Book Image

Mastering Ubuntu Server - Third Edition

By : Jay LaCroix
Book Image

Mastering Ubuntu Server - Third Edition

By: Jay LaCroix

Overview of this book

Ubuntu Server has taken data centers around the world by storm. Whether you're deploying Ubuntu for a large-scale project or for a small office, it is a stable, customizable, and powerful Linux distribution with innovative and cutting-edge features. For both simple and complex server deployments, Ubuntu's flexible nature can be easily adapted to meet to the needs of your organization. This third edition is updated to cover the advancements of Ubuntu 20.04 LTS and further train you to understand how to use Ubuntu Server, from initial deployment to creating production-ready resources for your network. The book begins with the concepts of user management, group management, and file system permissions. Continuing into managing storage volumes, you will learn how to format storage devices, utilize logical volume management, and monitor disk usage. Later, you will learn how to virtualize hosts and applications, which will include setting up QEMU & KVM, as well as containerization with both Docker and LXD. As the book continues, you will learn how to automate configuration with Ansible, as well as take a look at writing scripts. Lastly, you will explore best practices and troubleshooting techniques when working with Ubuntu Server that are applicable to real-world scenarios. By the end of this Ubuntu Server book, you will be well-versed in Ubuntu server’s advanced concepts and attain the required proficiency needed for Ubuntu Server administration.

Related Content you might be interested in

Current Title:

