Hide menu

TDDI41 Introduction to System Administration: Labs


These labs are being replaced! See course page! https://www.ida.liu.se/~TDDI41/

The lab instructions are beeing updated for 2020, See the course page for new information /~TDDI41/

Introduction

The preparatory labs should not take that long to finish as the instructions are fairly detailed.

This course has nearly 150 hours allocated to labs, but less than a third of that actually scheduled. Experience shows that many students will need all the hours allocated. Plan your work accordingly.

Questions? Check out the FAQ

Getting help om Covid-19 times

Due to the current circumstances with Covid-19, lab help and lab demonstrations will be provided through Microsoft Teams. In the course Teams-room there is a channel called Handuppräckning TDP031 TDDI41 where you can request help from a lab assistant. If you need help write a short message in that channel and one of the lab assistant will contact you.

Reports

Hand in your lab reports and automated tests after you finish each lab.

Recommended reading

Supplemantary information

Domain and host names Use group.sysinst.ida.liu.se as your DNS domain name (e.g. c1.sysinst.ida.liu.se). You may use any hostnames you want, but router, server, client-1 and client-2 are recommended.

Sharing virtual machines You cannot run the same group's virtual machines from more than one account at a time. If you do, only one group will have Internet connectivity. If you want both group members to be able to start the virtual machines from their own accounts, then adjust the permissions on the files installed on one of the accounts, and run everything from there. You are on your own here -- your lab assistant will probably not have time to help you troubleshoot this kind of setup.

Lab materials

The lab series consists of all the labs listed below.

Course information and instructions

First make sure you signed up in webreg:
TDDI41
TDP031

Inital labs (mandatory)

You should complete these no later than three weeks after the course starts. Use lab-1 (start_single.sh) QEMU-machine for these labs. The initial set of exercises consists of four labs, LXB (Linux basics), QEMU (familiarize yourself with QEMU), APT (basic package management) and TST (testing). You are required to complete these before starting the project.

    QEMU - Running virtual machines
    LXB - Linux Basics
    APT - Simple Debian Package Management
    SCT - Scripting and Testing

Project

Use lab-2 (start_project.sh) QEMU-machines for these labs.

The goal of the project is to install and configure a small network, similar to what one would see in a small company. The order of the labs is not entirely fixed, but the order listed below works pretty well

System overview
The system consists of one server, two clients and a router. All components are Linux systems with different software and configuration. The final system will be very similar to what you find in many smaller businesses: the only real difference in this case is the number of clients and the absence of a web server. The goal is an installation with high standards. In order to support many students on limited equipment, and in order to simplify certain aspects of the lab , we use virtual Linux systems for all components. The virtual systems run on a your workstation, and it is possible to do the labs remotely via thinlinc. Since virtual Linux instances really are full-fledged Linux systems, you will experience a very typical environment for a system administrator: all access to all machines is via a single text console or over the network.

Virtual Clients: The clients will be configured as standalone workstations. It will be possible to log in on them and perform daily work tasks, but they do not provide any network services. They rely on the server for user names and passwords, e-mail and other network services. The two clients should be nearly identically configured when you are finished.
Virtual Server: The server acts as a file server for the clients, handles authentication, email and other tasks. Any shared service (that both clients need) and any service that doesn't belong on either client goes on the server.
Virtual Router: The router handles network traffic between your network and outside network. The only service that is acceptable to run on the router is the network time service. Do not install DNS or any other service on the router.

Mandatory labs for grade 3

    NET - Networking
    DNS - DNS Fundamentals
    NTP - Network Time
    NIS - Network Information Service
    STO - Storage
    NFS - Network File Systems
NOTE In the new labs STO and NFS are merged into just STO. If you are doing the old labs both are mandatory.

Grade 4

Solve labs DNS,NTP, and NIS for grade 3 using a configuration management tool, such as Puppet, Anisble, Chef, or Salt. You are free to choose you the tool you feel is bets for you. Make sure you investigate the different tools before you choose, you are responsible for your choice. If you need an extra machine for configuration management tool, the startup script for you machines accepts an argument for the number of extra machines you need.
For example:
/home/TDDI41/uml/start_lab2_mate.sh 2 (starts your lab-network with two extra machines) TODO

Grade 5 TDDI41

Finish the assignmnet for grade 4, and implement one of the following.

  • KERBEROS: Extend your NIS installation to use Kerberos for authentication. Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.It works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Example on what should work: After login on to your client 1 (authenticating using kerberos), you should be able to access your account on client2 without having to use your password again (for a limited time period).

  • LDAP: Replace your NIS catalog service from previcous lab with LDAP. The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. LDAP comes in a few different implementations and versions, investigate what version and implementation is suitable for you system. Make sure you demonstrate your working version with NIS before you make any changes to your system.

Grade 5 TDP031: Kubernetes and deployment (updating)

Finish the assignmnet for grade 4, and implement the following.

  • Create a local kuberentes cluster on a single virtual machine
  • Deploy an application to your cluster

Page responsible: Anders Fröberg
Last updated: 2020-10-29