Nmedia - Fotolia
In the data center, Linux can be a double-edged sword: It offers flexibility but also runs the risk of being complex. Fortunately, an arsenal of tools at your disposal can make Linux system management a lot easier.
Recently, new tools have emerged to assist admins with each aspect of Linux server management. Updates to Red Hat Linux Enterprise (RHEL) 7, for example, give admins more control over policies and security, as well as new tools to manage the Linux boot procedure.
Familiarize yourself with these tools and more for streamlined management processes.
Use GRUB 2, systemd for RHEL 7 boot procedures
RHEL 7 introduces two major changes for Linux administrators who are used to RHEL 6: GRUB 2 and systemd, both of which play a role in the Linux boot procedure.
Admins use systemd -- a service manager -- to initiate services, start tasks under specific conditions, initialize hardware and mount file systems. During the boot procedure, systemd offers a major benefit for Linux system management: a uniform interface to initiate services, sockets, mounts or other components. However, it's easy to become overwhelmed with systemd's configuration options. Before getting started, understand key concepts, such as target units and wants.
Admins won't use GRUB 2 as frequently as systemd, as it's only involved in the reboot process, but it's still an important feature to know. Most of the time, GRUB 2 doesn't require much maintenance, but it will sometimes require reconfiguration. To alter its configuration, start at the file called /etc/default/grub.
Get to know open source PowerShell for Linux
In August 2016, PowerShell became open source and expanded its availability to Linux OSes. It now supports various versions of Linux, including Ubuntu 16.04, CentOS 7, Oracle Linux 7 and RHEL 7. Generally, only some of the modules and cmdlets from the full, proprietary version of PowerShell are available in the open source version, but admins can still find some useful features for Linux system management.
Script creation in open source PowerShell, for example, is essentially the same as in the current Microsoft version. Admins can use PowerShell to establish desired state configurations, integrate with Microsoft's Operations Management Suite and perform other tasks. However, PowerShell for Linux doesn't support the Integrated Scripting Environment and doesn't offer job control or schedule support. Hopefully, the community will fill in these gaps with future releases.
Have a dash of Salt with SUSE Manager 3
SUSE Manager is an infrastructure management tool that enables Linux admins to more easily manage configurations on RHEL and SUSE Linux Enterprise Server. Recently, SUSE released SUSE Manager 3, which differs significantly from prior versions. While older versions of SUSE, for example, were built solely on Spacewalk, SUSE Manager 3 also integrates Salt -- a configuration management system -- as an orchestration engine. This enables admins to perform complex tasks on managed nodes via scripts.
In addition to the Salt integration, SUSE Manager 3 supports more products than previous versions of the tool. For example, traditionally, SUSE Manager was only able to manage RHEL under specific conditions. But SUSE Manager 3 has native support for RHEL 6 and 7 and also supports SUSE Cloud and SUSE Storage.
Manage Linux security, DR with RHEL 7.3
In November 2016, Red Hat released a new version of RHEL -- version 7.3. The release enables admins to have more control over policies with Security-Enhanced Linux (SELinux), including the ability to override a system module with a higher-priority custom module. RHEL 7.3 also improves the OpenSCAP Workbench -- an open source version of the Security Content Automation Protocol -- through atomic scan, which can detect container vulnerabilities.
RHEL 7.3's focus on security suggests that RHEL 8 will target industrial internet of things devices, which are historically vulnerable to attacks.
The new update includes other features for Linux system management. For example, built-in disaster recovery capabilities enable admins to set up multisite DR services without a third party. To enable this multisite feature and set up alerts for status changes, administrators can use Pacemaker.
Use SELinux to manage security via policies
SELinux -- an access control module found in most Linux distributions -- enables admins to better manage security through policies. These policies also play a role in basic Linux system management. For example, admins can use them to control process initialization, inheritance and program execution, as well as to manage files, file systems, directories, messaging interfaces and other components.
SELinux has three different modes: enforcing, permissive and disabled. In enforcing mode, SELinux denies access according to the rules set by policies. In permissive mode, the platform logs all denials but does not deny access. Disabled mode means SELinux is disabled. Although it's tempting for admins to use disabled mode, due to the complicated nature of the tool, it's not advised to do so for security reasons.
If you need to troubleshoot application performance issues with SELinux, switch to permissive mode. Scour the audit log to learn what the problem is, and identify entries marked denied. Once you gather information, such as the Process ID and target name, you can learn why SELinux and a particular service do not work together.
Explore Linux tools to automate, monitor and back up
Don't lose data during a Linux distro upgrade
Compare public cloud platform support options for RHEL