Small book image
Mastering Ubuntu Server - Third Edition
Jay LaCroix
Dec, 2020 | 702 pages
Small book image
Linux for System Administrators
Viorel Rudareanu | Daniil Baturin
Sep, 2023 | 294 pages
Small book image
Mastering Linux Administration
Alexandru Calcatinge | Julian Balog
Jun, 2021 | 772 pages
Small book image
CentOS Quick Start Guide
Shiwang Kalkhanda
Dec, 2018 | 320 pages
Table of Contents (26 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Deploying Ubuntu Server
Deploying Ubuntu Server
Technical requirements
Determining your server's role
Setting up our server
Obtaining installation media
Creating a bootable flash drive
Installing Ubuntu Server
Installing Ubuntu on a Raspberry Pi
Summary
Further Reading
Free Chapter
2
Managing Users and Permissions
Managing Users and Permissions
Understanding users and groups
Understanding when to use root
Creating and removing users
Understanding the /etc/passwd and /etc/shadow files
Distributing default configuration files with /etc/skel
Switching users
Managing groups
Managing passwords and password policies
Configuring administrator access with sudo
Setting permissions on files and directories
Summary
Further reading
3
Managing Software Packages
Managing Software Packages
Understanding Linux package management
Understanding the differences between Debian and Snap packages
Installing and removing software
Searching for packages
Managing package repositories
Backing up and restoring Debian packages
Cleaning up orphaned apt packages
Taking advantage of hardware enablement updates
Summary
Further reading
4
Navigating and Essential Commands
Navigating and Essential Commands
Learning essential Linux commands
Understanding the Linux filesystem layout
Viewing the contents of files
Viewing application log files
Summary
Further reading
5
Managing Files and Directories
Managing Files and Directories
Copying, moving, and renaming files and directories
Editing files with the Nano and Vim text editors
Input and output streams
Using symbolic and hard links
Summary
Further reading
6
Boosting Your Command-line Efficiency
Boosting Your Command-line Efficiency
Understanding the Linux shell
Understanding Bash history
Learning some useful command-line tricks
Understanding variables
Writing simple scripts
Putting it all together – Writing an rsync backup script
Summary
Further reading
7
Controlling and Managing Processes
Controlling and Managing Processes
Managing jobs
Understanding the ps command
Changing the priority of processes
Dealing with misbehaving processes
Managing system processes
Scheduling tasks with cron
Summary
Further reading
8
Monitoring System Resources
Monitoring System Resources
Viewing disk usage
Monitoring memory usage
Understanding load average
Viewing resource usage with htop
Summary
Further reading
9
Managing Storage Volumes
Managing Storage Volumes
Adding additional storage volumes
Formatting and partitioning storage devices
Mounting and unmounting volumes
Understanding the /etc/fstab file
Backing up and restoring volumes
Utilizing LVM
Summary
Further reading
10
Connecting to Networks
Connecting to Networks
Setting the hostname
Managing network interfaces
Assigning static IP addresses
Understanding Linux name resolution
Getting started with OpenSSH
Getting started with SSH key management
Simplifying SSH connections with a config file
Summary
Further reading
11
Setting Up Network Services
Setting Up Network Services
Planning your IP address scheme
Setting up a DHCP server for serving IP addresses
Adding a DNS server
Setting up an internet gateway
Keeping your clock in sync with NTP
Summary
Further reading
12
Sharing and Transferring Files
Sharing and Transferring Files
File server considerations
Sharing files with Windows users via Samba
Setting up NFS shares
Transferring files with rsync
Transferring files with SCP
Mounting remote directories with SSHFS
Summary
Further reading
13
Managing Databases
Managing Databases
Preparations for setting up a database server
Installing MariaDB
Understanding the MariaDB configuration files
Managing MariaDB databases
Setting up a secondary database server
Summary
Further reading
14
Serving Web Content
Serving Web Content
Installing and configuring Apache
Installing additional Apache modules
Securing Apache with TLS
Installing and configuring NGINX
Setting up failover with keepalived
Setting up and configuring Nextcloud
Summary
Further reading
15
Automating Server Configuration with Ansible
Automating Server Configuration with Ansible
Understanding the need for configuration management
Why Ansible?
Creating a Git repository
Getting started with Ansible
Making your servers do your bidding
Putting it all together – automating web server deployment
Using Ansible's pull method
Summary
Further reading
16
Virtualization
Virtualization
Prerequisites and considerations
Setting up a virtual machine server
Creating virtual machines
Bridging the virtual machine network
Simplifying virtual machine creation with cloning
Managing virtual machines via the command line
Summary
Further reading
17
Running Containers
Running Containers
What is containerization?
Understanding the differences between Docker and LXD
Installing Docker
Managing Docker containers
Automating Docker image creation with Dockerfiles
Managing LXD containers
Summary
Further reading
18
Container Orchestration
Container Orchestration
Container orchestration
Preparing a lab environment for Kubernetes testing
Utilizing MicroK8s
Setting up a Kubernetes cluster
Deploying containers via Kubernetes
Summary
Further reading
19
Deploying Ubuntu in the Cloud
Deploying Ubuntu in the Cloud
Understanding the difference between on-premises and cloud infrastructure
Important considerations when considering cloud computing as a potential solution
Becoming familiar with some basic AWS concepts
Creating an AWS account
Choosing a region
Deploying Ubuntu as an AWS EC2 instance
Creating and deploying Ubuntu AMI images
Automatically scaling Ubuntu EC2 deployments with Auto Scaling
Keeping costs down: understanding how to save money and make cost-effective decisions
Taking cloud further: additional resources to grow your knowledge
Summary
Further reading
20
Automating Cloud Deployments with Terraform
Automating Cloud Deployments with Terraform
Why it's important to automate your infrastructure
Introduction to Terraform and how it can fit within your workflow
Installing Terraform
Automating an EC2 instance deployment
Managing security groups with Terraform
Using Terraform to destroy unused resources
Combining Ansible with Terraform for a full deployment solution
Summary
21
Securing Your Server
Securing Your Server
Lowering your attack surface
Understanding and responding to CVEs
Installing security updates
Automatically installing patches with the Canonical Livepatch service
Monitoring Ubuntu servers with Canonical's Landscape service
Securing OpenSSH
Installing and configuring Fail2ban
MariaDB best practices for secure database servers
Setting up a firewall
Encrypting and decrypting disks with LUKS
Locking down sudo
Summary
Further reading
22
Troubleshooting Ubuntu Servers
Troubleshooting Ubuntu Servers
Evaluating the scope
Conducting a root cause analysis
Viewing system logs
Tracing network issues
Troubleshooting resource issues
Diagnosing defective RAM
Summary
Further reading
23
Preventing Disasters
Preventing Disasters
Preventing disasters
Utilizing Git for configuration management
Implementing a backup plan
Replacing failed RAID disks
Utilizing bootable recovery media
Summary
Further reading
24
Another Book You May Enjoy
Another Book You May Enjoy
25
Index
Index

