How would a country's tax department not have a backup system that can handle this? Surely they would know they are a prime target, and so have air-gapped backups in addition to an automated backup process?
Check out NetBox. It is a free open source datacenter inventory management and IP address management tool. It will let you catalog all of your physical assets along with the network assignments.
You're going to need to be more specific about your use case, because if you say "enterprise grade" I'm going to say "poweredge", and those are not at all small.
I know. I felt while writing the post that this feels wrong writing those words in same sentence.
The scenario is that we would deploy the hardware on customer premises so it has to be supported and very reliable(hence enterprise grade).
But i personally think that all enterprise grade hardware is way overkill for running ansible playbooks. So was trying to see if there is an intersection point between these opposite requirements.
Your use case sounds like something a nuc or sff from minisforum could handle, but if you want "cheap" and "small enterprise," both ambiguous terms, the supermicro superservers should fit the bill.
You can basically get rack mount level performance from:
Supermicro SuperWorkstation Tower Servers
Lenovo Thinkstation P Series Server Towers
HPE ML series Tower Servers
Dell Precision Tower Workstations
In your situation, I'd be looking at ebay, serversupply, or other used hardware resalers that offer 2 generations back hardware. Used DDR4 based systems are abundant and cheap enough, go that route.
How to learn Windows? Years of pain and torture of course.
What to learn? Powershell, learn powershell.
Then as you follow along any guides or howtos for administrative tasks, try to search how to accomplish the same things in powershell. Take notes on your own powershell learnings. I keep all my windows administrative powershell one liners, scripts, and notes in the same digital notebook for quick reference and updating.
If you're already experienced with bash, like I was, learning powershell might be tough. As it was for me, I had trouble understanding why PS cmdlets seemed to hide data when piped... Format-table(ft) and Format-List(fl) help tremendously
Powershell remoting is still a pain in my ass in most places, I rarely use it.
YouTube! Don't necessarily look for YouTube powershell windows videos. Just the necessary tasks through the GUI will give you the correct direction to begin converting a process to PS. Learn how other Admins process tasks by watching them. Especially if it's an often repeated task try converting some or all of what they do in the video into PS equivalent.
With all of that said knowing powershell doesn't really help recovering from disasters. Knowing how to install windows and recover data from borked systems is a task best learned through battles. So, absolutely set up VMs and installed all manner of versions you'll be working with...that way you'll have familiarity with when things go wrong in them. I've yet to install windows 11 in a VM but I did try to install a copy onto a surface tablet only to learn the hard way that do ing so leaves the tablet without the drivers necessary for using the keyboard and touchscreen...weird need a custom built image or recovery image, great fun.
From an admin perspective one of the best things to lab out is setting up a standard SMB server stack, which is 2x domain controllers, 2x DHCP servers, a file server, and a couple of desktop VMs, then practice setting it up to be nicely locked down like in a standard corporate environment. For example:
redirect user directories to the file server and set permissions so only the user, admins and departmental managers can access files
setup departmental directories on the share with departmental and managerial permissions
setup group policies to lock down the desktops so that users just get a standard experience
But also make sure to set this up both in Windows Server with the full "Desktop Experience" as well as on Windows Server Core, and try to do so while following best practices with redundancy, network segmentation, etc. you could even get fancy and setup a remote site with redundant servers and replication to the remote site as well to experiment with how that works.
Then of course, once you have your virtual SMB network setup, try to break it. Fill up some of the VMs so it's out of disk space, corrupt one of the VMs and try to recover it, power off the servers when you shouldn't, cut some important virtual Ethernet connections and leave them severed for a while, or degrade the virtual ethernet connection and see what happens, delete the only domain controller and see what the best path to business continuity is, etc.
This covers a lot of the tickets and critical failures you'll see on a standard SMB network and will give you a good amount of exposure to a lot of what you'll work with in the "real world"
If you are using LDAP auth for your hypervisor (vsphere as an example) how do you auth after a kaboom event and your AD server VMs have not auto started.
I remember reading somewhere (prob /r/Sysadmin) that having one bare metal AD server just incase everything goes offline.
You use console to turn on embedded shell then Ctrl+Alt+Fn over to it (I forget whether it's on f1 or f2), then you can use esxcli and all the rest of that to fix it up.
Once you get enough networking/storage pieces sorted out you can get back into the management HTML UI and SSH
Then when you're done fixing, turn shell and SSH back off.
You connect directly to the ESXi host with root. Because you're going to have to boot up vCenter in addition to the DC anyway when you're using SSO. I would use DRS rules to prefer host1 for vCenter and the PDCe for that reason.
Only in the very early days of virtualization (2008-2012) did I recommend keeping a physical server around. I know a lot more now than I did then.
But anymore, I don't recommend using SSO for hypervisors or backup infrastructure. It's better to add another wall in front of an attacker trying to laterally move onto these critical platforms for ransom, data exfiltration, etc.
And in reality, these "kaboom events" aren't terribly common unless you've neglected some other part of your infrastructure.
Half the industry, if not more, is already seeking alternatives to vcenter, esxi, director, and the rest of the gang. Watch the install base shrinking going forward.
We are. Where I am, the money men are (rightly) scared and we're looking at our options. I'm currently assessing Kubernetes as an alternative. The benefits to containerization are too great to ignore, but if we go that route, the workload to migrate our services is definitely going to sting for the next few months. Thanks Broadcom....
How about Proxmox? It allows containers and VMs. Containers via LXC, but you could set your own VM to run docker/kubernetes etc.
Haven't had many chances to try Kuberbetes myself, so not sure the difference of advantages.
Yeah, I use Proxmox at home and however much I love the product, it's not really enterprise ready. There are too many missing features and 3rd party integrations that come as standard with vSphere. Our future is probably in microservices. The cost saving benefits of auto scaling, while also being vendor agnostic are very attractive.
Ye ol "free" hyper-v as well. Would probably be the next one I consider in a corporate environment after VMware just blew it's brains out. Containers are great, I run kubernetes at one on truenas scale but obviously it's Linux containers which may have some implications if the idea is to move everything off VMware to containers. Like if there are windows vms.
I'm not sure what you're talking about. That's how hyperv has always been deployed. Install Microsoft server, install hyperv role. It's a hypervisor. Does all the fancy things like clustering as well, through the fail over cluster manager where you can view all your hosts, move vms from host to host, configure your witnesses etc. It absolutely is a competitor in the esxi space, never had quite all the bells and whistles but it was good enough for most applications.
The standalone Hyper-V Server was last released for server 2019. Not only was this leaner than Server 2019 w/ the Hyper V role, it was available for free.
Sysadmin
Oldest
This magazine is not receiving updates (last activity 2 day(s) ago).