How to become an ungleich system engineer » History » Version 5
Nico Schottelius, 01/03/2022 04:05 PM
| 1 | 1 | Nico Schottelius | h1. How to become an ungleich system engineer |
|---|---|---|---|
| 2 | |||
| 3 | 2 | Nico Schottelius | {{toc}} |
| 4 | |||
| 5 | 1 | Nico Schottelius | h2. Status |
| 6 | |||
| 7 | This document is *IN PROGRESS*. |
||
| 8 | |||
| 9 | |||
| 10 | h2. Introduction |
||
| 11 | |||
| 12 | If you are interested in the skill set a typical engineer at ungleich needs to have or if you want to improve your skill set for being able to apply at as system engineer, this document is for you. |
||
| 13 | 2 | Nico Schottelius | This document is structured into topics that you should be able to handle. With one part that describes how to learn that section and one part on how to verify you have learned the right things. |
| 14 | 1 | Nico Schottelius | |
| 15 | 3 | Nico Schottelius | h2. Operating System Knowledge |
| 16 | 1 | Nico Schottelius | |
| 17 | If you are fluent in either Linux or BSD, you should easily find your way. If you are not yet, we recommend: |
||
| 18 | |||
| 19 | * Install your own computer with Ubuntu (any version) |
||
| 20 | * Get used to it |
||
| 21 | * Wipe Ubuntu, replace it with Arch Linux |
||
| 22 | * Use it, break it |
||
| 23 | 5 | Nico Schottelius | * Switch to Alpine Linux |
| 24 | ** Understand apk and openrc |
||
| 25 | 1 | Nico Schottelius | * (optional) Use another machine and install Centos |
| 26 | ** Observe the differences to all other operating systems you tried before |
||
| 27 | |||
| 28 | 3 | Nico Schottelius | h2. Networking / IPv6 Knowledge |
| 29 | 1 | Nico Schottelius | |
| 30 | You know how to separate networks, you are fluent in IPv6 (hint: man sipcalc) and you know some basics of routing () |
||
| 31 | |||
| 32 | 3 | Nico Schottelius | h3. Learning IPv6 / Networking |
| 33 | 1 | Nico Schottelius | |
| 34 | 3 | Nico Schottelius | * Ensure that your computer has an IPv6 address (read "How to get IPv6":https://ungleich.ch/en-us/cms/blog/2019/02/05/how-to-get-ipv6/) |
| 35 | * Ensure that all your computers have GUA (hint: use a VPN, size >= /48 preferred) |
||
| 36 | * Configure a firewall to |
||
| 37 | ** all forwarding traffic from your internal network(s) |
||
| 38 | ** all traffic to the ssh port of your firewall/router |
||
| 39 | ** disallow all other incoming and forwarding traffic |
||
| 40 | |||
| 41 | |||
| 42 | h3. Some questions to check your knowledge: |
||
| 43 | |||
| 44 | 1 | Nico Schottelius | * Why does the gateway has to be in the same network? |
| 45 | * How do IPv6 hosts get their IP addresses? |
||
| 46 | * Why is there an fe80:... default gateway in IPv6? |
||
| 47 | 3 | Nico Schottelius | * Why is IPv4 NAT not a security feature? |
| 48 | 1 | Nico Schottelius | |
| 49 | |||
| 50 | 3 | Nico Schottelius | h2. Ceph Knowledge |
| 51 | 1 | Nico Schottelius | |
| 52 | You can install, configure and maintain ceph clusters on IPv6 only networks. |
||
| 53 | |||
| 54 | Learning: |
||
| 55 | |||
| 56 | * Take 3 hosts (if you don't have 3 computers, you can get 3 affordable VMs at "IPv6OnlyHosting":https://ipv6onlyhosting.com |
||
| 57 | |||
| 58 | |||
| 59 | Verify questions: |
||
| 60 | |||
| 61 | * Why does ceph need managers? |
||
| 62 | * How to move an OSD to another host? |
||
| 63 | |||
| 64 | |||
| 65 | |||
| 66 | |||
| 67 | |||
| 68 | 3 | Nico Schottelius | h2. Monitoring Knowledge |
| 69 | 1 | Nico Schottelius | |
| 70 | 3 | Nico Schottelius | h3. Learning monitoring |
| 71 | |||
| 72 | * Install nagios or icinga, monitor another host |
||
| 73 | * Install collectd and compare what it monitors to icinga and nagios |
||
| 74 | 4 | Nico Schottelius | * Setup prometheus, node-exporter, grafana and monitor 3+ nodes |
| 75 | 3 | Nico Schottelius | |
| 76 | |||
| 77 | Verify questions: |
||
| 78 | |||
| 79 | * Why is nagios alone not a good solution? |
||
| 80 | * What is the difference between nagios and icinga? |
||
| 81 | * What is the difference between icinga and check_mk? |
||
| 82 | * Which things do you monitor? Why? |