Ops School Curriculum

Welcome to the Ops School curriculum documentation site.

Ops School is a comprehensive program that will help you learn to be an operations engineer. Operations engineers are highly skilled people who manage the computer systems of businesses big and small. In addition to corporate systems, operations engineers also maintain the systems that allow websites, networks, payments systems and other Internet services to function. The field of operations engineering covers a wide variety of topics, from systems administration, to security, networking and beyond. Ops School will guide you through all of these skill sets from beginner to expert.

Since the early 90’s, operations engineers have been in high demand. As a result, these positions often offer high salaries and long term job security. The SAGE/LISA Salary Survey has charted the average salaries for systems administrators and operations engineers since 1999 and has consistently shown the field to be prosperous for those people who enjoy diving into the inner workings of computer systems.

If you already know about the profession and want to know how to start, read How to become an operations engineer.

If you are reading about this career for the first time and want to know if it is for you, check out the Careers in Operations chapter.

Table of Contents

• Introduction
  • Goals and Focus
  • Syllabus layout
• Contributions
  • How we’ll organize work
  • How to contribute
  • Rewards for contributions
  • Ops School Videos
  • How to write sections
  • Overwriting existing content
  • Credits
• Guidelines
• Careers in Operations
  • Deciding a career path
  • Generalized career paths
  • Specialized career paths
  • How to become an operations engineer
• Sysadmin 101
  • What is Systems Administration?
  • What is Development?
  • Contrasting Development and Operations
  • History of Development and Operations
  • What System Administration Isn’t
• Unix fundamentals 101
  • File systems
  • Shells
  • Package management
  • The Boot Process
  • Useful shell tools
  • Crontab
• Unix fundamentals 201
  • Kernel tuning
  • Signals
  • Syscalls
  • Booting over the network
  • /bin/init and its descendants
  • Looking at system metrics
• MS Windows fundamentals 101
• Text Editing 101
  • A little history
  • vi basics
• Text Editing 201
  • Vim
  • Emacs
• Tools for productivity
  • Terminal emulators
  • SSH
  • SSH Use Cases
  • Multiplexers
  • Shell customisations
  • Mosh
  • Ticketing systems
  • Note-taking
• Security 101
  • Authentication in unix
  • Adding and deleting users and groups
  • Standard unix filesystem permissions
  • PAM
  • Chroot, jails and containers
  • Sudo (or, “Why you should not log in as root”)
  • History and Lore
• Security 201
  • Centralised accounts
  • Firewalls and packet filters
  • Public Key Cryptography
  • Two factor authentication
  • Building systems to be auditable
  • Network Intrusion Detection
  • Host Intrusion Detection
  • Defense practices
  • Risk and risk management
  • Compliance: The bare minimum
  • Dealing with security incidents
  • ACLs and extended attributes (xattrs)
  • SELinux
  • AppArmor
  • Data placement
  • Additional reading
• Troubleshooting
  • Methodologies
  • Working effectively during a crisis
• Networking 101
  • The RFC Documents
  • OSI 7-layer model (OSI Reference Model)
  • TCP/IP (ARPA) 4-layer model
  • IP Addressing
  • TCP vs UDP
  • Subnetting, netmasks and CIDR
  • Classful addressing
  • Private address space (RFC 1918)
  • Static routing
  • NAT
  • Networking cable
• Networking 201
  • VLANs, 802.1q tagging
  • Spanning Tree
  • Routing
  • ACLs
  • Network Bonding (802.3ad / LACP link aggregation)
  • IOS switch configuration
  • GRE and other tunnels
  • Multi-homed hosts
  • Similarities and differences between IPv4 and IPv6 networking
  • Implications of dual-stack firewalls (especially under Linux)
  • Multicast uses and limitations
  • Latency vs. Bandwidth
  • VPNs
  • Network Troubleshooting
  • Troubleshooting layer 1 problems
  • Differences in perspective: network engineering and systems administration
• Common services
  • System daemons 101
  • DNS 101
  • DNS 201
  • DHCP
  • HTTP 101 (Core protocol)
  • HTTP 201 (Application Servers & Frameworks)
  • SMTP 101
  • SMTP 201
• Identity Management 101
  • LDAP
  • NIS
• Active Directory 101
  • What is Active Directory?
  • What is Active Directory used for?
  • You mention “separate components”; what is Active Directory composed of?
  • What specific services does Active Directory provide?
  • Best Practices for managing an Active Directory installation
• Active Directory 201
  • Detailed Breakdown of Active Directory Components/Services
  • Advanced Active Directory Maintenance
• Remote Filesystems 101
  • NFSv3
  • iSCSI
  • SAMBA/CIFS
• Remote Filesystems 201
  • GlusterFS
  • NFSv4
  • Netatalk / AFP
  • S3
• Programming 101
  • Shell scripting basics
  • Regular Expressions
  • Sed & awk
  • GIGO
• Programming 201
  • Common elements in scripting, and what they do
  • C (A very basic overview)
  • Ruby
