CentOS Stream: Enterprise Linux Administration and Infrastructure Modernization Training Course

CentOS Stream Architecture and Release Philosophy

• Understanding the distinction between the CentOS Stream rolling-release model and point-release distributions.
• The relationship between CentOS Stream and Red Hat Enterprise Linux upstream development.
• Naming conventions, stream repositories, and content versioning strategies.
• Selecting and switching between multiple streams to ensure application compatibility.

Installation and Automated Deployment

• Walkthrough of the interactive Anaconda graphical and text-based installer.
• Utilizing Kickstart files for fully automated, unattended installations.
• PXE network boot and TFTP-based network installation workflows.
• Containerized and cloud-init-based provisioning for cloud deployments.
• Partitioning strategies and filesystem selection, including defaults such as Btrfs and XFS.

Package Management and Module Streams

• Advanced DNF operations, transaction management, and dependency resolution.
• Leveraging module streams for flexible software versions and language runtimes.
• Repository configuration, GPG signing verification, and creation of custom repositories.
• Content views and errata tracking for effective enterprise update management.

System Service Management with systemd

• Understanding systemd targets, units, and the dependency graph.
• Creating, enabling, and debugging custom service units.
• Journal logging, log rotation, and persistent log storage.
• Resource control via systemd slices and resource manager policies.
• Kdump crash dump configuration and kernel panic handling.

Modern Network Configuration

• Essentials of NetworkManager CLI and CUI configuration.
• Configuring interface bonding, bridges, VLANs, and teaming.
• Firewalld rich rules, zones, services, and port forwarding.
• IPv6 routing, firewall rules, and DNS resolution via systemd-resolved.
• Network debugging tools and packet capture techniques.

Container and Pod Infrastructure

• Podman versus Docker: fundamentals of daemonless container workflows.
• Building container images with Buildah without using Dockerfiles or a daemon.
• Deploying rootless containers and configuring user namespace mappings.
• Utilizing Red Hat Universal Base Images and Alpine-based lightweight containers.
• Managing storage drivers, volume mounts, and inter-container network communication.
• Container lifecycle management and monitoring using skopeo and crun.

Security Hardening

• Configuring SELinux enforcing mode, managing policies, and auditing troubleshooting.
• Designing hardened zones and composing rules in Firewalld.
• SSH hardening, key-based authentication, and setting up bastion hosts.
• Enforcing password policies, PAM modules, and privilege escalation via sudo.
• Configuring and validating FIPS 140-2/140-3 compliance.
• Implementing kernel live patching and CVE remediation workflows.

Storage and Filesystem Management

• Dynamic capacity planning with LVM2 logical volume management.
• Managing Btrfs snapshots, subvolumes, and auto-decompression features.
• Configuring NFS and Samba file sharing services.
• Multipath I/O for SAN storage redundancy and failover capabilities.
• Disk encryption with LUKS and automated unlocking via initramfs.

System Monitoring and Kernel Management

• Performance monitoring using sar, top, and perf profiling tools.
• Debugging system services with strace, ltrace, and GDB.
• Managing kernel updates, bootloader configurations, and GRUB2 customization.
• System state management and crash analysis techniques.

Automation and Infrastructure as Code

• Designing Ansible inventory for CentOS Stream host management.
• Automated patching and compliance drift detection workflows.
• IaC modules for scalable configuration management.
• Provisioning playbooks and deployment orchestration strategies.