Book Image

Mastering Linux Administration

By : Alexandru Calcatinge, Julian Balog
Book Image

Mastering Linux Administration

By: Alexandru Calcatinge, Julian Balog

Overview of this book

Linux plays a significant role in modern data center management and provides great versatility in deploying and managing your workloads on-premises and in the cloud. This book covers the important topics you need to know about for your everyday Linux administration tasks. The book starts by helping you understand the Linux command line and how to work with files, packages, and filesystems. You'll then begin administering network services and hardening security, and learn about cloud computing, containers, and orchestration. Once you've learned how to work with the command line, you'll explore the essential Linux commands for managing users, processes, and daemons and discover how to secure your Linux environment using application security frameworks and firewall managers. As you advance through the chapters, you'll work with containers, hypervisors, virtual machines, Ansible, and Kubernetes. You'll also learn how to deploy Linux to the cloud using AWS and Azure. By the end of this Linux book, you'll be well-versed with Linux and have mastered everyday administrative tasks using workflows spanning from on-premises to the cloud. If you also find yourself adopting DevOps practices in the process, we'll consider our mission accomplished.
Table of Contents (20 chapters)
Section 1: Linux Basic Administration
Section 2: Advanced Linux Server Administration
Section 3: Cloud Administration

Choosing the right Linux distribution

There are many aspects involved in choosing a Linux distribution, based on various functional requirements. A comprehensive analysis would be far beyond the scope of this chapter. However, considering a few essential points may help with making the right decision:

  • Platform: The choice between a server, a desktop, or an embedded platform is probably one of the top decisions in selecting a Linux distribution. Linux server platforms and embedded systems are usually configured with the core operating system services and essential components required for specific applications (such as networking, HTTP, FTP, SSH, and email), mainly for performance and optimization considerations. On the other hand, Linux desktop workstations are loaded (or pre-loaded) with a relatively large number of software packages, including a graphical user interface for a more user-friendly experience. Some Linux distributions come with server and desktop flavors (such as Ubuntu, Fedora, and openSUSE), but most distros have a minimal operating system, with further configuration needed (such as CentOS, and Debian). Usually, such distributions would be good candidates for Linux server platforms. There are also Linux distributions specifically designed for desktop use, such as elementary OS, Pop!_OS, or Deepin. For embedded systems, we have highly optimized Linux distros, such as Raspbian and OpenWRT, to accommodate small-form factor devices with limited hardware resources.
  • Infrastructure: Today, we see a vast array of application and server platform deployments, ranging from hardware and local (on-premises) data centers to hypervisors, containers, and cloud infrastructures. Weighing a Linux distribution against any of these types of deployments should take into consideration the resources and costs involved. For example, a multi-CPU, large-memory, and generally high-footprint Linux instance may cost more to run in the cloud or a Virtual Private Server (VPS) hosting infrastructure. Lightweight Linux distributions take fewer resources and are easier to scale in environments with containerized workloads and services (for instance, with Kubernetes and Docker). Most Linux distributions now have their cloud images available for all major public cloud providers (for instance, Amazon AWS, Microsoft Azure, and Google Compute Engine). Docker container images for various Linux distributions are available for download on Docker Hub ( Some Docker images are larger (heavier) than others. For example, the Ubuntu Server Docker image outweighs the Alpine Linux Docker image considerably, and this may tip the balance when choosing one distribution over the other. Also, to address the relatively new shift to containerized workflows and services, some Linux distributions offer a streamlined or more optimized version of their operating system to support the underlying application infrastructure. For example, Fedora features the Fedora CoreOS (for containerized workflows) and Fedora IoT (for Internet of Things ecosystems). CentOS has the Atomic project, as a lean CentOS for running Docker containers.
  • Performance: Arguably, all Linux distributions can be tweaked to high-performance benchmarks in terms of CPU, GPU, memory, and storage. Performance should be regarded very closely with the platform and the application of choice. An email backend won't perform very well on a Raspberry Pi, while a media streaming server would do just fine (with some external storage attached). The configuration effort for tuning the performance should also be taken into consideration. CentOS, Debian, and Ubuntu all come with server and desktop versions reasonably optimized for their use. The server versions can be easily customized for a particular application or service by only limiting the software packages to those that are essential for the application. To further boost performance, some would go to the extent of recompiling a lightweight Linux distro (for instance, Gentoo) to benefit from compiler-level optimizations in the kernel for specific subsystems (for instance, the networking stack or user permissions). As with any other criteria, choosing a Linux distribution based on some application or platform performance is a balancing act, and most of the time, common Linux distros will perform exceptionally well.
  • Security: When considering security, we have to keep in mind that a system is as secure as its weakest link. An insecure application or system component would put the entire system at risk. Therefore, the security of a Linux distribution should be scrutinized in close relation to the related application and platform environment. We can talk about desktop security for a Linux distro serving as a desktop workstation, for example, with the user browsing the internet, downloading media, installing various software packages, and running different applications. The safe handling of all these operations (against malware, viruses, and intrusions) would make for a good indicator of how secure a system can be. There are Linux distros that are highly specialized in application security and isolation, well suited for desktop use: Qubes OS, Kali Linux, Whonix, Tails, and Parrot Security OS. Some of these distributions are developed for penetration testing and security research.

