Fedora 15 para sysadmins




Citation preview

Fedora 15Para sysadmins

Amador PahimAnalista de Suporte, UCS


Fedora 15


● Better power management

● LibreOffice● Firefox 4● KDE plasma

workspaces 4.6 and Xfce 4.8

● Sugar .92

● Desktop users● GNOME 3● Btrfs filesystem● Indic typing booster● Better crash

reporting● Redesigned SELinux

troubleshooter● Higher compression

in live images


● Sysadmins● systemd ● FirewallD● BoxGrinder● Spice integration● Device naming● eCryptfs ● RPM 4.9.0

● Developers● Robotics suite● GCC 4.6● GDB 7.3● Python 3.2● OCalm 3.12● Rails 3.0.5● Maven 3


O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.

O que é?

systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts.

systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux

cgroups, supports snapshotting and restoring of the system state, maintains mount and

automount points and implements an elaborate transactional dependency-based service control

logic. It can work as a drop-in replacement for sysvinit.



● Diretórios



● Arquivos de serviço

man -k systemd

● Ativando serviços

systemctl enable iptables.service

● Desativsndo serviços

systemctl disable iptables.service


● Arquivo de exemplo


Description=Meu Serviço



ExecStart=/etc/init.d/MeuServico start

ExecStop=/etc/init.d/MeuServico stop


● Ligando serviços

systemctl start iptables.service

● Desligando serviços

systemctl stop iptables.service


O que é?

FirewallD é um serviço que oferece um gerenciamento dinâmico das regras de firewall.

Preciso disso?

Modelo atual -> reinicio completo do firewall

Descarregar os módulos do kernel

Recarregar os módulos necessários

Perda do estado das conexões ativas.


● Instalação

yum install firewalld

chkconfig firewalld on

service firewalld start

● Comandos

firewall-cmd --enable --service=http


● Instalação

yum install firewalld

chkconfig firewalld on

service firewalld start

● Comandos

firewall-cmd --enable --service=http

firewall-cmd --list=service


● Instalação

yum install firewalld

chkconfig firewalld on

service firewalld start

● Comandos

firewall-cmd --enable --service=http

firewall-cmd --list=service

firewall-cmd --enable --port=3306:tcp --timeout=60


● Instalação

yum install firewalld

chkconfig firewalld on

service firewalld start

● Comandos

firewall-cmd --enable --service=http

firewall-cmd --list=service

firewall-cmd --enable --port=3306:tcp --timeout=60

firewall-cmd --list=port


● Instalação

yum install firewalld

chkconfig firewalld on

service firewalld start

● Comandos

firewall-cmd --enable --service=http

firewall-cmd --list=service

firewall-cmd --enable --port=3306:tcp --timeout=60

firewall-cmd --list=port

firewall-cmd --disable --service=http


O que é?

Ferramenta para gerar imagens (appliances) de máquinas virtuais, personalizando a instalação,

determinando que pacotes serão instalados e executando tarefas pós instalação.

Gera o appliance sem intervenção, nos formatos RAW, vmware e ec2, que podem ser usados pelo

KVM, VmWare e pelo serviço de cloud da Amazon, respectivamente.

O que é?

Ferramenta para gerar imagens (appliances) de máquinas virtuais, personalizando a instalação,

determinando que pacotes serão instalados e executando tarefas pós instalação.

Gera o appliance sem intervenção, nos formatos RAW, vmware e ec2, que podem ser usados pelo

KVM, VmWare e pelo serviço de cloud da Amazon, respectivamente.




● SO● CentOS● Scientific Linux● RHEL● Fedora

● Formatos● RAW● VMWare● ec2 ● VirtualBox

● Entrega● Amazon Simple Storage Service

(s3)● Amazon Simple Storage Service

(ami)● Amazon Simple Storage Service

(cloudfront)● Elastic Block Storage (ebs)● SSH File Transfer Protocol (sftp)● ElasticHosts (elastichosts)● Local file system (local)


● Instalacao

yum install rubygem-boxgrinder-build

● Configuração

mkdir ~/.boxgrinder

vi ~/.boxgrinder/configplugins: vmware: type: personal thin_disk: true sftp: path: /var username: root password: minhasenha host: vmserver.domain.com


● Primeiro appliance

mkdir appliances

cd appliances

vi f15-httpd.appl

Usoname: f15-httpdsummary: Appliance Fedora 15 com httpd.os:

name: fedoraversion: 15

hardware:cpus: 2memory: 256partitions:

"/":size: 2

packages:- @core- httpd

repos:- name: fedora

baseurl: file:///repo/post:

base:- "chkconfig httpd on"


● Criando e entregando

boxgrinder-build f15-httpd.appl -p vmware -d sftp

SimpleProtocol for

Independent Computing


O que é?

Uma olução completa e Open Source para interação com desktops virtualizados.




Spice Server(libspice) Spice Client



Spice Agent

Drivers(QXL, VDIPort)

Spice protocol


● qemu-kvm

qemu -vga qxl -spice port=5930,disable-ticketing

● libvirt <video>

<model type='qxl' heads='1'/></video><graphics type='spice' port='5930' />


● virt-manager


“... It's always more funTo share with everyone

If you've got oneHere is something you can learn

You can still shareJust by taking turns ...”

