful Confrontation. He is also the founder of the Heartwalker Peace Project, which creates opportunities for connection, discussion, and creative collaboration.
Wilson C Room
Why is the security industry so full of fail? We spend millions of dollars on firewalls, IPS, IDS, DLP, professional penetration tests and assessments, and vulnerability and compliance tools, and at the end of the day, the weakest link is the user and his or her inability to make the right choices. It's enough to make a security engineer cry.
The one thing you can depend upon in an enterprise is that many of your users, even with training, will still make the wrong choices. They will violate BYOD restrictions, click on links they shouldn't, respond to phishing scams, open documents without thinking, post too much information on Twitter and Facebook, use their pet's name as passwords, etc. But what if this isn't because users hate us or are too stupid? What if all our ignored policies and procedures regarding the best security practices have more to do with our failure to understand modern neuroscience and the human mind's resistance to change?
Humans are wired to be emotional beings. Emotions influence most of our decisions, good and bad. In failing to understand how this is at the root of user non-compliance, no matter how much money we spend on expensive hardware and software, we will fail to achieve the goal of good organizational security.
Attendees will have the opportunity to practice various communication methods and conflict resolution skills that will improve their ability to motivate change in their organizations.
Sysadmins and security professionals who need tools to improve user security compliance in their organizations.
Critical mind hacks for improving your professional lives as well as your relationships with others, achieved through "hacking the human," not by software or hardware.
- The affective neuroscience behind risky behavior
- Collaborative communication methods and conflict resolution skills to crowdsource the goal of organizational security
David is the Director of Technology at the Northeastern University College of Computer and Information Science and the author of the O'Reilly book Automating System Administration with Perl.
David has spent the last 27+ years as a system/network administrator in large multi-platform environments, including Brandeis University, Cambridge Technology Group, and the MIT Media Laboratory. He was the program chair of the LISA '05 conference and one of the LISA '06 Invited Talks co-chairs. David is also the recipient of the 2009 SAGE Outstanding Achievement award and is honored to serve on the USENIX Board of Directors.
Thurgood Marshall West Ballroom
Every sysadmin I know has at least four new technologies they would like to play with—and that's just before breakfast. But finding the time to do this can be difficult, often because of the effort it takes to find a machine, set up the network connection, firewall it from the other machines, and so on... If you want to try something that requires multiple components, that's even worse.
What you need is a sandbox: a place where you can experiment with new technologies, mess with cool tools, test the latest versions of software, prototype new services, and so on, without any sort of heavyweight effort.
Sysadmins who want to test technologies safely and efficiently.
The ability to build your own sysadmin sandboxes.
- Using software and services like Git, Vagrant, and Amazon EC2 to make sandbox construction easy and free/inexpensive
- When a sandbox approach is and is not appropriate
- Migrating your work in and out of sandboxes
- How to share the work you've done in a sandbox with others
Full Day
Shumon Huque http://www.huque.com/~shuque/ is the Director of Engineering, Research, and Development for the University of Pennsylvania's Networking and Telecommunications division and also serves as the Lead Engineer for the MAGPI GigaPoP. He is involved in network engineering, systems engineering, and the design and operation of key infrastructure services at Penn (DNS, DHCP, authentication, email, Web, VoIP, Directory, etc). He holds Bachelor's and Master's degrees in computer science from Penn. In addition to his day job, Shumon teaches (part -time) a lab course on advanced network protocols at Penn's Engineering School.
Shumon is the principal IPv6 architect at Penn and has been running production IPv6 networks and services for almost a decade.
Wilson C Room
The Internet is facing an imminent exhaustion of IP addresses. IPv6, the next-generation Internet Protocol, is designed to address this problem, among other things. If you have not yet started to deploy IPv6, now is the time. The "World IPv6 Launch" event took place in June 2012, and major industry players such as Google, Facebook, Comcast, Yahoo!, Akamai, and Cisco already support IPv6, with many others coming on board in the near future. You need to be next!
This tutorial will provide a detailed introduction to IPv6 and will also cover practical aspects of configuring and using IPv6 in networks, operating systems, and applications. Basic knowledge of IPv4 is assumed, but no prior knowledge of IPv6 is necessary. The course will go over the basics of IPv6 and dive into the details you need.
System administrators, network administrators, and application developers who need to prepare for migration to IPv6, and anyone who wants a general introduction to IPv6 and what is involved in deploying it.
An understanding of IPv6, with the basic knowledge to begin designing and deploying IPv6 networks, systems, and applications.
- The current IP address landscape and the motivation for IPv6
- IPv6 addresses and protocol details
- DHCPv6
- DNS
- Tunneling
- Configuring hosts and application services
- IPv6-related security topics
Branson is a 25-year veteran of system administration and security. He started as a cryptologist for the US Navy and has since worked on NASA shuttle projects, TSA security and monitoring systems, and Internet search engines, while continuing to support many open source projects. He founded sandSecurity to provide policy and technical audits, plus support and training for IT security, system administrators, and developers. Branson currently is a systems architect for NASA; has his CEH, GSEC, GCIH, and several other credentials; and generally likes to spend time responding to the statement "I bet you can't."
Thurgood Marshall West Ballroom
System administrators often run into interesting conflicts between sysadmin, customer, and IT security needs. These conflicts generally lead to difficulty in achieving a balance between administrative convenience, good customer service, and minimal risk. There are processes or services available that can significantly improve any of these areas; however, many times they are costly or resource intensive. This course is designed for system administrators who want to improve the security posture of their organizations, using IT security standards paired with good system administration practices, resulting in better service, lower risk, and minimal impact to time and budget.
We will walk a path, covering many domains of IT security and enterprise system administration in ways that utilize the interconnection between good system administration practices and security fundamentals. We will discuss recent risks and threats, analyze them with respect to your environment, review possible impacts and develop mitigations that you can apply immediately. Training includes instruction, discussion, many hands-on labs, and a strong dose of common sense.
Attendees should bring a laptop capable of running a Virtual Guest and will be provided a VM in which to work. The class will have access to a test network of systems for training and lab exercises. You will return to your organization with a toolbox of documentation, (mostly) free software, and a good starting point for developing better practices to improve security and system administration.
Beginning to mid-level system administrators of any stripe with an interest in IT security and a desire to improve their security. It is suggested that participants have experience with the *nix command line.
Documentation, tips, tricks, and tools tailored to your environment that can be implemented to improve security posture, processes, and operations in your organization.
- The relationship between system administration and IT security
- Security theories, standards and risk mitigation as applied by SA's
- Information management using Trac and Subversion
- Good system administration practices that directly improve IT security
- Basic configuration driven system management using Puppet
- Host and network auditing, hardening, and monitoring
- Developing an effective security awareness program
Half Day Morning
Mike Ciavarella has been producing and editing technical documentation since he naively agreed to write application manuals for his first employer in the early 1980s. His first UNIX system administration role was on a network of Sun workstations in 1991, where he built his first firewall. Since that time, Mike has made a point of actively promoting documentation and security as fundamental aspects of system administration. He has been a technical editor for Macmillan Press, has lectured on software engineering at the University of Melbourne (his alma mater), and has provided expert testimony in a number of computer security cases.
