System administrator

From Wikipedia, the free encyclopedia (Redirected from System Administration) Jump to: navigation, search For the privileged user account, see superuser. This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (August 2010) System administrator

A professional system administrator in a server room at a data center. Occupation System administrator, systems administrator, sysadmin, IT Names professional Activity sectors Information technology Description System administration, network management, analytical skills, Competencies critical thinking and Microsoft Windows Varies from apprenticeship to Education Masters degree required

A system administrator, or sysadmin, is a person who is responsible for the upkeep, configuration, and reliable operation of computer systems; especially multi-user computers, such as servers. The system administrator seeks to ensure that the uptime, performance, resources, and security of the computers he or she manages meet the needs of the users, without exceeding the budget. To meet these needs, a system administrator may acquire, install, or upgrade computer components and software; automate routine tasks; write computer programs; troubleshoot; train and/or supervise staff; and provide technical support.

Contents

1 Related fields 2 Training 3 Skills 4 Duties 5 See also 6 References 7 Further reading 8 External links

Related fields
Many organizations staff other jobs related to system administration. In a larger company, these may all be separate positions within a computer support or Information Services (IS) department. In a smaller group they may be shared by a few sysadmins, or even a single person.

A database administrator (DBA) maintains a database system, and is responsible for the integrity of the data and the efficiency and performance of the system. A network administrator maintains network infrastructure such as switches and routers, and diagnoses problems with these or with the behavior of network-attached computers. A security administrator is a specialist in computer and network security, including the administration of security devices such as firewalls, as well as consulting on general security measures. A web administrator maintains web server services (such as Apache or IIS) that allow for internal or external access to web sites. Tasks include managing multiple sites, administering security, and configuring necessary components and software. Responsibilities may also include software change management. A computer operator performs routine maintenance and upkeep, such as changing backup tapes or replacing failed drives in a RAID. Such tasks usually require physical presence in the room with the computer; and while less skilled than sysadmin tasks require a similar level of trust, since the operator has access to possibly sensitive data. A postmaster administers a mail server.

A Storage (SAN) Administrator. Create, Provision, Add or Remove Storage to/from Computer systems. Storage can be attached local to the system or from a Storage Array Network (SAN)[1] or Network Attached Storage (NAS).[2] Create File Systems from newly added storage.

In some organizations, a person may begin as a member of technical support staff or a computer operator, then gain experience on the job to be promoted to a sysadmin position. Internap Home / Industry Insights / 5 best practices for successful system administration

Blog
Intelligent IT Infrastructure solutions that deliver unmatched performance and platform flexibility

5 best practices for successful system administration

04.10.2013 By:Andrew Boring

For successful system administration, you need more than just the required technical skills. Below is a list of five slightly non-technical abilities that should be developed in order to become the best system admin ever. 1. Monitor, measure, and record. Yes, you know what the swap usage is today because theres a problem with the disks thrashing and its causing the server to go slow. But your users are complaining to management that its an ongoing issue and now management is asking you for data. What, you havent been documenting this, so its now your word against Sales and Marketing? Guess who wins that argument by default? Youre responsible for the system, so they will make this your problem. So get/build/buy a system to monitor, measure, and record that data so you can build pretty powerpoint slides for finance next time you need to ask for hardware upgrades, or to prove that the issues are caused by bad software rather than your perfectly functioning servers. Even if you are just running a single server for an employer, a client, or even yourself, its good data to have for some unforeseen reason someday.