    On the other hand, we may consider the server security aspect of Linux server distributions. In this case, regular operating system updates with the latest repositories, packages, and components would go a long way to securing the system. Removing unused network-facing services and configuring stricter firewall rules are further steps of reducing the possible attack surface. Most Linux distributions are well equipped with the required tools and services to accommodate the preceding. Opting for a distro with frequent and stable upgrades or release cycles is generally the first prerequisite for a secure platform (for instance, Centos, RHEL, Ubuntu LTS, or SUSE Enterprise Linux).

  • Reliability: Linux distributions with aggressive release cycles and a relatively large amount of new code added in each release are usually less stable. For such distros, it's essential to choose a stable version. Fedora, for example, has rapid releases, being one of the fastest progressing Linux platforms. Yet, we should not heed myths claiming that Fedora or other similar fast-evolving Linux distros are less reliable. Don't forget, one of the most reliable Linux distributions out there, Red Hat Enterprise Linux (RHEL), is derived from Fedora.

There's no magic formula for choosing a Linux distribution. In most cases, the choice of platform (server or desktop) combined with a couple of the data points mentioned previously and some personal preferences would decide a Linux distribution. With production-grade environments, most of the previously enumerated criteria become critical, and the available options for our Linux platform of choice would be reduced to a few industry-proven solutions. In the following section, we enumerate some of the most popular Linux distributions.

Common Linux distributions

This section summarizes the most popular and common Linux distributions at the time of this writing, with emphasis on their package manager. Most of these distros are free and open source platforms. Their commercial-grade variations, if any, are noted.

CentOS and RHEL

CentOS and its derivatives use RPM as their package manager. CentOS is based on the open source Fedora project. It is suited to both servers and workstations. RHEL is a commercial-grade version of CentOS, designed to be a stable platform with long-term support.


The package manager for Debian and most of its derivatives is Debian Package (DPKG). Debian is releasing at a much slower pace than other Linux distributions, such as Linux Mint or Ubuntu, for example, but it's relatively more stable.


Ubuntu uses Advanced Package Tool (APT) and DKPG as package managers. Ubuntu is one of the most popular Linux distributions, releasing every 6 months, with more stable Long Term Support (LTS) releases every other year.

Linux Mint

Linux Mint uses APT as its package manager. Built on top of Ubuntu, Linux Mint is mostly suitable for desktop use, with a lower memory usage than Ubuntu (with the Cinnamon desktop environment, compared to Ubuntu's GNOME). There's also a version of Linux Mint built directly on top of Debian, called Linux Mint Debian Edition (LMDE).


openSUSE uses RPM, Yet another Setup Tool (YaST), and Zypper as package managers. openSUSE is a bleeding-edge Linux distribution, suited to both desktop and server environments. SUSE Linux Enterprise Server is the commercial-grade platform. openSUSE was regarded as one of the most user-friendly desktop Linux distributions before the days of Ubuntu.

Important note

In this book, our focus is mainly on two Linux distributions, widely used in both community and commercial deployments, Ubuntu and CentOS.

The following section presents some hands-on use cases, where, depending on specific functional requirements, we choose the right Linux distribution.

Linux distributions – a practical guide

The following use cases are inspired by real-world problems, taken mostly from the authors' own experience in the software engineering field. Each of these scenarios presents the challenge of choosing the right Linux distribution for the job.

Case study – development workstation

This case study is based on the following scenario made from the perspective of a software developer:

I'm a backend/frontend developer, writing mostly in Java, Node.js, Python, and Golang, and using mostly IntelliJ and VS Code as my primary IDE. My development environment makes heavy use of Docker containers (building and deploying) and I occasionally use VMs (with VirtualBox) to deploy and test my code locally. I need a robust and versatile development platform.

Functional requirements

The requirements suggest a relatively powerful day-to-day development platform, either as a PC/desktop or a laptop computer. The developer relies on local resources to deploy and test the code (for instance, Docker containers and VMs), perhaps frequently in an offline (airplane mode) environment if on the go.