Thurgood Marshall North Ballroom
Automation is critical to surviving your system administration career with your sanity, hair, and systems intact. If you can automate some or all of a task, then you stand to make considerable gains in personal productivity, task repeatability, and system predictability.
So how can you achieve this state of nirvana? The answer is scripting.
This class is a practical crash course in how—using a combination of bash, Perl, and friends—you can write useful scripts that solve real-world system administration problems.
Please note that this is a hands-on class. A basic understanding of programming ("What's a loop?") and how to edit files in your favorite flavor of •nix are assumed. Attendees will need to bring a laptop with OS X, Linux, or FreeBSD installed to complete in-class tasks.
If there is sufficient interest, we will schedule a BoF for scripting challenges, where we can work them out interactively as a group.
Junior and intermediate sysadmins who are new to scripting or would like to create scripts to reliably automate sysadmin tasks.
An understanding of how to apply standard utilities in your scripts, along with recipes for automating typical administration tasks.
David Nalley is a recovering systems administrator of 10 years. David is a member of the Apache Software Foundation, and a Project Management Committee Member for Apache CloudStack. David is a frequent author for development, sysadmin, and Linux magazines and speaks at numerous IT conferences.
Thurgood Marshall South Ballroom
In this half-day class, we'll give system administrators an understanding of IaaS clouds, with the reference implementation being Apache CloudStack. We'll cover everything from initial configuration to scaling and maintaining availability.
Intermediate to advanced sysadmins or enterprise architects wanting to deploy a production Infrastructure as a Service cloud. Experience with virtualization platforms and a deep understanding of L2/L3 networking are preferred but not required.
What you need to deploy an IaaS cloud, based on Apache CloudStack, in an enterprise environment.
- Deploying Apache CloudStack
- Next-generation network topologies, including SDN
- Scaling storage without becoming indentured to SAN vendors
- Making CloudStack scale to tens of thousands of physical nodes
- Maintaining availability in a "failure-is-assured" environment
When he's not teaching LISA attendees how to conduct interviews or become a senior system administrator, Adam works as a software developer and senior system administrator, but only to support his hobby of judging barbecue contests and to keep food in his puppy's bowl.
Harding Room
Do you know how to interview a system administrator? Do the questions you ask elicit specific, narrowly-focused information, or do they show you both the depth and breadth of a candidate's knowledge of a particular subject or technology? Do you know how to distinguish between a candidate who is just trying to bluff through the interview and one who has some knowledge of the field but hasn't yet become an expert? Are trick questions ever appropriate, and if so, when and why? Some questions shouldn't be asked, and some would even land you in hot water with your company's HR or legal department: do you know what those questions are? Finally, have you figured out how to help a candidate do well in an interview while still getting an objective and fair assessment of their skills?
If you answered "no" or even "I'm not sure" to any of these questions, this course is for you.
This tutorial will focus on techniques for interviewers, but even sysadmins who are just starting out will learn some things to use as an interviewee. Managers of system administrators and junior sysadmins will learn, among other things, how to interview someone who knows more than you do. Junior administrators will also learn how to respond (as an interviewee) when asked a bad question, in particular, how to turn it into a better question.
System administrators of all levels of experience, as well as managers of system administrators.
Increased confidence in your ability to weed out the posers and hire really great sysadmins.
- Purposes of an interview
- To assess the candidate's technical skills
- To get a feel for the candidate's personality and interpersonal skills
- To learn whether a candidate is likely to be a good fit with the company and with the IT group
- To help the candidate figure out whether he wants this job and whether he is likely to do well in the position
- Maybe even to teach the candidate something new about system administration
- Basic questions to bear in mind
- Is the candidate comfortable?
- Does he need a drink or a bathroom break?
- Does she know who you are and what your role in the company is?
- Preparatory questions
- What are you really trying to learn about the candidate's skills, and why?
- What makes a good question good?
- What makes a bad question bad?
- How can you turn bad questions into good ones?
- When is it appropriate to ask a trick question, and why?
- What questions can't or shouldn't you ask?
Nicole Forsgren Velasquez is considered an expert in the work, tools, knowledge sharing, and communication of technical professionals and has served as co-chair of WiAC '12, WiAC '13, and CHIMIT '10, as well as on several LISA program committees. Her background spans user experience, enterprise storage, cost allocation, and systems design and development. She has worked with large and small corporations across many industries and government.
Nicole holds a Ph.D. in Management Information Systems and a Masters in Accounting from the University of Arizona. She is a member of USENIX, ACM, AIS, AAA, LOPSA, and CSST. She is currently an Assistant Professor at Utah State University and her public work includes technical white papers, a patent, newsletter articles, and academic research papers. She has been a featured speaker at industry and academic events and was involved in the organization of the Silicon Valley Women in Tech group.
Carolyn Rowland began working with UNIX in 1986; her professional career as a UNIX system administrator took off in 1991. She currently leads a team of sysadmins at the National Institute of Standards and Technology (NIST), driving innovation and supporting research projects for the Engineering Laboratory. She believes we need to increase the visibility of system administration by engaging senior leadership and tying our efforts to the priorities of business. Carolyn is also Secretary of the USENIX Board of Directors and the LISA '12 Program Chair. In 2011–2012 Carolyn began to focus on the community of women in computing, including co-chairing the first-ever USENIX Women in Advanced Computing (WiAC) Summit. She continued as co-chair of WiAC in 2013.
Thurgood Marshall East Ballroom
This tutorial provides guidelines and suggestions to improve the communication and collaboration of sysadmins and directly increase effectiveness when working with senior management.
This course is intended to provide you with skills that are associated with senior IT staff. The focus is on understanding the gap between IT operations and management and how to bridge that gap to increase respect for IT and improve your relationship with management. We will cover identifying your role within the organization, effective communication with upper management, positioning yourself to increase your visibility, and becoming the go-to person/group for IT within your organization.
Sysadmins who want to learn specific skills that allow them to work more effectively with senior management within the organization.
The ability to identify the management team relevant to IT in your organization; to plan branding, both individually and for your team; to compose effective emails that get results; to communicate effectively IT priorities and goals to management; to improve communication within the IT group; to translate business goals into IT priorities; to work collaboratively with management; to plan and conduct effective and efficient meetings; to return to work and start building that trusted IT adviser relationship.
- Examining the divide between management and IT
- Defining "management" within your organization
- How to communicate effectively between management and IT operations
- Demonstrating the value of your work in a way that management will understand
- Ways to communicate the benefits of supporting a strong IT presence
- Knowledge and information management
- How to develop a collaborative relationship with your management that enables both sides to be successful
Half Day Afternoon
Mike Ciavarella has been producing and editing technical documentation since he naively agreed to write application manuals for his first employer in the early 1980s. His first UNIX system administration role was on a network of Sun workstations in 1991, where he built his first firewall. Since that time, Mike has made a point of actively promoting documentation and security as fundamental aspects of system administration. He has been a technical editor for Macmillan Press, has lectured on software engineering at the University of Melbourne (his alma mater), and has provided expert testimony in a number of computer security cases.
Thurgood Marshall North Ballroom
The humble shell script is still a mainstay of UNIX/Linux system administration scripting languages, despite the wide availability of alternatives such as Perl, Python, TCL, and other similar languages. This class details techniques that move beyond the quick-and-dirty shell script.
