CentOS Stream: Enterprise Linux Administration and Infrastructure Modernization Training Course

CentOS Stream Architecture and Release Philosophy

• Understanding the CentOS Stream rolling-release model in comparison to point release distributions.
• The relationship between CentOS Stream and Red Hat Enterprise Linux upstream development.
• Naming conventions, stream repositories, and content versioning strategies.
• Selecting and switching between multiple streams to ensure application compatibility.

Installation and Automated Deployment

• Walkthrough of the interactive Anaconda graphical and text-based installer.
• Utilizing Kickstart files for fully automated unattended installations.
• PXE network boot and TFTP-based network-install workflows.
• Containerized and cloud-init-based provisioning for cloud deployments.
• Partitioning strategies and filesystem selection, including defaults such as Btrfs and XFS.

Package Management and Module Streams

• Advanced DNF operations, transaction management, and dependency resolution.
• Leveraging module streams for flexible software versions and language runtimes.
• Repository configuration, GPG signing verification, and creation of custom repositories.
• Content views and errata tracking for comprehensive enterprise update management.

System Service Management with systemd

• Understanding systemd targets, units, and the dependency graph.
• Creating, enabling, and debugging custom service units.
• Journal logging, log rotation, and persistent log storage strategies.
• Resource control via systemd slices and resource manager policies.
• Kdump crash dump configuration and handling kernel panics.

Modern Network Configuration

• Essential network configuration using the NetworkManager CLI and CUI.
• Configuring interface bonding, bridges, VLANs, and teaming.
• Utilizing Firewalld rich rules, zones, services, and port forwarding.
• Managing IPv6 routing, firewall rules, and DNS resolution via systemd-resolved.
• Employing network debugging tools and packet capture techniques.

Container and Pod Infrastructure

• Comparing Podman to Docker: fundamentals of daemonless container workflows.
• Creating container images with Buildah without requiring a Dockerfile or daemon.
• Deploying rootless containers and managing user namespace mappings.
• Utilizing Red Hat Universal Base Images and Alpine-based lightweight containers.
• Managing storage drivers, volume mounts, and inter-container network communication.
• Monitoring container lifecycles using skopeo and crun.

Security Hardening

• Configuring SELinux in enforcing mode, managing policies, and troubleshooting audits.
• Designing hardened zones and composing rules within Firewalld.
• Implementing SSH hardening, key-based authentication, and bastion host setups.
• Enforcing password policies, configuring PAM modules, and managing privilege escalation via sudo.
• Configuring and validating FIPS 140-2/140-3 compliance.
• Executing kernel live patching and CVE remediation workflows.

Storage and Filesystem Management

• Dynamic capacity planning using LVM2 logical volume management.
• Managing Btrfs snapshots, subvolumes, and auto-decompression features.
• Configuring NFS and Samba file sharing services.
• Achieving SAN storage redundancy and failover through Multipath I/O.
• Implementing disk encryption with LUKS and automated unlocking via initramfs.

System Monitoring and Kernel Management

• Monitoring performance using sar, top, and perf profiling tools.
• Debugging system services with strace, ltrace, and GDB.
• Managing kernel updates, bootloader configuration, and customizing GRUB2.
• Handling system state management and conducting crash analysis.

Automation and Infrastructure as Code

• Designing Ansible inventories for managing CentOS Stream hosts.
• Implementing automated patching and compliance drift detection workflows.
• Utilizing IaC modules for large-scale configuration management.
• Developing provisioning playbooks and deployment orchestration strategies.