Linux tools you should know if you work as a Sysadmin
This post is also available in: Spanish
Linux tools that every system administrator should know
A System Administrator is like a good mechanic who keeps his work tools well selected and organized, ready to solve any unknown problems that are presented to him. He also has to perform maintenance tasks to prevent difficulties and despite how well organized he might be, the work is hard, even in large companies the general tasks are delegated to different people. Today we will get to know Linux tools that every administrator should know. But before this, we need to know the occupations and tasks that these administrators perform:
- Database Administrator.
- Network Administrator (we have already published something related to this subject).
- Security Administrator.
- Web Administrator.
- Personnel physically present on computers (assistant administrators).
This is known as “System Administrator” and abbreviated as “Sysadmin”, you can use both.
These are some of the tasks that a System Administrator might have to do:
- Analyse system logs and identify potential drawbacks of computers with local or remote network.
- Install updates of operating systems, fixes, and configuration changes.
- Install and configure new hardware and/or software.
- Add, remove or update account information, reset passwords, etc.
- Answer technical queries and assist users.
- He is responsible for security (this one is inherent in the position).
- He is responsible for documenting system configuration, either for his own benefit, when he needs to take a vacation, or for his successors of his position.
- Solve problems reported by users.
- Enhance system performance.
- Ensure that the network infrastructure is up and running (server and network monitoring).
- Configure, add, and delete system files.
- Directly supervise development, testing and production environments to synchronize and to function without any inconvenience.
With this in mind, we classify the categories of programs in a brief review due to the large number of options, let’s go.
Remote connection tools for the System Administrator.
Even with on-the-spot helpers, a System Administrator needs a tool to remotely log in with the necessary credentials, to change settings, create scheduled tasks or simply to view the system status or simply to use the rest of the installed software for management; these are our preferred Linux tools for remote connection:
- eHorus: eHorus works on Windows, GNU/Linux, MAC and has an agent for Raspberry. eHorus has been developed by the Pandora FMS team and when you use it you have the security of being in a fully reliable environment: it will allow us to quickly locate a device in the network map previously configured from any web browser. The free version does not need Pandora FMS to work, you just need to register on the website. The same goes for the paid version for companies; both of them are great. The website is https://ehorus.com/ .
- TeamViewer: It is a proprietary software in its version 12, that not only allows you to connect remotely, but also allows you to develop teamwork and transfer files. It is available for GNU Linux, Windows, Android, Blackberry and even from a web browser in freeware and paid version. As far as security is concerned and because it is a closed source product, we depend only on the manufacturer’s word. It has connection audit reports and allows you to record everything displayed on the devices in the database.
- Remmina: It is the free software solution, which is used for Windows and GNU Linux. It has multiple options such as “Remote Desktop Protocols” (RDP), “Virtual Networking Computing” (VNC). It also includes connection through “Secure Shell” or SSH, allowing a greater speed, since it uses the command terminal window. With Remmina we must have the IP addresses of the computers or configure our own DNS (or rent to third parties) since this organization does not provide that commercial service.
Backup tools and data compression.
One of the disadvantages of the System Administrator is the maintenance of budgets to get adequate equipment expenditure. Information backup can become a critical mission. But the expense on storage material (internal and external hard disks, tapes, optical disks, etc.) has to be controlled, so the information has to be compressed which involves a significant saving of money.
- 7zip: This open source alternative contains private add-ons such as unRAR (separate license). Large companies like IBM do not hesitate to use it and promote its use in both GNU / Linux and Windows. The website of the organization is stored in the giant Digital Ocean in this link http://www.7-zip.org/ where you can download the version for Windows and for GNU Linux we just execute «apt-get install p7zip-full» and we will get it.
- rsync: We want to stress rsync because it is actually an application related to the GNU environment. You can check the website https://rsync.samba.org/, but if you use Linux, it will be installed on your computer. Created by Andrew Tridgell, who is the father of Git and Samba Server, he developed these last two programs with the experience gained with rsync. We also need to stress that Git is very useful when manipulating and maintaining versions of system documentation and custom scripts stored, either on a Git server inside the company or an external server such as the famous GitHub. Rsync software will allow us to back up full directories by preserving the files (links, owners, prints) in a multiple and massive way through secure protocols like rsh and shh or even anonymously as public FTP!
For full disaster recovery.
Yes, we already know that our servers and desktops have some redundant storage system like RAID. In most cases our assistants should only remove a disk and insert another one to know if the server is working. But what if there is no fixed disk from which to boot? Let’s look at this scenario that is related to data backup and Linux tools as well.