Intermediate system administrators or anyone with a solid knowledge of programming and with some experience in Bourne/Korn shells or their derivatives.
An understanding of how to use the "lowly" shell to achieve lofty goals.
- Common mistakes and unsafe practices
- Modular shell script programming
- Building blocks: awk, sed, etc.
- Writing secure shell scripts
- Performance tuning
- Choosing the right utilities for the job
- Addressing portability at the design stage
- When not to use shell scripts
David Nalley is a recovering systems administrator of 10 years. David is a member of the Apache Software Foundation, and a Project Management Committee Member for Apache CloudStack. David is a frequent author for development, sysadmin, and Linux magazines and speaks at numerous IT conferences.
Chiradeep Vittal is Principal Architect in the Cloud Platforms Group at Citrix Systems. He is a maintainer in the Apache CloudStack project where he contributes to networking and storage parts of the Infrastructure-as-a-Service (IAAS) management system. He was a founding engineer at Cloud.com whose product CloudStack is now incubating at the Apache Software Foundation. CloudStack is deployed in more than 100 public and private clouds and powers some of the largest clouds in the world today.
Thurgood Marshall South Ballroom
Networking has been relatively static for decades. We've seen increases in speed, but many of the traditional topologies are inherently limited. Innovative networks are quite different. If you look at public services, such as AWS, or large private cloud deployments, you see that their networking topology looks contrary to everything that's been standard for years. In this half-day class we'll reexamine what limitations there are and what innovative options exist to remove those limitations.
Advanced system or network admins with a deep understanding of L2/L3 networking who want to learn about new networking technologies that are enabling scaling networks.
Knowledge of emerging networking standards and where they are best used.
- How massive public and private clouds build their networks to ensure scalability
- How software defined networks work
- Technologies worth looking at: VXLAN, NVGRE, GRE
When he's not teaching LISA attendees how to conduct interviews or become a senior system administrator, Adam works as a software developer and senior system administrator, but only to support his hobby of judging barbecue contests and to keep food in his puppy's bowl.
Harding Room
The USENIX Short Topics in System Administration book Job Descriptions for System Administrators is a fine work, and one might think that it could be used as a roadmap by sysadmins looking to advance their careers. However, the book limits itself to the words that might appear in a job posting, and is necessarily concise. Furthermore, the book emphasizes specific technical skills without much emphasis on the myriad "soft" skills a senior admin needs. A good senior system administrator needs to know more than just what's in the job description, and needs to know why these additional skills are required.
So what's a junior or mid-level sysadmin to do? Why, take this tutorial, of course!
Adam will go far beyond just reading the requirements listed in the book by providing an analysis of what is meant by the requirements and why a broad range of skills is often necessary to meet a single requirement. "Hard" skills will be balanced with "soft" skills such as professional ethics, job performance, and conduct in the workplace. To some attendees' dismay, Adam will also explain why a senior system administrator needs to be good at talking to both the least skilled users and the highest executives, and why being able to talk to these people is even more important for the most senior administrators than for the most junior.
Junior and mid-level sysadmins who want advice and direction on how to advance their careers.
The skills you need to learn, as well as an understanding of why you need to learn them and why many of those skills have more to do with business and management than system administration; ideas for how to go about learning what you need beyond this course.
- "Hard" skills, "soft" skills
- The LISA Job Description Levels
- Working definitions
- Aim of this talk in terms of these definitions
- "Hard" skills
- "System" knowledge
- User commands
- Administrative commands
- Boot process, run levels, and init files
- Technologies (RAID, back-ups, etc.)
- Theory
- Implementation
- Configuration management (systems)
- Networking
- Hardware
- Protocols
- Applications
- The kernel
- Layout/data structures
- Filesystems
- Devices
- Programming skills
- Shell (and awk and sed and...)
- Perl
- Python, Ruby, and others
- C and maybe assembler
- Basic S/W engineering
- Revision control
- Configuration management (software)
- Knowing when to get help
- Standards
- What's on your bookshelf
- "Understanding the system"
- "System" knowledge
- "Soft" skills
- The real role of a sysadmin
- Understand business
- Attitude and professionalism
- Interacting with customers
- Professional growth
- Learning
- Getting help
- Conferences and training
- Going beyond Sysadmin Level IV
- "Slightly squishy" (not hard, not soft—or both)
- Project management
- System design and analysis
- Technical
- Business (cost/benefit)
- Budgeting
- More interacting with customers
- Interacting with management
- Professional growth (again)
Nicole Forsgren Velasquez is considered an expert in the work, tools, knowledge sharing, and communication of technical professionals and has served as co-chair of WiAC '12, WiAC '13, and CHIMIT '10, as well as on several LISA program committees. Her background spans user experience, enterprise storage, cost allocation, and systems design and development. She has worked with large and small corporations across many industries and government.
Nicole holds a Ph.D. in Management Information Systems and a Masters in Accounting from the University of Arizona. She is a member of USENIX, ACM, AIS, AAA, LOPSA, and CSST. She is currently an Assistant Professor at Utah State University and her public work includes technical white papers, a patent, newsletter articles, and academic research papers. She has been a featured speaker at industry and academic events and was involved in the organization of the Silicon Valley Women in Tech group.
Carolyn Rowland began working with UNIX in 1986; her professional career as a UNIX system administrator took off in 1991. She currently leads a team of sysadmins at the National Institute of Standards and Technology (NIST), driving innovation and supporting research projects for the Engineering Laboratory. She believes we need to increase the visibility of system administration by engaging senior leadership and tying our efforts to the priorities of business. Carolyn is also Secretary of the USENIX Board of Directors and the LISA '12 Program Chair. In 2011–2012 Carolyn began to focus on the community of women in computing, including co-chairing the first-ever USENIX Women in Advanced Computing (WiAC) Summit. She continued as co-chair of WiAC in 2013.
Thurgood Marshall East Ballroom
This tutorial provides guidelines and suggestions to support core business processes and directly increase effectiveness when working with senior management.
Sysadmins who want to learn specific skills that allow them to work more effectively with senior management within the organization. This course is intended to provide you with skills that are associated with senior IT staff.
The ability to write a basic capital proposal, including net present value analysis; to draft a budget, complete with impacts; to understand how to sell a technical concept to management and other non-techies; to prepare basic rationale for a technical capability with reference to a specific organizational goal; and to understand how metrics are used by management, as well as identify and calculate relevant metrics.
- Navigating the capital expenditure process: understanding the capital cycle, how to write a capital proposal, and basic net present value analysis
- Budgeting 101: the importance of the budget, how to draft a budget, selling your budget to management, and the importance of including impacts
- How to sell an IT concept to non-IT people (e.g., agile development, DevOps, cloud computing)
- Positioning IT as a valuable asset to the organization: understanding your organization's core business and linking the contribution of IT to that business (e.g., if security is a primary focus for the company, ensure that IT is protecting the organization's critical assets)
- Untangling IT metrics: the importance of metrics, selecting the right metric, developing your own, and using metrics effectively
- Managing resources: projecting resource allocation within IT, prioritization and strategic planning, and big-picture view of IT's contributions
Full Day
Guido Trotter a Senior Systems Engineer at Google, has worked as a core Ganeti developer and designer since 2007. He is also a regular conference speaker, having presented at LISA, Fosdem, Linuxcon, Debconf, and other open source and community gatherings. He mostly speaks about Ganeti, virtualization in the open source world, and Linux networking features for virtualized environments.