Understanding when to use root

In the last chapter, we set up our very own Ubuntu Server installation. During the installation process, we were instructed to create a user account to act as a system administrator. So, at this point, we should have at least two users on our server. We have the aforementioned administrative user, as well as root. We can certainly create additional user accounts with varying levels of access (and we will do so in this chapter), but before we get to that, some discussion is in order regarding the administrator account you created, as well as the root user that was created for you.

The root user account exists on all Linux distributions and is the most powerful user account on the planet. The root user account can be used to do anything within your server, and I do mean anything. Want to create files and directories virtually anywhere on the filesystem? Want to install software? These processes are easily performed with root. The root account can even be used to destroy your entire installation with one typo or ill-conceived command: if you instruct root to delete all the files on your entire hard disk, it won't hesitate to do so. It's always assumed on a Linux system that if you are using root, you are doing so because you know what you are doing. So, there's often not so much as a confirmation prompt while executing any command as root. It will simply do as instructed, for better or worse.

It's for this reason that every Linux distribution I've ever used states, or at least highly recommends, that you should create a standard user during the installation process. It's generally recommended in the Linux community for an administrator to have their own account and then switch to root whenever a task comes up that requires root privileges to complete. This approach is less likely to destroy your server with an accidental typo or bad command while you're logged in as root. Some administrators will strictly use root at all times without any issue, but again, it's recommended to use root only when you have to.

Most distributions ask you to create a root password during installation in order to protect that account. Even Debian (on which Ubuntu is based) has you set a root password during installation. Ubuntu just decides to do things a little bit differently. The reason for this is because, unlike many other distributions, Ubuntu defaults to locking out the root account altogether. There's nothing stopping you from enabling root, or switching to the root user after you log in. Being disabled by default just means the root account isn't as easily accessible as it normally would be. I'll cover how to enable this account later in this chapter, should you feel the need to do so.

An exception to this rule is that some VPS providers, such as DigitalOcean, will enable the root account even on their Ubuntu servers. Typically, the root password will be randomly generated and emailed to you. However, you should still create a user for yourself with administrative access regardless.

Instead of using root outright, Ubuntu (as well as its server version) recommends the use of sudo.

Using sudo to run privileged commands

I'll go over how to manage sudo later on in this chapter, but for now, just keep in mind that the purpose of sudo is to enable you to use your user account to do things that normally only root would be able to do. For example, as a normal user, you cannot issue a command such as the following to install a software package:

apt install tmux

Instead, you'll receive an error:

E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?

But if you prefix the command with sudo (assuming your user account has access to it), the command will work just fine:

sudo apt install tmux

When you use sudo, you'll be asked for your user's password for confirmation, and then the command will execute. Subsequent commands prefixed with sudo may not prompt for your password, as it will cache your password for a short period of time until it times out or the terminal is closed. Understanding this should clarify the usefulness of the user account you created during installation. I referred to this user as an administrative account earlier, but it's really just a user account that is able to utilize sudo.

Ubuntu Server automatically gives the first user account you create during installation access to sudo.

The intent is that you'll use that account to administer the system, rather than root. When you create additional user accounts, they will not have access to sudo by default, unless you explicitly grant it to them.

Previous Section
End of Section 3
Next Section