Semester: winter 2021/22
Lectures: Wednesday, 14:00 - 15:30, S3 (Vojtěch Aschenbrenner)
Labs:
  Tuesday, 10:40 - 12:10, SU2 (Vojtěch Aschenbrenner)
  Thursday, 15:40 - 17:10, SU2 (Vojtěch Aschenbrenner)
Page in SIS: NSWI106
Grading: Graded credit
Mailing list: nswi106@d3s.mff.cuni.cz | Registration | Archive

News

  • Every VM must have a user teacher with the following Public Key and ability to login via SSH. The user must be able to use sudo without password.

  • Please register to the mailing list. It will be the primary communication channel. If you enrolled to the course later, please check the archive.

Lectures

  • Lectures are intended as a discussion about tasks from Labs. In the beginning of the lecture there will be usually a test about technologies you used in the preceding Labs.
Date Topic Mandatory Before Class Preparation
29.9. Introduction, Networking basics, Test 0
6.10. Arch Linux Installation Guide, Test 1
13.10. Software Defined Networking, Test 2
20.10. Systemd, Test 3 systemd, systemd-networkd, Network Configuration, systemd-resolved, systemd/Journald, QEMU/Networking, qemu(1), vde_switch(1)
27.10. Routing, Packet filtering, DNS, Test 4 BGP, Router, Internet Sharing, NAT, DNS, Unbound, NSD
3.11. DNS cont’d, Paper, How DNSSEC Works, DNSVIZ.
10.11. DNSSEC, Test 5
24.11. E-mail, Test 6 Remind yourself how e-mail works and what MUA, MDA and MTA is. Have a practical knowledge about SMTP and IMAP. Examine headers of e-mails in your inbox. Be able to send e-mail via telnet.
1.12. E-mail Discussion Please come with questions and issues you experienced during e-mail system setup.
~~~8.12.~~~ ~~~IPv6, DNSSEC~~~ Canceled due to illness.
15.12.
On Zoom
Storage Aaron Toponce - ZFS Administration, Journaling file system, Copy-on-write, Btrfs
22.12.
On Zoom
Basic security, firewalls, containers, monitoring, cloud providers, specialized OS distributions… (Part 1/2)
5.1.
On Zoom
Basic security, firewalls, containers, monitoring, cloud providers, specialized OS distributions… (Part 2/2)

Labs

  • Homeworks are due to the beginning of subsequent labs.
Date Topic Goal (Homework)
30.9.
5.10.
Introduction, SSH, text editors, efficient command line, QEMU, VNC. Pick and learn how to efficiently use a text editor and shell. SSH to {c,d,e,f} servers with a short command, e.g. ssh c. Boot QEMU VM (on one of the servers) with any Linux LiveCD and connect to it via VNC. 1 point
7.10.
12.10.
Arch Linux Installation QEMU VM with installed Arch Linux and working networking setup. 1 point
14.10.
19.10.
Backbone Connection with VDE Connect VM to the backbone switch. Be able to SSH inside the VM. 1 point
21.10.
26.10.
Subnetworks The already installed VM is a router connected to backbone. Create 2 private vde switches and connect them to the router. Add 2 more VMs (VM2, VM3) connected to each of private switches. Be able to ping between VM2 and VM3. 1 point
2.11.
4.11.
Bird, BGP, DNS Working BGP, i.e. export own routes and import all available routes. Be able to ping VMs in private subnets of other students. Install recursive DNS server unbound and use it as your default DNS server for all VMs. Bonus: Install authoritative DNS server nsd and be able to resolve router.login.una IN A, i.e. drill a router.login.una @<nsd-ip>. 1+1 point
9.11.
11.11.
Authoritative DNS Primary nsd installed on 10.0.X.2 and secondary on 10.0.100+X.2 with AXFR enabled. {ns1,ns2,router}.login.una. IN A records and login.una. IN TXT record. TXT record should contain your X in X=<your X> format. .una domain has a root server at 10.0.0.1. Add it as a stub to your unbound so it can resolve all .una domains. Try drill login.una @10.0.0.1 and read response carefully. 1 point
16.11.
18.11.
Management and cleanup. Come with questions about tasks we already did! Create scripts to simplify management of your infrastructure. I.e. be prepared to quickly restore your infrastructure after hypervisor shutdown. Bonus: Automate creating new VMs with Ansible (or similar technology). 1+1 point
23.11.
25.11.
E-mail 1/2 Deploy Postfix and Dovecot to have working mail system at least for login@login.una. Store your emails in Maildir format and use plain text files for configuration. I.e. no database deployment. TLS is not mandatory. 0. Setup DNS. 1. Receive e-mails via SMTP (port 25). 2. Get e-mails via IMAP (port 993). 3. Send e-mails via submission (port 587). 4. Be able to use Thunderbird to send/receive e-mails. 5. Configure backup mail server (just postfix with relay_domains options). Debug tools: offlineimap, msmtp, swaks, telnet. 4 points