Helga has been a Google Software Engineer since 2011 and a member of the Ganeti core team since 2012. Inside Ganeti she implemented better network support, enhancements of storage handling, and various bug fixes. In her life before Google she worked at a biotech company, bringing medical analysis robots to life. She is a member of the German Chaos Computer Club and has given talks at their conferences, including one at 28c3 about hearing aid technology and one at the OpenChaos Cologne about C#/.Net. At university her focus was on data-mining and pattern recognition; she participated successfully in various data-mining competitions.
Thurgood Marshall South Ballroom
Ganeti is a cluster virtualization system developed mostly at Google but used by many organizations worldwide. Businesses and groups can leverage the power of Ganeti to easily and effectively manage fleets of physical hosts and use them to schedule virtual machine guests.
Reasons for choosing Ganeti include that it is very lightweight, it is simple to install and manage, and it doesn't demand special storage hardware.
System engineers interested in using virtualization and cloud technologies efficiently to consolidate systems and decouple physical hardware resources from virtual systems. Ideal participants are proficient with Linux/UNIX system administration and may already be using some virtualization technologies, but want to achieve a higher level of scalability for their systems by employing a cluster management technology such as Ganeti, without the need to invest money in specialized hardware resources such as SANs.
The knowledge needed to create and maintain your own Ganeti cluster, to provide an IaaS cloud or virtualized services.
- Setting up and managing a Ganeti cluster
- Ganeti internals: how to make changes
- Monitoring your cluster and dealing with failure
- Ganeti as a back end
- Typical and atypical use cases
Half Day Morning
Geoff Halprin has spent over 30 years as a software developer, system administrator, consultant, and troubleshooter. He has written software from system management tools to mission-critical billing systems, has built and run networks for enterprises of all sizes, and has been called upon to diagnose problems in every aspect of computing infrastructure and software.
He is the author of the System Administration Body of Knowledge (SA-BOK) and the USENIX Short Topics in System Administration book A System Administrator's Guide to Auditing. He was the recipient of the 2002 SAGE-AU award for outstanding contribution to the system administration profession.
Geoff has served on the boards of SAGE, SAGE-AU, USENIX, and LOPSA. He has spoken at over 20 conferences in Australia, New Zealand, Canada, Europe, and the US.
Wilson C Room
Starting at a new company gives you exactly one chance to do things differently, to establish a new approach, realign the team's efforts, and change the tenor of the discussion. To be effective in your new role as leader, you must establish a rapport with the other departments and with your team and take control of the work pipeline.
You've made the leap. You're about to start at a new company, maybe as a senior sysadmin, maybe as a team leader or manager. Now you're asking yourself, "What do I do first?"
Moving to a different company or being promoted internally gives us a unique opportunity to put aside the history of a site and take a new look with a clean set of eyes. If you're hired as the new team lead or manager, then knowing how you're going to get to know the new site and how you're going to get on top of any site consolidation activities is critical to your longevity in the role.
This class discusses the various aspects of moving from a tactical (bottom-up) view of system administration to a strategic (top-down) view. We cover the initial site survey, the first steps of identifying and cauterizing open wounds, and the process of systemic review and improvement.
Anyone starting or contemplating a new position, including making an in-house move that enables you to start over; anyone with a new boss who wants to understand and help that boss; anyone about to apply for a senior position who wants to take control of the interview process.
A set of tools and perspectives that will help you evaluate an environment, from company structure and pain points to IT systems and team skills, and help you engage a team in improvements to the department.
Part 1: A topical view
- Organizational awareness: The boss, the company
- The team: Assessing the team; first repairs
- Building the work pipeline; second repairs
- Systems and processes: Workflow management, change management, event management
- Round 1: Cauterizing the wound
- Round 2: Some early wins
- Round 3: The Big Three
- Systemic improvement programs
Part 2: A temporal view
- The first day
- The first week
- The first month
- The first hundred days
Jacob Farmer is an industry-recognized expert on storage networking and data protection technologies. He has authored numerous papers and is a regular speaker at major industry events such as Storage Networking World, VMworld, Interop, and the USENIX conferences. Jacob's no-nonsense, fast-paced presentation style has won him many accolades. Jacob is a regular lecturer at many of the nation's leading colleges and universities. Recently he has given invited talks at institutions such as Brown, Columbia, Cornell, Carnegie Mellon, Duke, Harvard, and Yale. Inside the data storage industry, Jacob is best known for having authored best practices for designing and optimizing enterprise backup systems and for his expertise in the marketplace for emerging storage networking technologies. He has served on the advisory boards of many of the most successful storage technology startups. Jacob is a graduate of Yale. Follow him on Twitter @JacobAFarmer.
Harding Room
There has been tremendous innovation in the data storage industry over the past few years. New storage architectures have come to market to challenge traditional SAN and NAS products with nimble new designs that are much better suited to serving the increasingly virtual nature of applications and server infrastructure. Meanwhile, the allure of cloud computing and the emergence of affordable enterprise-class solid state storage devices have inspired ever more innovative approaches to storage caching, tiering, and deduplication. This lecture is a survey of the latest trends and advances in the data storage industry. We trace the I/O path from application to storage media and look at a wide variety of solutions to the ever-changing challenges of data storage.
System administrators running day-to-day operations, enterprise architects, storage administrators. This tutorial is technical in nature, but it does not address command-line syntax or the operation of specific products or technologies. Rather, the focus is on general architectures different ways to tackle various storage management challenges.
A better understanding of modern storage architectures, various approaches to scaling in both performance and capacity, and a framework for comparing and contrasting various types of storage solutions.
- The storage I/O path and the fundamentals of storage virtualization
- Application acceleration with solid state storage devices (SSDs)
- Automated tiered storage and information life cycle management (ILM)
- Deduplication of primary storage
- Object storage models and content-addressable storage
- Leveraging the cloud for primary storage
Theodore Ts'o has been a Linux kernel developer since almost the very beginnings of Linux: he implemented POSIX job control in the 0.10 Linux kernel. He is the maintainer and author of the Linux COM serial port driver and the Comtrol Rocketport driver, and he architected and implemented Linux's tty layer. Outside of the kernel, he is the maintainer of the e2fsck filesystem consistency checker. Ted is currently employed by Google.
Thurgood Marshall North Ballroom
Ever had a hard drive fail? Ever kick yourself because you didn't keep backups of critical files, or you discovered that your regularly nightly backup didn't succeed?
Of course not: everybody keeps regular backups and verifies them to make sure they are successful. But for those people who think they might nevertheless someday need this information, this tutorial will discuss ways of recovering from storage disasters caused by failures somewhere in the hardware or software stack.
Linux system administrators and users.
How to recover from storage disasters caused by failures somewhere in the hardware or software stack.