A shortlist of things to start monitoring/recording/charting/graphing:

Load average Memory usage Disk I/O (transactions per second) Network throughput (in Mbits/sec) Network throughput per virtual host/site Transfer (in GB/month) Transfer per virtual host Disk storage (monthly in GB) and also daily rolling average if files are uploaded and deleted regularly) Average response time of test URI under your control (in milliseconds) Average response time of a PHP (or Ruby/Python/etc.) page under your control that does not change. Testing real web pages gives you a consistent baseline that you can use to narrow the problem to the server, the OS, or the web code itself. SSH logins per day/month by user and IP address Anything you feel is necessary, or will get questions on later

Once you have consistent information, youll start seeing patterns and can look for things out of the ordinary. Its also good for correlating data to behaviors when youre troubleshooting issues and arent sure where to start. 2. Develop project management habits. Even for small, one-person projects. Write up a small scope of work, write requirements, get sign-off from stakeholders on their expectations, plan a schedule, and record your activities. Write up a postmortem document at the end. Even if its just for yourself. It doesnt have to be fancy, and it certainly doesnt have to be formal PMBoK activities. It may seem bureaucratic managing all that paper and it may seem like youre spending more time on paperwork than sysadminning, but it helps keep you organized when your boss hands you random high-priority assignment that strays you from your task. Its also handy when you build a new system and users complain that it doesnt do what they wanted it to do. See? You got their sign-off on the requirements document right there Even if its just for yourself, one day youll ask yourself, now why on earth did I install Acme::Phlegethoth on this server? Oh yeah, it was for that weird commune who needs it for their application code 3. Develop a system for day-to-day work. Again, this may seem bureaucratic, but if you spend your days just doing stuff without a ToDo list, you may find it difficult to explain to your boss next week exactly what youve been doing with your time. Ive become a fan of Kanban boards lately because its a visual device that your boss (or anyone who assigns you work) can interact with. Lets say Ive got three items I plan to work on today that should fill up my 8 hours. Oh, you need me work on this other item instead? Yes sir! Here is what I planned to work on today. Which one should I deprioritize in favor of this one? Oh, so its more important than this one, but not as important as these two? Thats fine, I can requeue that lower priority one and get to it later. This helps set expectations.

I know of one graphic designer who used it to coordinate her work between three competing project managers. If one asked her to prioritize something, shed show him her board and send him to the other project managers to negotiate the conflict and coordinate their deadlines. Even if no one else looks at your board but you, it helps to keep you organized. 4. Develop communications skills (sales, presentation, etc). It took me a while to really understand why this is important. Yes, today you just want to sit in a server room, keep things running, and look at Lolcats. But tomorrow, you may have other people assisting (or working for) you. You need to be able to communicate expectations. You need to propose and advocate your ideas (great ideas never stand on their own merit unless and until they are properly communicated), to your peers or to management. Maybe you need to convince someone that they need to upgrade the web server. Maybe you need to explain your new server proposal that will fix all their problems. Maybe you need to convince the developer that his code is really causing those memory leaks, but you need to present it in a non-accusatory manner. Im personally a big fan of Toastmasters for this, as its the cheapest and most effective way to improve your ability to communicate. 5. Start preparing for what if scenarios. Your servers will crash. Your servers will be hax0r3d. Your backups will be corrupted. So start figuring out how to react when that happens. One of the unhappiest days of my life was when my personal server was r00t3d. I did all the right things, but the attackers were more dedicated to getting in than I was in keeping them out. How do you remove a rootkit after its discovered? I didnt know then, because I never asked the question (remember? I thought I did all the right things to prevent it in the first place). You can bet I certainly know now! What happens when the server dropped off the network because of a power outage, and now its saying kernel not found? What happens when your client or internal user asks for you to restore a backup, and the backup is corrupted? You may not get all the answers to these until you actually experience them first-hand, but its better to start asking the questions now and not when you have angry people yelling at you. Also, once you start asking the questions, you can start setting up self-training scenarios to test it. Set up a test box and remove the kernel. See if you can get it back to operational. Try and get someone to install a rootkit on it, or at least do a bunch of stuff that you have to troubleshoot and fix. B

System Backup
Backing up Definition Center data is perhaps the most important function that an iRise Administrator can perform. The information below covers this process at a high level. For more detailed information, including instructions for setting up automated backups, we strongly recommend that you refer to the iRise Knowledgebase article entitled "Best Practices for Backing Up Definition Center Data."

