CentOS Stream: Enterprise Linux Administration and Infrastructure Modernization Training Course

CentOS Stream Architecture and Release Strategy

• Analyzing the CentOS Stream rolling-release model in comparison to traditional point-release distributions.
• Examining the upstream development relationship between CentOS Stream and Red Hat Enterprise Linux.
• Reviewing naming conventions, stream repositories, and content versioning strategies.
• Evaluating methods for selecting and transitioning among multiple streams to ensure application compatibility within government environments.

Installation and Automated Deployment Procedures

• Utilizing the interactive Anaconda graphical and text-based installers.
• Implementing Kickstart files for fully automated, unattended installations.
• Configuring PXE network boot and TFTP-based network installation workflows.
• Deploying containers and utilizing cloud-init for cloud-based provisioning.
• Establishing partitioning strategies and selecting file systems, including Btrfs and XFS defaults.

Package Management and Module Streams

• Executing advanced DNF operations, including transaction management and dependency resolution.
• Leveraging module streams to support flexible software versions and language runtimes.
• Configuring repositories, verifying GPG signatures, and establishing custom repository sources.
• Monitoring content views and errata for enterprise update management in federal IT systems.

System Service Management with systemd

• Understanding systemd targets, units, and dependency graphs.
• Creating, enabling, and troubleshooting custom service units.
• Managing journal logging, log rotation, and persistent log storage.
• Implementing resource control through systemd slices and resource management policies.
• Configuring Kdump for crash dump capture and kernel panic handling.

Modern Network Configuration

• Configuring network interfaces using NetworkManager command-line and text-based user interfaces.
• Implementing interface bonding, bridging, VLAN tagging, and teaming configurations.
• Defining firewalld rich rules, zones, services, and port forwarding policies.
• Managing IPv6 routing, firewall rules, and DNS resolution via systemd-resolved.
• Employing network debugging tools and packet capture techniques for troubleshooting.

Container and Pod Infrastructure

• Comparing Podman and Docker, focusing on daemonless container workflows.
• Creating container images with Buildah without requiring a Dockerfile or daemon.
• Deploying rootless containers and configuring user namespace mappings.
• Utilizing Red Hat Universal Base Images and Alpine-based lightweight containers.
• Managing storage drivers, volume mounts, and inter-container network communication.
• Overseeing container lifecycle management and monitoring using skopeo and crun.

Security Hardening Measures

• Configuring SELinux enforcing mode, managing policies, and auditing troubleshooting logs.
• Designing hardened firewalld zones and composing appropriate access rules.
• Harden SSH configurations, implement key-based authentication, and establish bastion host architectures.
• Enforcing password policies, configuring PAM modules, and managing privilege escalation via sudo.
• Configuring and validating compliance with FIPS 140-2/140-3 standards.
• Executing kernel live patching and vulnerability remediation workflows for CVEs.

Storage and Filesystem Management

• Using LVM2 logical volume management for dynamic capacity planning.
• Managing Btrfs snapshots, subvolumes, and auto-decompression features.
• Configuring NFS and Samba file-sharing services.
• Implementing Multipath I/O for SAN storage redundancy and failover capabilities.
• Encrypting disks with LUKS and automating unlock processes via initramfs.

System Monitoring and Kernel Management

• Monitoring system performance using sar, top, and perf profiling tools.
• Debugging system services with strace, ltrace, and GDB.
• Managing kernel updates, bootloader configuration, and GRUB2 customization.
• Analyzing system state and conducting crash analysis for incident response.

Automation and Infrastructure as Code

• Designing Ansible inventories for CentOS Stream host management in government IT operations.
• Automating patching processes and detecting compliance drift.
• Deploying Infrastructure as Code modules for configuration management at scale.
• Developing provisioning playbooks and deployment orchestration strategies.