- How data is stored on hard drives
- Recovering from a corrupted partition table
- Recovering from failed software RAID systems
- Low-level techniques to recover data from a corrupted ext2/3/4 filesystem when backups aren't available
- Using e2image to back up critical ext2/3/4 filesystem metadata
- Using e2fsck and debugfs to sift through a corrupted filesystem
- Preventive measures to avoid needing to use heroic measures
Thomas A. Limoncelli is an internationally recognized author, speaker, and system administrator. His best-known books include Time Management for System Administrators (O'Reilly) and The Practice of System and Network Administration (Addison-Wesley). He received the SAGE 2005 Outstanding Achievement Award. He works at Stack Exchange in NYC.
Thurgood Marshall West Ballroom
Attendees must bring a laptop for in-class exercises. Techniques will apply to any wiki or collaborative document system, but the labs and demos will be done using Google Apps.
All sysadmins who want to collaborate efficiently within their team and with others (even solo sysadmins will benefit!).
Techniques to help your IT team work better, faster, and more transparently.
- Collaborate online with collaborative documents, shopping lists, and Kanban tools.
- Go from "firefighting" to working on more interesting projects
- Create meetings that don't suck
- Hold team members accountable for tasks they take on
- Cross train team members more effectively with fire drills (DevOps "Game Day" exercises)
- Train people on new services more effectively
- Eliminate problems due to inconsistent processes
- Send more effective emails
- Launch new services without "oops"
- Document how things work so everyone can go on vacation
Joshua Jensen has been working with Linux for 15 years, and is a Senior Open Source Architect for Sirius Computer Solutions. He has worked in the past as the Lead Linux IT Architect for Cisco Systems, and was Red Hat's first instructor, examiner, and RHCE. At Red Hat he wrote and maintained large parts of the Red Hat curriculum: Networking Services and Security, System Administration, Apache and Secure Web Server Administration, and the Red Hat Certified Engineer course and exam.
Thurgood Marshall East Ballroom
Does your software development project need a butler? Is your development team guilty of writing great code while only sporadically testing it? Does pushing your code-base to production make your programmers call in sick? Enter Continuous Integration with Jenkins. Learn how this open source project can improve your development by consistently and continuously automating your software project tasks.
Junior and intermediate DevOps administrators in need of sanity when testing and deploying software.
Real-world usage of Jenkins for better automation of testing and deployment with your team's software project.
- Continuous Integration concepts and best practices
- Jenkins introduction and configuration
- Jobs, job history, and build artifacts
- SCM integration and job triggering
- Jenkins cluster farming: multi-node management made easy
- Authentication considerations
- Jenkins plugins
- Distributed builds for heterogeneous architectures
- Build/test/deploy pipelines
Half Day Afternoon
Jeanne has a background in system administration, working with FreeBSD, Solaris, Linux, and Windows. She has worked at a number of companies in the Internet industry, including a regional ISP, a video hosting company, and, for the past six years, Afilias, a Registry and DNS service provider. In her current role of Service Delivery Manager at Afilias, she is owner and manager for key ITIL processes including continual service improvement, release and deployment management, change management, problem management, and incident management. She also manages projects geared toward site reliability and disaster recovery. Jeanne got her BA from Vassar College and did graduate work at the University of Toronto in Medieval European studies, teaching Latin in her pre-IT years.
Wilson C Room
The only good disaster recovery plan is the one that actually works when you need it. How do you ensure readiness? How do you know that your plan is aligned with the business objectives of your company? Are you having trouble getting buy-in from management to fund your design? How do you prevent both your disaster plan and design from being out of date just weeks after implementation? This tutorial will provide a step-by-step framework for implementing a DR project through the ITIL Lifecycle approach to IT Service Continuity Management. I will demonstrate how to create a process for ongoing management of your disaster recovery capabilities and to ensure that you are proactively improving your plan and design.
System administrators and managers who are responsible for disaster planning and ensuring that the plan is ready when disaster strikes, whether you have a current strategy in place or are starting from scratch.
A step-by-step framework for designing and implementing your DR strategy, and for making sure that your plan is ready when you need it.
- Service Continuity Management: Introduction
- What's a process
- What are the benefits for DR
- Every process should have an explicit, documented purpose
- What you need to start and how it fits into actually implementing DR
- Lifecycle approach to IT Service Continuity Management
- Initiation: establish management intention, define policies, define scope, agree on objectives, initiate the project
- Requirements and strategy
- Implementation
- Ongoing operation and maintenance
- Ensuring ongoing support as well as continual improvement
- Embed an element of continual improvement to ensure that you are always looking at ways to improve technologies, procedures, capabilities, costs
- Process considerations
- Service Continuity and related processes: availability, capacity, and IT security management
Jacob Farmer is an industry-recognized expert on storage networking and data protection technologies. He has authored numerous papers and is a regular speaker at major industry events such as Storage Networking World, VMworld, Interop, and the USENIX conferences. Jacob's no-nonsense, fast-paced presentation style has won him many accolades. Jacob is a regular lecturer at many of the nation's leading colleges and universities. Recently he has given invited talks at institutions such as Brown, Columbia, Cornell, Carnegie Mellon, Duke, Harvard, and Yale. Inside the data storage industry, Jacob is best known for having authored best practices for designing and optimizing enterprise backup systems and for his expertise in the marketplace for emerging storage networking technologies. He has served on the advisory boards of many of the most successful storage technology startups. Jacob is a graduate of Yale. Follow him on Twitter @JacobAFarmer.
Harding Room
Most IT organizations report exponential data growth over time, and whether your data doubles every year, every two years, or every five years, the simple fact remains that if your data capacities double, then both the capacity and the performance of your backup system must double. All of this doubling stresses traditional approaches to data management. Thus, it is no surprise that backup/recovery is one of the most costly and unforgiving operations in the data center. Meanwhile, most IT organizations also report that the vast majority of their unstructured data is seldom or never accessed. Files accumulate year after year, choking the backup systems and driving up costs.
This course explores two main ways to manage the data deluge: (1) optimize backup systems by eliminating bottlenecks, streamlining operations, and bulking up backup infrastructure; and (2) manage the life cycles of unstructured data so that files that are not in active use can be managed separately from files that are in active use. We start by offering a simple framework for defining business requirements and comparing solutions at a high level. We then delve into the various mechanisms for lifecycle management and for eliminating backup system bottlenecks. Some time is spent exploring storage systems that have built-in mechanisms for data protection and lifecycle management.
System administrators involved in the design and management of backup systems and policymakers responsible for protecting their organization's data.
Ideas for immediate, effective, inexpensive improvements to your backup systems and a vision for how you might deploy a lifecycle management system that fits your organization.
- Formulating strategies for data protection and lifecycle management
- Identifying and addressing backup system bottlenecks
- Managing fixed content
- Hierarchical storage management and data migration
- In-band versus out-of-band approaches to file lifecycle management
- Breathing new life into tape storage
- Deduplication: separating hype from reality
- Object-based storage models for backup and archiving
- Self-healing and self-protecting storage systems
- Leveraging the cloud for backup and archiving
Mike Ciavarella has been producing and editing technical documentation since he naively agreed to write application manuals for his first employer in the early 1980s. His first UNIX system administration role was on a network of Sun workstations in 1991, where he built his first firewall. Since that time, Mike has made a point of actively promoting documentation and security as fundamental aspects of system administration. He has been a technical editor for Macmillan Press, has lectured on software engineering at the University of Melbourne (his alma mater), and has provided expert testimony in a number of computer security cases.
