[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [SAGE] Strategies for taking ownership of existing infrastructure?
> -----Original Message-----
> From: owner-sage-members@usenix.org
> [mailto:owner-sage-members@usenix.org] On Behalf Of Jesús Couto
> I'm now the primary sysadmin dealing with Unix systems, somewhere. As
> such, I've find myself inheriting the current infrastructure... what
> that means?
>
> It means I have to support process & applications I dont know about &
> didnt install, and are not documented... basically, things "work", by
> virtue of being more or less evolved and hammered till they do, but I
> dont have a clear picture of ... well anything, and the way thing
> works is very brittle. One machine uses one mail server, another uses
> other that is not listed anywhere, DNS is not coherent either, with
> each machine configured to use either a differen server or its own
> /etc/hosts files... same for proxies, same for... everything. List of
> things "wrong" here is enourmous, mainly in the "this thing doesnt
> scale and sure it is not easy to transfer admin to anybody that was
> not here where the working hacks where put in place".
>
> I guess people here have found themselves in the same situation... I'm
> trying to organize my ideas at all levels (technical, practices &
> procedures, organization, "office politics") about how to get to own
> the place. So any tip or advice you can come up with is welcome.
Jesús,
I'm still in the same boat you are just getting into, and this is 5 years later!
What I've found to help was to realize that you can't expect to know, document or fix everything. When first I inherited the UNIX environment I took a quick look around to determine what was critical, both in terms of knowing and of fixing. Everything else would have to wait unless it was earth shattering - not to the user but to the company.
As for the knowing part, I set up an FAQ document for myself (and soon to be hired junior admin at that time) and as I discovered information, it was then documented right then and there. System details such as models, memory, disk usage were recorded and I installed Big Brother (which I was familar with at my previous employer) to start the monitoring so I knew when a problem cropped up. For the fixing part, it was looking for those items that have the greatest impact. Much like yourself, the communications infrastructure had "issues". Since some much revolves around DNS and mail, those there on my hit list for immediate fixing.
Most importantly I keep my boss in the loop and let him know what priorities I had set on each item. Sometimes my priorities didn't match the company's and scheduling had to be adjusted. Also, keep a line open to the users so they know what is going on and what may break. Something that helped me personally was a couple of whiteboards. I had 3 categories of work - today, this week and projects. That way I and anyone else could see what was at least planned.
I'm still dealing with issues since I've moved from UNIX administration as my primary focus to the network infrastructure and security. I'm still finding out about stuff done 6+ years ago that I'm surprised is still working.
Ken McKinlay, GCIA, CISSP
Network Security,
Curtiss-Wright Controls, Embedded Computing
ken.mckinlay@curtisswright.com