30.11.
2.12.
E-mail 2/2 This lab is intended as a consultation for your work-in-progress e-mail configuration. The e-mail task is due the upcoming labs.
~~~7.11.
9.12.~~~
~~~IPv6, DNSSEC~~~ Cancelled due to illness.
14.12.
16.12.
On Zoom
Storage 1. Attach 5x 1GB drive. 2. Setup MD-RAID (raid6) on all drives. 3. Encrypt the whole raid block device with LUKS. 4. Create LVM over the encrypted block device. 5. Create 3 logical volumes (LVs). 6. Format each logical volume with filesystem (xfs or ext4). 7. Try to boot with one “failed” drive disconnected. 8. Repair the array by connecting a new drive. 2 points
Bonus: 1. Attach 5x 1GB drive. 2. Format drives with btrfs (data raid5, metadata raid1). Enable compression and autodefrag. Create several subvolumes. 3. Simulate drive failure and drive replacement as before. Don’t forget to balance data. 4. Install snapper or btrbk and setup snapshotting every hour. 5. Send some snapshots to different machine. +2 points
21.12. Canceled Synchronization with another group
4.1.
6.1.
On Zoom
Basic security, firewalls, containers, monitoring, cloud providers, specialized OS distributions… Setup a simple firewall on your router. Rules for dropping all the trafic have to be present on INPUT and FORWARD chains. All services must continue to work. 2 points, deadline is whenever you want your grade

Grading

  • 80% of the final grade comes from homeworks assigned during labs.
    • Current homeworks score is stored in c:~/_homeworks.
  • 20% comes from the activity during discussions (labs and lectures) and tests at the lectures.
    • Current tests score is stored in c:~/_tests.
    • Being more active during the labs can pay for missing the lecture.
    • Missed tests can be fulfilled later in my office no later than one week after the lecture. (Limited to 2 tests.)
  • Current overall score and your grade is stored in c:~/_grade.
Grade Percent
1 >84%
2 75% – 84%
3 65% – 74%
4 <65%

Sources

man(1), ArchWiki, Google

25 Gigabit Linux internet router PC build How to send and reply to email

About

In the Introduction to Linux course you learned the absolute essentials for becoming a modern programmer. In this course you will learn topics, where Linux is the most advanced operating system in the world and why/where is used by companies like Google, Facebook, Microsoft, Twitter and simply said everyone.

  • Management of running daemons and services (systemd, runit). Logging, repeated tasks, process limiting (cgroups).
  • Block layer (device-mapper, md-raid, drbd, b-cache). You can do really exciting things with Linux Block Layer, e.g. encryption, caching or translational layers.
  • Advanced Filesystems (btrfs, zfs) with cool features like snapshots, checksums, multi device management, compression etc. Distributed filesystems for exa-byte storage.
  • Powerful networking setup. Firewall in a very broad sense. Servers (DNS, SMTP, IMAP, HTTP, VPN). Routing (BGP). Traffic analysis and monitoring.
  • Virtualization. Full virtualization with QEMU/KVM and containers with Docker/Podman, LXC or systemd-nspawn.
  • Automation with Ansible, Vagrant etc.
  • Powerful tools for debugging almost anything.
  • Advanced usage of BASH for scripting and system automation. Tips for powerful usage of shell.
  • And more, depending on the students’ demands and interests.

What to expect from the class

  • We DO NOT require any formal prerequisites. Everything can be learned on the fly however expect higher load if you don’t understand operating systems and networking basics.
  • We DO expect willingness to learn from the beginning of the semester till its end.
  • This course is very time consuming, you will need 2-4 hours every week of your off-school time. On the other side there is no exam, so you will have 6 credits for work during the semester.
  • You will gain practical experience which you will use during your whole professional career. You will boost rapidly your chance for being accepted for a high rated internship or full-time work at top company. A lot of interview questions are from Linux administration topics.
  • There will be mandatory before class preparation before every lecture. You will have to read a paper and/or technology tutorial every week. Understanding is essential.
  • Labs will be about practical hands-on experience of given topic.

Previous year

You can take a look at the course content from winter semester 2020/21. The content will be slightly changed.