Thurgood Marshall North Ballroom
Particular emphasis is placed on documentation as a time-saving tool rather than a workload imposition.
System administrators who need to produce documentation for the systems they manage.
The ability to make immediate, practical use of these documentation techniques.
- Why system administrators need to document
- The document life cycle
- Targeting your audience
- An adaptable document framework
- Common mistakes in documenting
- Tools to assist the documentation process
Thomas A. Limoncelli is an internationally recognized author, speaker, and system administrator. His best-known books include Time Management for System Administrators (O'Reilly) and The Practice of System and Network Administration (Addison-Wesley). He received the SAGE 2005 Outstanding Achievement Award. He works at Stack Exchange in NYC.
Thurgood Marshall West Ballroom
You want to innovate: deploy new technologies such as configuration management (CFEngine, Puppet, Chef), a wiki, or standardized configurations. Your coworkers don't want change. They like it the way things are. Therefore, they consider you evil. However you aren't evil; you just want to make things better.
Anyone who wants to improve processes and learn about managing change.
The communication, analysis, and persuasion skills you need to make your workplace better.
- Helping your coworkers understand and agree to your awesome ideas
- Convincing your manager about anything—really
- Turning the most stubborn user into your biggest fan
- Getting others to trust you so they are more easily convinced
- Deciding which projects to do when you have more projects than time
- Making decisions based on data and evidence
- Driving improvements based on a methodology and planning instead of guessing and luck
Joshua Jensen has been working with Linux for 15 years, and is a Senior Open Source Architect for Sirius Computer Solutions. He has worked in the past as the Lead Linux IT Architect for Cisco Systems, and was Red Hat's first instructor, examiner, and RHCE. At Red Hat he wrote and maintained large parts of the Red Hat curriculum: Networking Services and Security, System Administration, Apache and Secure Web Server Administration, and the Red Hat Certified Engineer course and exam.
Thurgood Marshall East Ballroom
We are evolving from a single service running on a single server, complete with multiple points of hardware and software failure... but to what? With services and platforms that need to be restored before our pagers or Bat Phones ring, the system administrators of today have a need for high availability. Starting with the current realities of modern data centers, this half-day tutorial will explore practical uses of Linux clusters.
Linux administrators who are planning on implementing a multi-service fail-over cluster implementation in a production environment. Course attendees should be familiar with the basics of system administration in a Linux environment. At no point will the word "cloud" be used, although novice administrators and gurus alike should leave the tutorial having learned something.
The knowledge and ability to create and administer highly available services and filesystems on a Linux cluster.
- Linux HA Cluster technology: Corosync, OpenAIS, rgmanager, Conga
- Data management with shared disk implementations: SAN, iSCSI, AoE, FCoE
- Node fencing with STONITH
- Network power switches and IPMI
- Clustered logical volume management
- GFS2 filesystems with Distributed Lock Manager (DLM)
- Service management with failover domains
- Virtual machines as a cluster service
- Cluster administration with luci
- Working with cluster-unaware services
Full Day
Theodore Ts'o has been a Linux kernel developer since almost the very beginnings of Linux: he implemented POSIX job control in the 0.10 Linux kernel. He is the maintainer and author of the Linux COM serial port driver and the Comtrol Rocketport driver, and he architected and implemented Linux's tty layer. Outside of the kernel, he is the maintainer of the e2fsck filesystem consistency checker. Ted is currently employed by Google.
Lincoln 4 Room
The Linux operating system is commonly used both in the data center and for scientific computing applications; it is used in embedded systems as small as a wristwatch, as well as in large mainframes. As a result, the Linux system has many tuning knobs so that it can be optimized for a wide variety of workloads. Some tuning of the Linux operating system has been done "out of the box" by enterprise-optimized distributions, but there are still many opportunities for a system administrator to improve the performance of his or her workloads on a Linux system.
This class will cover the tools that can be used to monitor and analyze a Linux system, and key tuning parameters to optimize Linux for specific server applications, covering the gamut from memory usage to filesystem and storage stacks, networking, and application tuning.
Intermediate and advanced Linux system administrators who want to understand their systems better and get the most out of them.
The ability to hone your Linux systems for the specific tasks they need to perform.
- Strategies for performance tuning
- Characterizing your workload's requirements
- Finding bottlenecks
- Tools for measuring system performance
- Memory usage tuning
- Filesystem and storage tuning
- NFS performance tuning
- Network tuning
- Latency vs. throughput
- Capacity planning
- Profiling
- Memory cache and TLB tuning
- Application tuning strategies
Stuart Kendrick is an IT Architect at the Fred Hutchinson Cancer Research Center, specializing in troubleshooting, device monitoring, and transport. He started his career in 1984, writing in FORTRAN on Crays for Science Applications International Corporation; he worked in help desk, desktop support, system administration, and network support for Cornell University in Ithaca and later Manhattan. He has been in his multi-disciplinary role at FHCRC in Seattle since 1993, where he functions as ITIL problem manager/problem analyst and leads root cause analysis efforts. He is happiest when correlating packet traces with syslog extracts and writing scripts to query device MIBs.
Hoover Room
This version of the class is aimed at the mid-level sysadmin. You manage servers and/or network gear, look at packet traces, poke through logs—but wouldn’t consider yourself an expert at any of this. You want a chance to tackle the problem on your own, then want guided practice on technique: analyzing a packet trace for performance problems, extracting insights from trending charts, correlating log entries from multiple devices. In this version of the class, we spend time together reviewing concepts (e.g., caching and spindles), applying techniques (e.g., Wireshark features), asking questions (e.g., TCP, SMB, and NFS). In addition to the technical contributors, each team will need a problem manager—perhaps a senior engineer, perhaps a resource or project manager comfortable with coordinating teams of techs.
Troubleshooting is hard. In hindsight, the answer to a problem is often obvious, but in the chaos and confusion of the moment—with too much data flowing in, time pressure, misleading clues—slicing through the distractions and focusing on the key elements is tough. This is a hands-on seminar: you will work through case studies taken from real-world situations. We divide into groups of 5–7, review a simplified version of Advance7′s Rapid Problem Resolution (RPR) methodology, and then oscillate on a half-hour cycle between coming together as a class and splitting into groups. During class time, I will describe the scenario, explain the current RPR step, and offer to role-play key actors. During group time, I will walk around, coaching and answering questions.
The course material includes log extracts, packet traces, strace output, network diagrams, Cacti snapshots, and vendor tech support responses, all taken from actual RCA efforts. Preview the deck to get a feel for how your day will look. BYOL (Bring Your Own Laptop) for some hands-on, interactive, team-oriented, real-world puzzle solving.
System administrators and network engineers tasked with troubleshooting multidisciplinary problems; problem managers and problem analysts wanting experience coordinating teams.
Practice in employing a structured approach to analyzing problems that span multiple technology spaces.
Case studies:
- Remote Office Bumps: A remote office ties back to the campus via a 10MB circuit. Intermittently, opening documents on the campus-based file-server is slow, printing is slow, Exchange appointments vanish…
- Many Applications Crash: Outlook crashes, Word documents fail to save, Windows Explorer hangs: The office automation applications servicing ~1500 users intermittently report a range of error messages; users reboot their machines. Some days are fine, other days are terrible, and the symptoms are worsening…
Nathen Harvey is a Technical Community Manager at Opscode, the company behind Chef. Nathen is the co-organizer of DevOps DC and the Washington DC MongoDB Users' Group, and co-host of the Food Fight Show, a podcast about Chef and DevOps. Like many others who blog, Nathen updates his blog on a very irregular basis. When not working or hosting meetups, Nathen enjoys going to concerts, drinking craft beer, and over-sharing on sites like Twitter, untappd, and Foursquare.
