DevOps Hunter Security Automation

Hello DevOps enthusiasts! Here I came up with new learning on the automations with Ansible reboot module on a VM/Linux server. This is a most common requirement for most DevOps projects having the dev, test, stage, production environments, when there is Operating System patching happens on a VM, there could be a need for the reboot of that VM Ansible reboot module and its parameters There are reboot strategy is most important in how you handle the box before reboot and after reboot. You must aware of all the manual processes that will be required to start after reboot. During the reboot select the proper timeout in seconds. If "systemd" started as a service you can check the major/important service status to show it as 'active' Pre-requisites To execute the following experiment you must have the following setup: Ansible Controller Managed nodes (multiple) defined in the inventory and accessible for running playbooks Ansible playbook for reboot VM In this example playb...

Overview of Ansible PLAYBOOK  An Ansible playbook is a single YAML file that contains multiple plays.  Each Play will be defined with a set of activities that are treated as tasks,  and these tasks can be executed at the remote host that is the Ansible client. The task can be a single action that can be one of:   Execute a command    Run a script    install patch or package   Reboot VM/box    Restart services Simple ansible play can be  check the timestamp reboot server wait for connect back check the uptime  check timestamp  Complex ansible play Take a backup of files on 20 DB VMs Deploy application on 100 App boxes 100 servers patch apply 100 VM reboot after patch  Mail and slack notifications on patch process  Ansible ad-hoc command When you plan to write a playbook first you need to test the ad-hoc commands as trial and error will gives more confidence to run in a play # Ansible ad-...

Hello Guys this is another post on the Ansible learning experiments, well in this post,  I've explored about files and directories which can be created and copied and downloaded and uploaded. We could also do file permission changes how we do in Linux 'chmod' and 'chown' commands. Let's begin with effectively doing automation management with configurations and deploy the challenges related to files and directories. We can compare ansible modules copy and fetch both are related to file moment and they work in opposite directions as shown below: Ansible modules copy vs fetch We have many files related modules available in the Ansible.  acl archive unarchive iso_extract read_csv synchronize assemble tempfile template xattr xml blockinfile lineinfile patch  copy fetch file find stat replace In this post we will have three modules to experiment here. file copy fetch Prerequisites  Ansible installed controller node SSH password less connectivity established Here is a ...

 Hello Guys!!  In this post let's explore the installation options for Ansible Core. We can get the detailed Documentation provided by Ansible in the Installation Guide. I've also gone through the Amazing Book : Ansible for DevOps   Here he explained that beginners can start with playing in Laptop by setting up the Virtual Boxes for Ansible learnings.  Today I have started experimenting with Ansible installation on the CentOS 7 Vagrant box, As you know Ansible is from the RedHat. Ansible having 3300+ modules freely available. At the end of the installation, we can test the connectivity with the ' ping ' and ' shell ' module which will be referred to the inventory hosts which is present in the "/etc/ansible/hosts" location. Prerequisites for Ansible installation Create Vagrant Boxes where Ansible engine runs on the master node and SSH-Agents will run on two different nodes. PasswordAuthentication enable for sshd_config SSH Connectivity with ssh-keygen A...

 Hello DevOps Guys!! This post is about Kubernetes Volume type hostPath type. In this post, I've tried multiple options with Volume with hostPath type association with Pods. Volume type - hostPath  it posts the persistent data to a specific file or directory on the Host machine's file-system Pods running on same node and using the same path in their volume  this hostPath volume is not deleted when Pod crashed or brought down intentionally Specialty of the hostPath Volume is retained, if a new Pod is started as replacement, the files in the hostPath volume will be reused and re-attached to new Pod. If we compare with emptyDir if the pod dies the Volume will be reclaimed by the Kubernetes Control Plane. whereas in hostPath it remains on the host path. Pre-requisites Docker Engine installed   Kubernetes Cluster Up and Running (You can do a test on MiniKube as well) Enough disk space to define in the PV manifestation In this post we will do two experiments Bare ...