Backing Up Project Data

There are three options for backing up Definition Center projects:

Periodically export projects as iDocs and store the exported files in a secure location. Copy the current version of each project to a new folder in the Definition Center so two copies of each project exist: a working copy and a backup (make sure you name the folders and projects accordingly). Use backup software that can restore the Definition Center folder structure (keep in mind that restoring data from an external backup system could overwrite "good" data; unless your backup software can restore individual files reliably, system restore procedures should be considered a last resort for catastrophic failures only).

Exporting iDocs and saving them in a location other than the Definition Center server will prevent complete data loss if the Definition Center server fails. This also reduces the load on the system by keeping the total number of projects down to a minimum.

Backing Up Configuration Settings

To backup the basic configuration information for your Definition Center backup the irise.properties and server.xml files located in the x:\iRise\DefCenter\Tomcat\conf folder. These contain most of the settings for your Definition Center.

If your server is running SSL, we also recommend backing up a few additional files: x:\iRise\DefCenter\Tomcat\conf\keystore.jks (from a default installation and standard SSL configuration) and x:\iRise\DefCenter\_jvm\lib\security\cacerts. If your server is protected with a certificate from a Certificate Authority (either a Trusted Root CA or your organization's own internal Certificate Authority) you should also make sure you have a copy of the certificate saved in the event you need to restore to a different machine.

If your Definition Center server is running version 8.0.0 or earlier of the software and is configured to use the LDAP integration, you should also backup the following file: x:\iRise\DefCenter\Tomcat\webapps\iRise\WEB-INF\user.properties.

Restarting the Definition Center

Several administrative tasks involving Definition Center require that you restart the Definition Center service in order for any changes to take effect. These tasks include the following:

Installing a Definition Center license key Setting up LDAP or SSL Making changes to server settings: Event Logging, Login Settings, and Email/SMTP Settings

Scheduled Restarts

It is also recommended that both the Definition Center service and the physical server be restarted on a regular basis to prevent performance issues.

iRise Definition Center Service: iRise Definition Center runs as a system service on the server machine. We recommend that you schedule the Definition Center service to be restarted once a week. Users should be informed of this schedule to prevent lost data.

The steps to set up the stop/start for the Definition Center service are very simple. You can set up Scheduled Tasks on the server to call the two batch files stop.bat and start.bat located in the x:\iRise\DefCenter\Tomcat\bin directory. This will restart the Definition Center.

Server Machine: You should also set a schedule to restart the server (the physical computer), again as a preventative measure against Windows stability and memory allocation issues. Ideally, you would set this up to happen at least once a month (more frequently if possible). You might pick the last Sunday of the month, and let everyone know the schedule for this as well.

Demonstration

The following demonstration will walk you through the steps of manually restarting the Definition Center service.

Upgrading the Definition Center

As an iRise Administrator, you will most likely need to upgrade your Definition Center at least once. This topic covers key information related to this process. For more detailed information, we strongly recommend that you refer to the iRise Knowledgebase article entitled "Best Practices: Upgrading a Definition Center."

When new versions or updates become available, iRise Customer Support will send an email message to inform iRise Administrators. The message will contain:

A list of the enhancements A link to the download site Upgrade/conversion information

Studio users will not be able to connect to the Definition Center if their Studio client version does not match the Definition Center version. Timing and communication are therefore critical when installing product upgrades.

The process for downloading and installing a Definition Center upgrade is essentially the same as the initial installation process. As you run the installer, it will check for previous installations and use the system information for the current Definition Center to configure the upgrade. If you need to change any of this information, you can do so by modifying the irise.properties file, which gets installed by default into the x:\iRise\DefCenter\Tomcat\conf folder, and then restarting the iRise Definition Center service.

Before upgrading Definition Center, make sure that all projects are backed up and checked in.

To install a new License Key:

1. Stop the Definition Center service. 2. Rename the old license file to irise-MM-DD-YYYY.license. The location of your Definition Center License Key should be x:\iRise\DefCenter\.