- Clonezilla: No matter what kind of file system we have on hard disks (ext n on Linux, FAT n on MS Windows, HFS+ on Mac, etc.) it is software that initiates a full backup to a server connected by local or external network, which we have previously configured (very important to assign fixed IP addresses by MAC address). Such receiving server may well be SSH, Samba, NFS type or RFC 2518 and RFC 4918 WebDAV standards. You can also start the computers by BIOS (the integrated ubiquitous Ethernet network card) or by uEFI acting between the BIOS and the operating system: if it does not boot neither from the hard disk, nor from the optical drive, then it automatically connects to the server that contains the last backup. For example, a practical use could be when a company buys a large batch of laptops for its street vendors, to take a machine as a model (all configured depending on management requirements) and copy them by batch to the rest as denoted in the following picture. What we have explained here has been simplified, this subject is much more dense.
- Local monitoring programs.
Each operating system generally has its own utilities developed by them or bought from other companies and packaged together.
- Local monitoring programs.
- Powershell: Its strength is “cmdlets” which are special commands that implement specific functions and emulate the use of “pipes” of Unix commands. It was originally developed with Visual Studio.NET for Windows environments, however since August 2016 it is available for Linux and can be installed as shown in this link. Although now it has MIT license, the individual components remain private and go halfway towards free software.
- GNU Linux: here is where the console rules, today we are going to see a very quick description of some of them. (Some may need to be installed via apt-get, depending on our distribution):
- “curl”: allows you to quickly verify if a web service is running with the “-I -s” options, which receives the headers indicating the good health of the process. Do not underestimate it, curl combined with PHP motorizes 25% of the web pages worldwide because it supports the following protocols HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP.
- “python”: is a programming language supported in Windows and Linux that will help us to collect and analyse abundant information with few code lines. In GNU Linux it comes in a solid way and it is so extraordinary that uninstalling it, puts in trouble many applications that depend on it. It is another element that we must take into account
- “top”: every 5 seconds, it shows the processes that are running and those ones which consume the most resources.
- “vmstat”: System activity and hardware and information of it too.
- “w”: a single letter followed by the user name returns information about when it was connected, which terminal it works on, and the running processes .
- “uptime”: Ignition time of system.
- “ps -a”: it lists all running processes together with their identifier.
- “free”: free memory, both physical and exchange.
- “iostat”: average CPU load and disk activity.
- “grep”: it filters by keywords, from a file or by “pipe” received from another command, so that we extract very specific figures. When we develop and we share with other Administrators Systems bash scripts, its use is indispensable.
- “pmap”: accompanied by the application identifier, it shows an ASCII character map of memory usage, a delight in the style of “The Matrix”.
- “tcpdump”: it captures all packets sent by a network interface on specific ports, between two specific devices or that belong to a particular protocol.
- “iostat”: it gives back information of all means of storage or one in particular.
- “mpstat”: with the parameter “-A” it shows the information of each and every one of the cores of the CPU.
- “vmstat”: similar to the previous command but it acts on the virtual memory.
Of course there are graphic Linux tools and one of them comes from “ntop”, an improved console utility to analyse network traffic, known as “ntopng”:
Webmin has specially gathered a graphical interface in web browser that connects to the computer through an SSH tunnel, for example, and allows you to configure user accounts, Apache, DNS and shared files and much more. A great substitute for the console or remotely by modules that can be added or removed according to taste or convenience. The list of normal and current modules is here and there is the possibility of developing our own modules. With Webmin we can even manage the “firewalls” in IPv4 and IPv6, we find at least 9 utilities at first sight so we have enough despite not having made a section here for them.
We emphasize that they are only a sample and that each of these commands produce an enormous amount of information that must be collected, centralized and analysed in some way, which leads us to the following point: server monitoring.
Remote monitoring programs: server monitoring.
Here we enter the world of “Major Leagues” of System Administrator, we have published the comparison between Nagios and Pandora FMS in a previous article which you should read.
It should be noted that Pandora FMS can collect the results of all GNU Linux command line programs by creating local and remote execution plugins. We have already published something related to this subject here.
The world is too big for the System Administrator.
Limiting ourselves to these Linux tools we show is simply impossible. Each System Administrator has his own “zen”: from those who have a simple five-minute plan, to those who think that the best System Administrator is the lazy one, to the most sophisticated ones who program their own tools Everything is possible with open source and of course, a desire to work!