  • Python
  • Version Control
  • API design fundamentals
  • Continuous Integration
• Hardware 101
  • Hardware Types
  • Basic server architecture
  • Disk management
  • Performance/Redundancy
  • Troubleshooting
• Datacenters 101
  • Power budgets
  • Cooling budgets
  • You will be judged by the tidiness of your rack
  • Machine and cable labeling
  • Traditional naming conventions
• Datacenters 201
  • Networking many racks
  • Power
  • Cooling
  • Physical security and common security standards compliance requirements
  • Suggested practices
• Datacenters 301
  • Power
  • Increasing cooling efficiency
  • Design Options
• Virtualization 101
  • Intro to virtualization technologies
  • The Cloud
• Virtualization 201
  • Managing virtualized infrastructures (Private clouds)
  • Leveraging virtualization for development
  • Leveraging virtualization for production
  • Security implications of virtualization
• Logs 101
  • Common system logs & formats
  • Standard Error
  • Log files
  • Syslog
  • Log Rotation
• Logs 201
  • Centralized logging
  • Log parsing
  • Search & Correlation
• Databases 101 (Relational Databases)
  • What is a Database?
  • What is a Relational Database?
  • Why We Use Databases?
  • What is SQL?
  • SQL shell
  • Creating databases
  • Creating users
  • Create Tables
  • Alter Table
  • Drop Table
  • Data Type
  • Granting privileges
  • Removing Privileges
  • Basic normalized schema design
  • Select, Insert, Update and Delete
  • Pro Tips
• Databases 201
  • Database Theory
  • Document Databases
  • Key-value Stores
  • Graph Databases
• Application Components 201
  • Message Queue Systems
  • Message Brokers
  • Memory Caches
  • Specialized Caches
• Load Balancing
  • Why do we use load balancers?
  • Application implications
  • Non-HTTP use cases
  • Software
  • Hardware
  • Multi-dc
• Monitoring, Notifications, and Metrics 101
  • History: How we used to monitor, and how we got better (monitors as tests)
  • Perspective (end-to-end) vs Introspective monitoring
  • Metrics: what to collect, what to do with them
  • Common tools
• Monitoring, Notifications, and Metrics 201
  • Dataviz & Graphing
  • Graphite, StatsD
  • Dashboard: Info for ops and info for the business
  • Third-party tools
• Business Continuity Planning
  • Backups
  • Outages
  • Postmortems
  • Disaster Recovery
• Architecture 101
  • How to make good architecture decisions
  • Patterns and anti-patterns
  • Introduction to availability
  • Introduction to scalability
• Architecture 201
  • Service Oriented Architectures
  • Fault tolerance, fault protection, masking, dependability fundamentals
  • Caching Concerns
  • Crash only
  • Synchronous vs. Asynchronous
  • Business continuity vs. Disaster Recovery
  • Designing for Scalability: Horizontal, Vertical
  • Simplicity
  • Performance
  • Tiered architectures
  • MTTR > MTBF
• Configuration Management 101
  • A Brief History of Configuration Management
  • Idempotence
  • Convergent and Congruent systems
  • Direct and Indirect systems: ansible, capistrano
  • Chef
• Configuration Management 201
  • Ansible
  • Puppet
  • CFEngine 3
  • SaltStack
• Capacity Planning
  • Fundamentals of capacity planning
  • Forecasting
  • Diagonal scaling
• Statistics For Engineers
  • Normal distributions
  • Percentiles, histograms, averages, mean, medians
• Software Deployment 101
  • Software deployment vs configuration management
  • Running services
  • Package management
• Software Deployment 201
  • Running services
• Soft Skills 101
  • Communication basics
  • Communication Modes
  • Special cases for operations
  • Time Management
  • Project Management
  • The Tao of DevOps
  • The importance of Documentation
  • Working with other teams
• Soft Skills 201
  • Business Acumen in Operations
  • Understanding the role of operations
  • Thinking broadly
  • Promoting Change
  • Building basic business skills
  • Specific Examples
• Labs exercises
  • Bare-Metal Provisioning 101
  • Bare-Metal Provisioning 201
  • Cloud Provisioning 101
  • Cloud Provisioning 201
  • Database 101
  • Database 201
  • Database 301
  • Automation 101
  • Automation - Chef 201
  • Automation - Chef 301
  • Automation - Chef 302
  • Automation - Puppet 201
  • Automation - Puppet 301
  • Package Management 101
  • Package Management 201
  • Build automation fleets
  • Version Control with Git 101
  • DNS 101
  • HTTP 101
• Learning and the Community
  • Learning and strategies for improvement
  • Things to keep in mind as you learn how to be an engineer
  • Golden rules for careers in ops
  • Where to look for help in the community
• See also
• Reading List
• Contributions
  • How we’ll organize work
  • How to contribute
  • Rewards for contributions
  • Ops School Videos
  • How to write sections
  • Overwriting existing content
  • Credits
• Conventions
  • Style Guide
  • Sample Network
• Style Guide
  • Editing
• Glossary

TODO List

Todo

restoring? what not to backup, regulations on same, how to store them (PCI)

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/backups.rst, line 74.)