Washington 5 Room
This full-day tutorial will provide the attendee with a hands-on introduction to the Chef configuration management system for performing common automation tasks. Each exercise will be instructor-led, and introduce new Chef concepts along the way. We'll cover the Anatomy of a Chef Run, Chef's Authentication Cycle, how to build roles, manipulate configuration through data in attributes, use Chef's search API for dynamic configuration, and more.
Sysadmins interested in using Chef to meet their configuration management needs.
Hands-on experience configuring Chef and writing Chef cookbooks. The mixture of tutorial and hands-on teaching in this course gives attendees real exposure to Chef concepts, software, and configuration. The material in this course is intended to bootstrap the attendees' knowledge and provide them with the ability to immediately work with Chef outside of the course.
- Set up a local workstation with Chef and connect to a Chef server
- Write your first Chef cookbook
- Use Chef to automate installation of a Nagios server as a real world example
- Automate some common system tasks with Chef
Full Day
David Beazley is the author of the Python Essential Reference and has been an active member of the Python community since 1996. He is most widely known for creating several Python-related open-source packages, including SWIG (a tool for building C/C++ extension modules to Python) and PLY (a Python version of the lex/yacc parsing tools). In the 1990s, while working at Los Alamos National Laboratory, he helped pioneer the use of Python on massively parallel supercomputers. From 1998 to 2005, he was an assistant professor at the University of Chicago, where he taught courses on operating systems, networks, and compilers. Dave is currently the owner of Dabeaz LLC, a company specializing in Python software development and training courses.
Madison AB Room
Python is a dynamic programming language that is often described as a "scripting language" along with languages such as Perl, Tcl, and Ruby. Although Python is often used for scripting, it is actually a full-featured, general-purpose programming language that supports a wide variety of imperative, functional, and object-oriented programming idioms. It also includes a large standard library that provides support for operating system interfaces, networking, threads, regular expressions, XML, GUIs, and more.
In this class we'll take a comprehensive tour of the Python programming language and see how it can be used to solve a variety of practical problems. The class will illustrate important concepts through examples that primarily focus on data analysis, systems programming, and system administration.
Programmers who want to know what the Python programming language is all about and how it can be applied to a variety of practical problems in data analysis, systems administration, systems programming, and networking. Although no prior Python knowledge is required, attendees should already be experienced programmers in at least one other programming language such as C, C++, Java, or Perl. If you already know some Python, this tutorial will improve your skills.
A better understanding of what makes Python tick and an increased awareness of how it can be successfully applied to real-world problems.
The Python Language
- Basic syntax
- Core datatypes
- Control flow and exception handling
- Functions
- Generators
- Coroutines
- Modules
- Classes and the Python object model
- Decorators
- C extensions
Major library modules
- Text processing
- Operating system interfaces
- Network programming
- Internet programming
Practical Programming Examples
- Text parsing
- Data analysis and manipulation
- Processing log files
- Handling real-time data streams
- Controlling and interacting with subprocesses
- Interacting with web services
- Simple network programming
- Internet data handling
Stuart Kendrick is an IT Architect at the Fred Hutchinson Cancer Research Center, specializing in troubleshooting, device monitoring, and transport. He started his career in 1984, writing in FORTRAN on Crays for Science Applications International Corporation; he worked in help desk, desktop support, system administration, and network support for Cornell University in Ithaca and later Manhattan. He has been in his multi-disciplinary role at FHCRC in Seattle since 1993, where he functions as ITIL problem manager/problem analyst and leads root cause analysis efforts. He is happiest when correlating packet traces with syslog extracts and writing scripts to query device MIBs.
Hoover Room
This version of the class is aimed at the senior sysadmin. You have a decade or more experience in the industry, you are T-shaped (specialize in one or two areas but have expertise across a range of technologies), and you have accumulated numerous technical skills; now you want to deepen your meta-expertise. We will create the fog of war and then you’ll practice applying a methodology to focus your attention, working with your team to divvy up tasks, escalate key insights to each other, integrate clues from a range of sources, and produce reports for business leadership. In this version of the class, we spend more time in small groups and more time practicing communication skills than we do in the beginner version. In addition to the technical contributors, each team will need a problem manager—perhaps an unusually broad engineer, perhaps a resource or project manager comfortable with coordinating teams of techs.
Troubleshooting is hard. In hindsight, the answer to a problem is often obvious, but in the chaos and confusion of the moment—with too much data flowing in, time pressure, misleading clues—slicing through the distractions and focusing on the key elements is tough. This is a hands-on seminar: you will work through case studies taken from real-world situations. We divide into groups of 5-7, review a simplified version of Advance7′s Rapid Problem Resolution (RPR) methodology, and then oscillate on a half-hour cycle between coming together as a class and splitting into groups. During class time, I will describe the scenario, explain the current RPR step, and offer to role-play key actors. During group time, I will walk around, coaching and answering questions
The course material includes log extracts, packet traces, strace output, network diagrams, Cacti snapshots, and vendor tech support responses, all taken from actual RCA efforts. Preview the deck to get a feel for how your day will look. BYOL (Bring Your Own Laptop) for some hands-on, interactive, team-oriented, real-world puzzle solving.
Sysadmins and network engineers involved in trouble-shooting multidisciplinary problems; problem managers and problem analysts wanting experience coordinating teams.
Practice in employing a structured approach to analyzing problems which span multiple technology spaces.
Case studies:
- HPC Cluster Woes: Intermittently, interactive performance on a high-performance computing cluster grinds to a halt, nodes hang, jobs vanish from the queue…
- Storage Stumbles: Most of the company relies on an 800TB wide-striped storage system, with a multi-protocol (SMB, NFS, iSCSI) front-end from one manufacturer plugged into a Fibre-Channel attached back-end from another manufacturer. Intermittently, the back-end fries a disk, IO latency spikes, clients crash…
Lee Damon has a B.S. in Speech Communication from Oregon State University. He has been a UNIX system administrator since 1985 and has been active in LISA (formerly SAGE) (US) & LOPSA since their inceptions. He assisted in developing a mixed AIX/SunOS environment at IBM Watson Research and has developed mixed environments for Gulfstream Aerospace and QUALCOMM. He is currently leading the development effort for the Nikola project at the University of Washington Electrical Engineering department. Among other professional activities, he is a charter member of LOPSA and SAGE and past chair of the SAGE Ethics and Policies working groups. He chaired LISA '04, chaired CasITconf '11 and '13, and is co-chairing CasITconf '14.
Mike Ciavarella has been producing and editing technical documentation since he naively agreed to write application manuals for his first employer in the early 1980s. His first UNIX system administration role was on a network of Sun workstations in 1991, where he built his first firewall. Since that time, Mike has made a point of actively promoting documentation and security as fundamental aspects of system administration. He has been a technical editor for Macmillan Press, has lectured on software engineering at the University of Melbourne (his alma mater), and has provided expert testimony in a number of computer security cases.
