On 09/17/2010 03:39 AM, Robert P. J. Day wrote:
(note: i asked this a few days ago but it *appears* that that post was tossed due to getting excessive bounces from my account. so i'm posting it again, apologies if you're seeing it a second time.)
over the next several weeks, i'm teaching some courses in RHEL admin but (unsurprisingly) i'll be using centos 5.5. it's a decently-written, 3rd party course, all the generic, standard admin topics but it does leave me about a 1/2 day to throw in any cool stuff i want to add.
so, any recommendations for neat things that people here have done in the way of what can be added to or configured on a centos server system? the course covers all the standard topics -- installation, package management, service management, filesystem maintenance, that sort of thing. so i'm looking for bonus, neat stuff that others here do as a matter of course when putting together a centos system.
logging utilities? intrusion detection? monitoring? anything that leaps to mind that i can use to fill up a few more hours. i'm already thinking of showing how to build and boot a new kernel. other ideas? thanks.
rday
I've done quite a few things. Recently, I just run puppet and let it do EVERYTHING for whatever a system might need. But things I have done in the past are autodetect if the system is a vm and install vmware-tools, find the next ip address available in DNS for the particular subnet the newly installed system is in and dynamically update forward and reverse (including a helpful TXT record which fit a known convention), run yum update and reboot, and even create a qtree on netapp automatically. Just a quick few things.. I also do some stuff during pre installation like align the disk on proper boundaries and enable software raid according to the meta data associated with the system record in cobbler. Cobbler is nice as a subscription means to dynamically alter kickstart configs so I can add 'raid=5' as meta data for instance the the vm will build itself with raid5 (if it can of course). Same things applies to selinux, firewall, and other features that need to be enabled very early on and puppet just checks to make sure it's still true.
I've moved away from doing stuff in post install and instead let puppet handle pretty much everything. API's are great for this.