Todo

The idea of such a risk may not be immediately clear to a beginning ops person.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/backups.rst, line 81.)

Todo

How does FOIA affect what information an organization needs to have available? Assume the reader is a civilian and doesn’t know how FOIA affects an organization.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/backups.rst, line 98.)

Todo

media – should someone address the state of backup media? Some places are still doing tape. What about orgs who rely on standalone consumer-grade disks for client backups (e.g. Time Machine)? Risks, cost to maintain.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/backups.rst, line 131.)

Todo

Using backups to restore to a known “good” state after an incident just serves to put the machine in a known vulnerable state (security hole that was exploited is now back in operation)

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/backups.rst, line 159.)

Todo

can be used to restore system state that can be useful in a post mortem after an incident (say the attacker covered their tracks but backups were able to capture a rootkit before it was removed or before logs were tampered with)

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/backups.rst, line 161.)

Todo

Check this section. I think i’ve got it down, but I’m not super familiar with this part.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/boot_process_101.rst, line 323.)

Todo

a specific example of convergent over time might help

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/config_management.rst, line 31.)

Todo

shared resources, bussiness needs.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/disaster_recovery.rst, line 109.)

Todo

How to create a plan from the material we gathered in the planning phase.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/disaster_recovery.rst, line 114.)

Todo

Pros and cons on separating the disaster recovery manual from the technical recovery manual.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/disaster_recovery.rst, line 115.)

Todo

Strategies when simulating. Defining testing scopes. Measuring.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/disaster_recovery.rst, line 120.)

Todo

Limiting the scope to core business

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/disaster_recovery.rst, line 124.)

Todo

Expanding the scope in the disaster recovery environment vs. going back to production before expanding

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/disaster_recovery.rst, line 125.)

Todo

Communication

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/disaster_recovery.rst, line 129.)

Todo

Explain “What is Ops School?”

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/introduction.rst, line 5.)

Todo

Mainly for @apeiron: Simplify the topography description, possibly with use of a table to describe IP assingments

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/meta/conventions.rst, line 60.)

Todo

Mention spec files and roughly how RPMs are put together.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/package_management_101.rst, line 165.)

Todo

Then introduce FPM and tell them not to bother with spec files yet.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/package_management_101.rst, line 166.)

Todo

Explain more about what rubygems are as well as http://rubygems.org

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/programming_201.rst, line 318.)

Todo

Discuss how authentication works. Touch on /etc/(passwd|group|shadow), hashing. What are groups? Lead in to the users/groups permissions model and how permissions are based on the user/group/other bits.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/security_101.rst, line 7.)

Todo

What is PKI? What uses it? Why is it important?

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/security_201.rst, line 106.)

Todo

stat command

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/shell_tools_101.rst, line 247.)

Todo

vmstat command

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/shell_tools_101.rst, line 252.)

Todo

strace command

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/shell_tools_101.rst, line 257.)

Todo

ulimit command

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/shell_tools_101.rst, line 262.)

Todo

Only talk about replacing text for now? It’s the most common / needed piece of sed at this level.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/shell_tools_101.rst, line 619.)

Todo

Tighten up the above sentence. It’s wordy and doesn’t seem to make the point I want it to make.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/shells_101.rst, line 30.)

Todo

It might be interesting to put together an exercise where the student interacts with a fictional customer in some different scenarios. Depending on what the student does, the customer is happy or complains to the operations person or escalates the complaint up the management chain. How does the student respond? Could have multiple scenarios with different customers (a customer who causes his own problem then gets in the way, a customer who cannot wait, a customer who tries to fix the problem and makes it worse, a customer who uses the opportunity to speak to an operations person to dump 10 other requests on that person. This idea came to me from a series of books my kid has where you make a decision on page 10 that leads to to either page 26 or page 40. Your decision could end the story or take you in a new direction. The books are full of these decision points so the story is rarely the same twice, kinda like customer support!

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/soft_skills_101.rst, line 355.)

Todo

does this section need a real writeup or are references to Tom’s work enough?

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/soft_skills_101.rst, line 375.)

Todo

Might give an example here. Need to write more explaining how to assemble the pieces.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/soft_skills_201.rst, line 433.)

Todo

write this section.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/soft_skills_201.rst, line 487.)

Todo

“What is Development” Section needs more developer perspective.

(The original entry is located in /home/docs/checkouts/readthedocs.org/user_builds/ops-school/checkouts/latest/sysadmin_101.rst, line 226.)

Indices and tables

• Index

• Module Index

• Search Page