Washington 4 Room
We aim to accelerate the experience curve for junior system administrators by teaching them the tricks (and effective coping strategies) that experienced administrators take for granted and which are necessary for successful growth of both the administrator and the site.
The class covers many of the best practices that senior administrators have long incorporated in their work. We will touch on tools you should use, as well as tools you should try to avoid. We will touch on things that come up frequently, as well as those which happen only once or twice a year. We will look at a basic security approach.
Junior system administrators with anywhere from little to 3+ years of experience in computer system administration. We will focus on enabling the junior system administrator to "do it right the first time." Some topics will use UNIX-specific tools as examples, but the class is applicable to any sysadmin and any OS. Most of the material covered is "the other 90%" of system administration—things every sysadmin needs to do and to know, but which aren't details of specific technical implementation.
Ideas about how to improve and to streamline your systems and your workload, and, just as important, where to look to find more answers.
- The five things every site should know
- Why your computers should all agree on what time it is
- Why root passwords should not be the same on every computer
- Why backing up every file system on every computer is not always a good idea
- Policies—where you want them and where you might want to avoid them
- Ethical issues
- Growth and success as a solo-sysadmin as well as in small, medium, and large teams
- Training, mentoring, and personal growth planning
- Site planning and roadmaps
- Logistics
- Books that can help you and your users
Full Day
James Sweeny is a Professional Services Engineer for Puppet Labs. He spends most of his time flying around the world helping companies solve their systems management problems, and ranting on endless tangents about the wonders of Puppet and open source software and he one day hopes to stop receiving phantom Nagios alerts from his past life as a sysadmin. Though he calls New York City home, he is rarely there, but is happy anywhere with good food and good beer.
Washington 4 Room
This training course is intended as a one-day introduction for technical audiences who want to understand and practice the main concepts of the Puppet Enterprise, Puppet Labs' IT automation software.
System administrators, IT managers, and any students who are new to Puppet Enterprise and need a better understanding of the concepts of Puppet combined with hands-on experience with basic Puppet coding and implementation.
The ability to discuss the benefits of Puppet Enterprise and to practice basic system administrator competencies in using the IT automation software to manage their infrastructure effectively.
- About Puppet technology
- Why Puppet?
- Modules and classes
- Puppet Agent and Puppet Master
- Additional Puppet concepts
- Puppet Forge
- Puppet Enterprise
- Puppet Labs technical curriculum and certification
David Rhoades is a senior consultant with Maven Security Consulting Inc. (www.mavensecurity.com). Maven Security Consulting Inc. is a Delaware corporation that provides information security assessments and training to a global clientele. David's expertise includes Web application security, network security architectures, and vulnerability assessments. Past customers have included domestic and international companies in various industries, as well as various US government agencies. David has been active in information security consulting since 1996, when he began his career with the computer security and telephony fraud group at Bell Communications Research (Bellcore). David has a Bachelor of Science degree in Computer Engineering from the Pennsylvania State University.
Steve Pinkham is a security researcher for Maven Security Consulting Inc. (www.mavensecurity.com). Steve has spent time in systems administration, programming, security research, and consulting. He dabbles in electronics and philosophy, and enjoys cheese and fine tea. If you're unlucky you might run into him wearing a backpack in some remote corner of the world. He holds a Bachelor of Science in Computer Science from Virginia Commonwealth University.
Lincoln 3 Room
As an increasing number of valuable corporate assets are made available over computer networks, having the ability to understand the types of threats facing your organizations as well as possessing the skills required to identify and mitigate flaws on your networks are increasingly important components of an organizations' risk posture.
This full-day course will enable IT professionals to better understand the methodologies, tools, and techniques used by attackers against their technical infrastructure, with the primary aim of helping them develop better defense methods and capabilities. Attendees will learn to perform basic technical security vulnerability assessment tasks and gain a strong foundation for future studies in host and network security assessment.
The workshop will use Kali Linux™, a collection of free and open source security tools many attackers and security practitioners use. Students will have access to a network of targets that will allow them to get hands-on experience, enhancing understanding of the process and tools, and how to effectively counter them. Guidance will be provided for continued learning after the course if students wish to go on to master the tools and techniques introduced in this course.
Auditors who want to understand better the methodologies, tools, and techniques used by attackers against their network and who need help developing better policy.
The ability to perform basic assessment tasks and a strong foundation for future studies in host and network security assessment.
- Discussion of current and emerging attacker methods, techniques, concepts, and tools
- Setting up and using Kali Linux, a collection of security tools (Kali is the successor to Backtrack)
- Understanding the basic steps an attacker uses to penetrate a network
- Discussing and using tools for network mapping and analysis
- Configuring and using the OpenVAS vulnerability scanner to audit network and host security
- Setting up and using Metasploit exploit framework to exploit found flaws
- Understanding password cracking, enabling you to craft better authentication capabilities and audit password strength
- An overview of building client-side exploits and basic anti-virus evasion techniques
- Understanding the common Web flaws of SQL injection and Cross Site Scripting (XSS), and demonstrating their impact on various applications and solutions
- References to remediate or implement compensating controls
Geoff Halprin has spent over 30 years as a software developer, system administrator, consultant, and troubleshooter. He has written software from system management tools to mission-critical billing systems, has built and run networks for enterprises of all sizes, and has been called upon to diagnose problems in every aspect of computing infrastructure and software.
He is the author of the System Administration Body of Knowledge (SA-BOK) and the USENIX Short Topics in System Administration book A System Administrator's Guide to Auditing. He was the recipient of the 2002 SAGE-AU award for outstanding contribution to the system administration profession.
Geoff has served on the boards of SAGE, SAGE-AU, USENIX, and LOPSA. He has spoken at over 20 conferences in Australia, New Zealand, Canada, Europe, and the US.
Lincoln 2 Room
As a technical expert, you have learned how to wield the keyboard to great effect to solve technical problems. But you have also learned that this is not enough. To be effective, you may need the support of others to get funding, approve, assist, contribute to, or support your work. People can make computers seem simple.
This tutorial is about becoming a more effective system administrator through improved communication skills. In part one, we will help you understand how communication works, so that it becomes a tool you can use instead of a source of frustration.
As you grow in seniority a funny thing happens: you are expected to pass that wisdom onto others. You are given projects to run, teams to lead, apprentices to mentor, and ever larger budgets to manage effectively. The one thing, however, that you almost never receive is management training. In part two, we will turn our attention to team management. Management, like any system, can be learned. There are tools, techniques and tips that you can call on to be effective in your "organization-facing" duties.
This is an immersion course.
System administrators who wish to learn tools and tips that will assist them to communicate more effectively with their managers, users, and other important constituents; system administrators who have found themselves (or are hoping, or anticipating with apprehension) being given responsibilities for "wetware systems" (i.e., other people).
A bag full of tools to help you be more effective in your people-facing activities.
- Oral communication (effective listening, effective talking, presentations)
- Written communication (progress reporting, technical documentation, writing proposals, buy-vs.-build evaluations, cost-risk evaluations, audit reports)
- Understanding others (understanding various communities, conflict resolution, personality types)
- Time management
- Risk management
- Project management
connect with us