Book Chapters

A bird's eye view of high-level concepts when it comes to provisioning, configuration management, and application deployment.

Before dispatching to clouds, we buckle up and get everyone familiar with standard streams, pipes, and other shell basics.

The theoretical foundation for understanding a multi-server setup, networking utilities, webserver configuration, and firewalls. A local and Internet addressing.

Connecting to our first virtual private server. Getting familiar with the SSH protocol and its public key encryption. Configuring SSH on client and server.

A hands-on exploration of a newly created virtual machine with a focus on networking. We'll learn about network interfaces, IP addresses, ports, and sockets in a more practical way.

Installation and configuration of software from package repositories. Automating configuration management with Bash.

A brief look at what filesystems are and the filesystem layout in Linux. Where do files go, and where will our applications live?

Priviledged and unprivileged access. Implementing user roles with Linux users and groups.

Exploring the Linux discreet permission system and Access Control List to set ownership and limit access for services on the system.

A closer look at Linux processes. CPU and virtual memory, background processes, monitoring, debugging, systemd, system logging, and scheduled processes.

Kinds of web servers. Setting up NGINX as a web server and a reverse proxy. Automating log rotation.

A closer look at DNS services and working with TLS certificates. Self-signed and Let's Encrypt.

Building imaginary walls with firewalld. Editing and defining zones to manage risk expectations.

Building a simple convention over configuration Bash framework to configure servers.

Exploring version managers of popular programming languages, isolating application dependencies.

Concurrency, threading, logging, and other considerations for a good application server configuration. Notes on Puma and Gunicorn configuration.

Learning to write systemd unit files to run application services. Working with cgroups. System and user systemd services.

Running PostgreSQL and Redis in production. Installation, configuration, client configuration. Backups and restores.

A closer look at often overlooked Security-Enhanced Linux. Understanding the targeted policy and contexts. Fixing SELinux violations.

Discussing local, block, and object storage. Implementing network filesystems with NFS.

Data collection, compression, and encryption for frictionless data backups and restores.

Secret management. Environment files and Rails Encrypted Credentials.

Discussing deployment and post-deployment tasks. Making a Heroku-like git-push deployment.

Sending and receiving email. Discussing email delivery and implementation.

A primer on Linux containers. Building and running containers with Docker and Podman. Rootless and caching considerations.

What did you learn and where to go next from here?