Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Top 10 Tenets of a System Administrator
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Top 10 Tenets of a System Administrator

LeoGLeoG Member

If you're doing it more than once, Automate.

Any task that is worth doing more than once is worth automating. That means you should keep your scripting skills up to date on any platform you have to work on. This will also reduce the chance for mistakes the next time you accomplish this task.

Documentation is a Process.

Document everything. Don't wait until after the project is done to start documenting, do it during. It will be easier for you and more accurate if you don't have to remember things you've done a long time ago. Making documentation a daily part of your routine will lessen the chance you might forget.

Generalize as much as possible.

Follow the Unix KISS philosophy. Your scripts should be kept simple and do one task well. They should be made generic enough to be reusable as often as possible. Similarly, your documentation should assume a minimum of previous knowledge. Think of someone who is new to the job and needs to be shown how to do something from the ground up.

Stay Organized.

You don't need to read a book about thought management to become more organized. Decide now on how where your scripts will be stored and ensure you always follow the same procedure. Documentation can take many forms, but often the simplest and oldest is best, such as a web portal running a wiki. You don't want to chase down your documentation across sticky notes, emails, text files and so on. Whether you use OneNote, Evernote, or any other solution, you should never have to Google for a solution twice.

Patch and Monitor.

Patching is something that should be a part of your automation. Whether it's desktop systems, servers or software applications, every part of the infrastructure should be automated, and you should have a way to verify that this is happening. If you can't tell at a glance how well the environment you're responsible for is doing, improve your process.

Handle Security in Layers.

Security doesn't end at the firewall. Don't leave privileged account passwords in text files. Implementing a password vault is quick and will make a big impact, both in making sure credentials are kept secure, but also serve as part of your documentation. Segment your networks so privileged systems don't co-exist with regular ones. Find the weak points, sandbox your web apps so they don't put the host server at risk. Monitor your firewall rules and IDS/IPS to make sure no unwanted traffic goes through. Make sure your anti-virus software is up to date and educate your users on how to behave in a secure way.

Be Prepared for the Worst.

Stay optimistic, but plan for the worst. This means doing proper backups using the 3-2-1 system, having three copies of any important data in two formats, making sure you always keep one copy off-site. Test your restore process, document that process and have a recovery plan that makes sense for your environment. Think up scenarios from software bugs to online attacks, physical breaches, power failures, flooding and fire, and find the best solution for them. People make mistakes, your procedures should keep those mistakes isolated.

Very Useful Hence Thought I ll share.

Read more at https://github.com/Leo-G/DevopsWiki/wiki/Top-10-tenets-of-a-System-Administrator

Comments

  • Solid advice.

    I see you've put the 3 backup rule into practice... 1 copy here, 1 via the link and 1 reference within there....

  • LeoGLeoG Member

    Yup

  • @LeoG said:
    If you're doing it more than once, Automate.

    Stopped reading there. It is a rookie admin mistake to naively think that everything can and should be automated. Tasks that are infrequent and/or have error conditions that are difficult to predict or recover from are better done manually. As usual, XKCD already has it covered:

    Automation

    Is It Worth the Time?

    Thanked by 1yomero
  • Good write, might get someone else a boost in their work performance.

  • impossiblystupid said: Stopped reading there. It is a rookie admin mistake to naively think that everything can and should be automated.

    That's a bit harsh but I take your point (and image).

    The statement really hinges on what you'd call automation. Using grep, sed and cut could be called automation, or not because you didn't write the programs. Certainly, if there's a pattern in manual work that can be automated and it'd save time....automate it. If it's not obvious there's a time saving, don't. Seems obvious, and it's common sense.

    If you're running a program every set period, putting it in a cron job is automation, surely.

    If you're trying to build an auto-responder that passes the Turing test while you're in the pub.... it may not be worth the time-saving.

  • gestiondbigestiondbi Member, Patron Provider

    Nice read!

  • aglodekaglodek Member
    edited April 2016

    @impossiblystupid said: Stopped reading there. It is a rookie admin mistake to naively think that everything can and should be automated. Tasks that are infrequent and/or have error conditions that are difficult to predict or recover from are better done manually…

    As with most things, there are exceptions to the rule. IMHO @LeoG's advice, including placing automating sysadmin tasks at the very top, is very solid. Can it be expanded and improved on? Sure thing. Your contribution is a good example of that (ignoring the less than useful start of your post, that is). Looking forward to many more interesting posts, building on @LeoG's primer! ;)

  • deadbeefdeadbeef Member
    edited April 2016

    You posted the newbie guide, here's the real one:

    • Keep shit running with as minimal work as possible
    • Make sure no sun ever gets into your offi... dungeon
    • Maximize blinking lights irrespective of the Christmas period
    • Comb through user email for blackmail material
    • Enhance the security of the security devices by installing handmade firmware.
    • Deploy random issue generator so that you can get easy wins when necessary
    • As a pioneer of the LAN party technology, keep the torch burning
    • Enhance your ftp scene inner ring membership by obtaining moar disk space for your ... users.
    • Disregard any security practice that doesn't come automated with the OSs default install script - if it was worth it, it would have been
    • Pr0n
    Thanked by 3rincewind Riz Ole_Juul
  • deadbeef said: Comb through user email for blackmail material

    ^^ :-)

    Thanked by 1deadbeef
  • LeoGLeoG Member

    Its for tasks that can be automated, I have automated backups with with bash but you are correct not all tasks can be automated, The wiki is open to comments/suggestions, I will keep yours in mind and try to reword or you can edit it as well

  • Nice info thanks for the share..

  • deadbeef said: the real one

    Lol! BOFH rules.

    Thanked by 1deadbeef
  • RizRiz Member

    I've never found a job I couldn't automate at least three tasks at. Boy, did it save repetitive time. Powershell should be every windows admin's best friend.

    Thanked by 1deadbeef
  • @rincewind said:
    Lol! BOFH rules.

    The "random issue generator" was directly taken from BOFH ;)

    Thanked by 1rincewind
Sign In or Register to comment.