Lesson 1Backup strategies: full vs incremental, logical vs physical DB backups, filesystem vs application backups, retention policiesPlan reserve plans for servers and data stores, comparing complete and partial reserves, logical and physical ways, and file system against application-level methods. Set storage rules, encryption, and check practices for Eritrea.
Complete vs partial reserve plansLogical vs physical data store reservesFile system and application reservesReserve encryption and access limitsStorage plans and legal requirementsLesson 2Centralized logging: syslog vs logstash vs fluentd, log rotation, retention, index strategies, and sizing for an internal appStudy centralizing records for an inner app with syslog, Logstash, or Fluentd. Cover record gathering, turning, storage, index plans, and size planning to aid problem-solving and rule-following in Eritrean operations.
Picking record senders and gatherersPlanning record formats and extra infoRecord turning and storage rulesIndex plans for quick searchSizing storage and intake speedsLesson 3Designing a 4-node architecture: roles and separation (2 web servers, 1 app worker, 1 DB, optional central log/monitor)Plan a useful four-node structure with distinct role splits. Position two web servers, one app task, and one data store node, and think about adding central records and watching for visibility and strength in Eritrea.
Setting roles for each server nodeWeb level planning and reverse pathsApp task designs and linesData store position and linksAdding shared records and watchingLesson 4Network design: private networks, security groups, firewall rules, NAT, and routing between on-prem and cloudStudy planning secure, tough networks for mixed setups. Cover private subnetworks, security groups, firewall rules, NAT designs, and paths between local and cloud to aid growing server placements in Eritrea.
Planning private and public subnetworksSecurity groups and firewall rule planningNAT paths and outer net reachPaths between local and cloud networksNetwork splits for app levelsLesson 5Patch management: OS package lifecycle, configuration management tools (Ansible, Puppet, Salt), scheduled windows and rollback plansPlan and run patch handling for systems and apps. Study package cycles, using Ansible, Puppet, or Salt, setting upkeep times, testing enhancements, and readying return and contact plans for Eritrean servers.
System and package cycle ideasEmploying Ansible, Puppet, or SaltPatch testing and prep setupsSetting upkeep time slotsReturn plans and contactsLesson 6Access control and authentication: SSH key management, bastion host patterns, jumpboxes, VPN placement, MFA considerationsPlan secure access limits for servers with SSH keys, bastion hosts, and VPNs. Study key cycle handling, jumpbox designs, MFA joining, and recording admin reach for rule-following and event handling in Eritrea.
SSH key making and turningBastion hosts and jumpbox designsVPN position and flow pathsJoining MFA for admin reachChecking and recording remote talksLesson 7Restore testing: recovery drills, point-in-time restore for databases, RTO/RPO concepts and how to validate restoresGrasp proving reserves are workable via planned restore checks. Train in recovery practices, data store time-point restores, and check steps matched to RTO and RPO aims for key inner services in Eritrea.
Setting RTO and RPO aimsPlanning and running recovery practicesTesting data store time-point restoresChecking app-level restoresNoting and reviewing check outcomesLesson 8Runbooks and operational playbooks: creating and storing runbooks, change management, runbook examples for common tasksMake useful runbooks and operation guides for regular and urgent tasks. Study structure, storage, and change oversight, and check real examples for placements, restarts, event sorting, and return steps in Eritrea.
Runbook structure and needed detailsVersioning and storing runbooksChange oversight and approvalsRunbooks for usual upkeep tasksEvent reply and rise guidesLesson 9Basic monitoring and alerting architecture: metrics, logs, traces; choosing a monitoring stack (Prometheus, Grafana, Alertmanager, Nagios, Zabbix)Build a basic watching and alert structure using measures, records, and paths. Compare Prometheus, Grafana, Alertmanager, Nagios, and Zabbix, and plan alert rules, displays, and rise paths for inner services in Eritrea.
Main measures, records, path signalsPicking a watching tool setPlanning displays for operatorsAlert rules, limits, noise controlRise rules and on-call flowsLesson 10High-availability and redundancy tradeoffs for a mid-size internal app (load balancing, sticky sessions, session stores)Investigate high-readiness designs and extra tradeoffs for a medium inner app. Study load balancing choices, handling sticky talks, outer talk stores, and failure cases to weigh cost, complexity, and uptime in Eritrea.
Spotting readiness needsLoad balancer kinds and health checksSticky talks vs no-state designOuter talk stores and cachingFailure ways and soft drop
