“Fundamentally, it’s what happens when you ask a software engineer to design an operations function…So SRE is fundamentally doing work that has historically been done by an operations team, but using engineers with software expertise, and banking on the fact that these engineers are inherently both predisposed to, and have the ability to, substitute automation for human labor.”
- What is a Site Reliability Engineer?
- Site Reliability Engineering by Google
- Being an On-Call Engineer
- Go for SREs Using Python
- DevOps Bookmarks
- School of SRE
- check_mk
- collectd
- Consul
- Grafana
- Graphite
- jmxtrans
- Kibana
- Logstash
- Netdata
- Nagios
- OneOps
- Packetbeat
- Prometheus
- Sensu
- Splunk
- Zabbix
- mhddfs: join several filesystems together to form a single larger one.
- sshfs: allows you to mount a remote filesystem using SFTP. Most SSH servers support and enable this SFTP access by default, so SSHFS is very simple to use - there's nothing to do on the server-side.
- squashfs: Create and mount compressed filesystem images.
- xdiskusage: Visually represent disk usage in and below a directory.
- rsync: Provides fast, reliable, configurable incremental file transfer on local disk or over the network. Archive, mirror, etc.
- httpolice: a validator for HTTP requests and responses. It can spot bad header syntax, inappropriate status codes, and other interoperability problems in your HTTP server or client.
- shellcheck: a tool that gives warnings and suggestions for bash/sh shell scripts.
- mtr: My TraceRoute. combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool.
- lft: display the route packets take to a network host/socket using one of several layer-4 protocols and methods. Basically traceroute for TCP, UDP and ICMP.
- netcat: a computer networking utility for reading from and writing to network connections using TCP or UDP. Replacement for telnet. Can also act as a server.
- sshuttle: Sshutle is VPN over SSH without requiring a remote VPN server or admin rights. Instead, it builds up an ssh session and than locally forwards traffic over it by creating local PREROUTING firewall rules.
- stunnel: a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs' code.
- tcptraceroute: A traceroute implementation using TCP packets
- wavemon: an ncurses-based monitoring application for wireless network devices.
- rinetd: Redirects TCP connections from one IP address and port to another.
- dig: The multitool for DNS enquiries.
- ipcalc: IP network calculator. Available as
online tool as well as a downloadable package. (Ubuntu users:
apt install ipcalc). - netalyzr: Commandline tool that runs various network related tests and generates a report for potential problems. (careful: sends the results to Berkeley for research purposes).
- mitmproxy: An interactive console program that allows HTTP traffic flows to be intercepted, inspected, modified and replayed.
- iftop: iftop does for network usage what top(1) does for CPU usage. It listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts. Handy for answering the question "why is our ADSL link so slow?".
- iptraf: IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts.
- fail2ban: Fail2ban scans log files and bans IPs that show malicious signs. Easily protects your SSH ports against attacks.
- ferm: a tool to maintain complex firewalls, without having the trouble to rewrite the complex rules over and over again.
- testssl: checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
- pwgen: Generate pronouncable and easy to type passwords.
- keystore explorer: Java GUI for managing Java Key stores (SSL certificate databases). Also lets you convert all kinds of certificate formats.
- qualys ssl server test: Online tool for deep analysis of the configuration of any SSL web server on the public Internet.
- mozilla ssl configuration generator: Generate secure SSL configurations for the most common browsers.
- mozilla observatory: Scan hosts for HTTPS, TLS and SSH to see if they are configured safely and securely. Warns about missing and improperly configured Content Security Policies for websites.