Final Project:  ITI-481 UNIX Administration, Section 13

Chris Uriarte, Instructor      

 

The goal of the final project for this class is to allow you to take the information from each of our meeting and apply it to some type of real world situation.  The world of system administration presents new challenges everyday.  It’s not important for you to know and remember every detail about UNIX systems to be a successful administrator.  It is very important, however, that you become familiar with the general concepts and theory that go into managing a UNIX system and solving problems.    Examining real world situations, experimenting on your own and making mistakes are usually the best ways to develop those concepts.

 

I have developed two case studies that are very real world in nature.   It is your job to pick one of the case studies, address the implementation issues involved and present them to me in a comprehensive and organized manner.  Over the past 6 weeks, you have obtained a good amount of resources that you can use to help find the answers to the problems presented to you.  Some of those resources include:

 

• Your textbook
• Class notes and web links I posted on the web or in class
• The greatest research tool in the world, the Internet.
• Me (use sparingly, since this is meant to challenge you)

 

While you won’t actually perform any hands-on configuration for the project, you should use your account on the ITI machine to help you reference configuration files, file systems, software installations, etc. on a running system.

 

You should prepare your response to these problems in an electronic format and submit it to me via email, either as Microsoft Word document (preferred) or in a plain email message.  Your answers should be comprehensive and include the names of specific software packages, configuration files and the specific modifications that you will make to them.  Here’s an actual question and answer from the final project of a Computer Networks class I once taught:

 

Question:  How would you address the network security issues associated with this configuration?

 

Student’s Answer:  I’d call in a security consultant and use his advice.

 

This is an example of a bad answer.   Explain yourself!  I am interested in reading what you have to say.

 

I admit it.  Some things in the problems just aren’t fair.  I will ask you to explain some things that we never covered in class.    But hey, welcome to the real world!  I know that each of you can do your best in researching the problem and coming up with a solution.

 

The project should be delivered to be no later than 8am on November 1.  I will be posting solutions to the problems as soon as I get into my office that morning. 

 

In addition to your responses to the problems presented below, please include a 1 or 2 paragraphs that answer the following questions:

 

1. What is your opinion of this project?  Do you have any suggestions for a better project? (Keep in mind that it is impossible to do a “hands-on” project).
2. What is your overall opinion of this course?  What were the best parts?  What were the worst?  How can we improve it?

 

So without any further ado…

 

 

CASE 1:  The Web Cluster

Your boss needs you to setup a new cluster of servers that will be used for a new high-traffic website that you company is building.  In a clustered web environment there are usually multiple machines with the same configuration.  Web requests are distributed to each of those different machines in a number of different ways.  It’s not your job to figure out how the traffic gets distributed between these machines, but it is your job to make sure they are configured correctly as stand-along web servers.  Your boss gives the following list of requirements:

 

• The cluster should be comprised of 6 machines running the newest version of a major Linux distributions.
• Each server should run an industry-accepted, commercial-grade web server software platform.
• For security reasons, the only Internet services the web server should run are:  the web server software, ftp and telnet.  Furthermore, ftp and telnet access should be restricted to you’re your local LAN, which is in 206.20.36.* IP address block.
• Since the webmasters will have to distribute their content (web pages, images, web applications, etc.) to 6 different machines, the usernames and passwords they use should not only be synchronized between each of those machines, but synchronized in real-time.  In other words, if a password is changed by a user who is logged into one machine, it should automatically be updated on all the other machines in the cluster.
• Once the machines are setup, you will need to copy 300 megabytes of web content to each of the machines.  This content current resides on the company’s older Linux server.
• It has been demonstrated that non-essential services like gated, gpm, lpd,  pcmcia, routed, and samba greatly slow down the performance of the web server.  Therefore, these services should be disabled.
• The company requires a “web traffic summary” report on a weekly basis for each of the web servers.  This report shows the number of “hits” to a website, the addresses of the clients accessing the site, total bytes transferred, etc.

 

 

The Project:

 

• Describe, in detail, what approach you will use in building this system to the specifications described above.
• Describe the software packages this installation requires.
• Describe any issues related to hardware specifications, operating system installation, and disk partitioning.
• What web server software will you use and why?
• How will you disable unnecessary Internet services so that only the required services are running on the server?
• How will you restrict access to the telnet and ftp services, as described above?
• How will you transfer the existing 300 MB of content from the older server to your new servers?
• How will you disable unnecessary system processes like (gated, gpm, lpd. etc.) on the system?
• How will you produce the requested “web traffic summary” as described above.  How can you arrange it so this type of report is automatically generated and emailed on a weekly basis?
• How will you synchronize username, password and group information across each machine?
• What other issues should you consider when building this configuration?  Are there major details that are missing in the specification your boss provided?

---

 

 

 

 

CASE 2:  The Development Server

Your boss needs you to setup a new Linux server that will be used by a group of company programmers.   He gives you the following list of requirements:

• The cluster should be comprised of 6 machines running the newest version of a major Linux distributions.

• There will be approximately 50 developers who will require accounts on this machine.
• The developers write code in the C, Perl and Java programming languages.  They will log directly into this machine to create, compile and test code.
• This machine will also be the primary e-mail server for the developers.  Some of the developers will use terminal-based mail clients like Pine or Elm to read their email;  others will use POP3 and IMAP mail clients like Netscape Messenger and Microsoft Outlook to read their mail.
• For security reasons, ftp and telnet access to this machine should be restricted to you’re your local LAN, which is in 206.20.36.* IP address block.  Other Internet services, such as finger, talk, ntalk, daytime and chargen should be disabled from the system
• The developers need a tool that helps them monitor system processes, memory and CPU usage.
• Developers should not have write-access to the files written by other developers, which helps control the versions of source code on the system and prevents accidental overwriting.  There are 10 Senior Developers, however, who should have full read and write access to the files created by every other developer on the system.
• Rather than having to type the email address of all 50 developers each time an email needs to be distributed to every developer, the developers require some type of mechanism that will allow them to create email distribution lists.  For example, sending an email to developers@system-name should send an email to every developer on the system;  sending email to srdevelopers@system-name should send email to only the senior developers, etc.

 

 

The Project:

 

• Describe, in detail, what approach you will use in building this system to the specifications described above.
• Describe the software packages this installation requires.
• Describe any issues related to hardware specifications, operating system installation, and disk partitioning.
• What Internet services are required to meet the system specifications?  How do you implement each of them?
• How will you restrict access to the ftp and telnet services, as described above?
• How will you control the file access issue described above?  (file sharing restricted between developers; full access given to senior developers)
• How will you implement the email distribution list issue described above?
• What monitoring tools can the developers use to monitor system processes, CPU and memory usage?
• What other issues should you consider when building this configuration?  Are there major details that are missing in the specification your boss provided?