Sysadmin Manifesto

Here are some general guidelines for being a good sysadmin:

  • Whoever build/maintains the infrastructure is responsible for everything (and not the one who breaks/hacks it)
  • Don’t run outdated software, update your stuff on a regular basis
  • Subscribe to securitylists like oss-sec to get informed about new CVEs
  • Use configuration management for configuration and backups for business data
  • Don’t fuck up production, use testing/staging environments
  • Don’t build unsafe infrastructure because your boss tells you to do it
  • Don’t build infrastructure if you’ve got bad feeling about it, trust your instinct
  • If you don’t have any instinct, opinion or experience, ask others!
  • Don’t accept technical decisions from your boss if you don’t like them, discuss them
  • Always be friendly and honest, tell your boss your concerns, accept input/improvements from others
  • The integrity of the platform is more important than any single customer on it
  • Document your stuff and keep it stupid and simple (the KISS way)
  • Build smart infrastructures with proper sizing(hardware is maybe sufficient now, but will it work in a year as well?)
  • You will break something from time to time, this is okay
  • If you need to do maintenance work at night your infrastructure is broken, you should be able do it during business hours
  • Trust in yourself and your own work
  • Honor the CAP-theorem but keeping it KISS is more important
  • DRY – Don’t Repeat Yorself; automate everything that makes sense
  • Do not run shadow IT if the existing systems sucks, fix it! (or kill it)
  • Always be open minded for new technology – Always test it and collect technical argument for/against it before you decline it
  • Don’t be lazy or do stupid things just because other do it. Their bad behavior is no justification for your behavior and decisions
  • Play!

Please let my know if you’ve got further points for the list or if you disagree with any point.

This entry was posted in General, IT-Security, Nerd Stuff. Bookmark the permalink.

7 Responses to Sysadmin Manifesto

  1. bastelfreak says:

    I had a few talks with other sysadmins, they mentioned that it is also important to build smart infrastructure. Size it correctly to reduce maintenance costs, CAPEX, and lower the attack vector (less systems to attack => less potential security holes). I added:

    Build smart infrastructures with proper sizing

    Two other new points:

    You will break something from time to time, this is okay

    and

    If you need to do maintenance work at night, your infrastructure is broken, do it during business hours

  2. bastelfreak says:

    Another good topic:

    We were talking about publishing changes on a friday. My Opinion: You always need a good release strategy; after testing everything, you need to release it on one node, than on just a few with little customer impact and than on all nodes (Idea from Kristian Köhntopp). If you honor all other points from the sysadmin manifesto, you use this release strategy and when you trust your own work, than there should be no reason against releasing on a friday afternoon. There are many sysadmins out there who don’t trust in themself, this is a vary bad behavior if you’re not a junior anymore.

    I added the point:

    Trust in yourself and your own work

  3. bastelfreak says:

    During the first week of october the last puppetconf happend. The Cap-theorem was an important topic in many presentations. You always need to keep in mind that it is impossible to get 100% of consistency, availability, and partition tolerance. You need to honor this theorem and find a good combination of these three points.

    Many people forget the KISS Way and try to achive 100% of CAP, keep that in mind and avoid it.

    I added the point:

    Honor the CAP-theorem but keeping it KISS is more important

  4. Pingback: How to be a good Admin/DevOps/IT dude | the world needs more puppet!

  5. Pingback: DRY – Don’t Repeat Yorself | the world needs more puppet!

  6. bastelfreak says:

    I made a few updates:

    Build smart infrastructures with proper sizing -> Build smart infrastructures with proper sizing(hardware is maybe sufficient now, but will it work in a year as well?)

    If you need to do maintenance work at night your infrastructure is broken, do it during business hours -> If you need to do maintenance work at night your infrastructure is broken, you should be able do it during business hours

    And also another new point:
    Always be open minded for new technology – Always test it and collect technical argument for/against it before you decline it

  7. bastelfreak says:

    And Another update:

    Don’t be lazy or do stupid things just because other do it. Their bad behavior is no justification for your behavior and decisions

Leave a Reply to bastelfreak Cancel reply

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.