System requirements

The system would be primarily using the Linux desktop environment and window manager, with frequent context switching between the Integrated Development Environment (IDE) and terminal windows. The required software packages for the IDE, Docker, hypervisor (VirtualBox), and tools should be readily available from open source or commercial vendors, ideally always being up to date and requiring minimal installation and customization effort.

Linux distribution

The choice here would be the Ubuntu Desktop Long Term Support (LTS) platform. Ubuntu LTS is relatively stable, runs on virtually any hardware platform, and it's mostly up to date with hardware drivers. Software packages for the required applications and tools are generally available and stable, with frequent updates. Ubuntu LTS is an enterprise-grade, cost-effective, and secure operating system suitable for organizations and home users alike.

Case study – secure web server

This case study is based on the following scenario made from the perspective of a DevOps engineer:

I'm looking for a robust platform running a secure, relatively lightweight, and enterprise-grade web server. This web server handles HTTP/SSL requests, offloading SSL before routing requests to other backend web servers, websites, and API endpoints. No load-balancing features are needed.

Functional requirements

When it comes to open source, secure, and enterprise-grade web servers, the top choices are usually NGINX, Apache HTTP Server, Node.js, Apache Tomcat, and Lighttpd. Without going into the details of choosing one web server over another, let's just assume we pick Apache HTTP Server. It has state-of-the-art SSL/TLS support, excellent performance, and is relatively easy to configure.

We deploy this web server in VPS environments, in local (on-premises) data centers, or the public cloud. The deployment form factor is either a VM or a Docker container. We are looking for a relatively low-footprint, enterprise-grade Linux platform.

Linux distribution

Our choice is CentOS. Most of the time, CentOS and Apache HTTP Server are a perfect match. CentOS is relatively lightweight, coming only with barebone server components and an operating system networking stack. It is widely available as a VPS deployment template in private and public cloud vendors. There is also CentOS Atomic Host, a Linux distribution designed to run Docker containers. Our Apache HTTP Server can run as a Docker container on top of CentOS Atomic, as we may horizontally scale to multiple web server instances.

Use case – personal blog

This case study is based on the following scenario made from the perspective of a software engineer and blogger:

I want to create a software engineering blog. I'll be using the Ghost blogging platform, running on top of Node.js, with MySQL as the backend database. I'm looking for a Virtual Private Server (VPS) solution hosted by one of the major cloud providers. I'll be installing, maintaining, and managing the related platform myself. Which Linux distribution should I use?

Functional requirements

We are looking for a self-managed publicly hosted VPS solution. The related hosting cost is a sensitive matter. Also, the maintenance of the required software packages should be relatively easy. We foresee frequent updates, including the Linux platform itself.

Linux distribution

Our pick is Ubuntu Server LTS. As previously highlighted, Ubuntu is a robust, secure, and enterprise-class Linux distribution. The platform maintenance and administration efforts are not demanding. The required software packages – Node.js, Ghost, and MySQL – are easily available and are well maintained. Ubuntu Server has a relatively small footprint. We can run our required software stack for blogging well within the Ubuntu system requirements so that the hosting costs would be reasonable.

Use case – media server

This case study is based on the following scenario made from the perspective of a home theater aficionado:

I have a moderately large collection of movies (personal DVD/Blu-ray backups), videos, photos, and other media, stored on Network Attached Storage (NAS). The NAS has its own media server incorporated, but the streaming performance is rather poor. I'm using Plex as a media player system, with Plex Media Server as the backend. What Linux platform should I use?

Functional requirements

The critical system requirements of a media server are speed (for a high-quality and smooth streaming experience), security, and stability. The related software packages and streaming codecs are subject to frequent updates, so platform maintenance tasks and upgrades are quite frequent. The platform is hosted locally, on a PC desktop system, with plenty of memory and computing power in general. The media is being streamed from the NAS, over the in-house Local Area Network (LAN), where the content is available via a Network File System (NFS) share.

Linux distribution

Both Debian and Ubuntu would be excellent choices for a good media server platform. Debian's stable release is regarded as rock solid and very reliable by the Linux community, although it's somewhat outdated. Both feature advanced networking and security, but what may come as a decisive factor in choosing between the two is that Plex Media Server has an ARM-compatible package for Debian. The media server package for Ubuntu is only available for Intel/AMD platforms. If we owned a small-factor, ARM processor-based appliance, Debian would be our choice. Otherwise, Ubuntu LTS would serve our purpose just as well.