OpenSSL is a full featured tool capable not only to generate keys and certificates, but also to provide every facility a PKI must have, such as indirect CRL and OCSP responders: these features, along with certificate's best practices such as the Certification Practice Statement (CPS), publishing CRL Distribution Points URL, OCSP Responders URL, CA Issuers URL, are the topics of the OpenSSL CA tutorial - A full-featured openssl PKI.
Dev-Ops is a methodology aimed to speed-up application development and release aimed at promoting
- fast development methodologies – Development teams
- fast quality assurance methodologies – QA teams
- fast deployment methodologies – System Operators teams
- iteration and continuous feedback – Project Management teams
The aim is to achieve a faster time to market.
DevOps inherits Agile methods such as SCRUM Project Management, but it is more focused on the tools necessary to achieve the goal. It is also possible to involve the Security delegating some rights to the other teams: this approach is called DevSecOps.
These tools Devops brings with it were previously confined into the development field only, such as Source Code Management tools like GIT, branching models such as GitFlow, Continuous Integration and Continuous Delivery tools such as Jenkins or Drone, schedulers such ad dKron, scanners for code quality and compliance such as SonarQube.
This means that professional of every fields, even system engineers and administrators, should have an understanding of these tools and models.
It is almost impossible not having heard about or not having used LVM: it is one of the pillars of every Linux distribution from decades ago. Almost everyone using Linux has used it to create or modify the basic storage structures of its Linux system. The trouble is that very often people are focused on the specific task they are onto, and neglect the time to investigate its amazing features. The goal of LVM Tutorial - A thorough howto on the Logical Volume Manager is to provide an easy yet comprehensive explanation on the most interesting features of LVM that it is very likely you will need to use sooner or later.
Git is certainly the most popular Source Code Management (SCM) software: it is broadly used in almost every recent open source project, and even a lot of emblazoned legacy projects switched to it over the years.
In the previous post we thoroughly learned how to use it to version control sources, working only on personal - so local - repositories.
GIT Tutorial - A thorough Git Howto About Using Remotes completes our trip on learning how to professionally use Git, showing you how to link the personal local repository to shared remote bare repositories.
Knowing how to deal with this topic is of course a mandatory skill, since this is the only way you have to cooperate and work with other developers.
DevOps (and of course DevSecOps) are getting more and more adopted by companies: these methodologies rely on several frameworks and software skills, and working with a modern Source Code Management (SCM) such any kind of software implementing Git is certainly a must for every DevOps professional. This post is the first of a set of posts dedicated to Git and is aimed at providing a GIT Tutorial - A thorough Version Control with Git Howto on personal repositories, giving guidelines to proficient operating with it.
Read more >
Managing Red Hat Network Satellite clients with Ansible roles and playbooks is a very powerful feature of Red Hat Network Satellite Server 6, as well as of its upstream project Katello. Conversely from Puppet, that requires the client host to install its agent package and to be registered to the Puppet master running on the Satellite or Capsule, Ansible does not require installing anything, since it relies on SSH or, to tell it in Red Hat Network Satellite 6 terms, it relies on remote execution with SSH.
This post shows you how to manage client hosts using Ansible, either executing the Ansible roles assigned to the host group the client host belongs to, or running Ansible playbooks using Job Templates.
The Linux distribution used in the examples is CentOS 7, but you can of course easily adapt it to any other Red Hat and derived Linux distribution.
A Foreman proxy (that is the upstream software of the Red Hat Network Satellite Server 6 Capsules) is a server that mirrors the contents from Katello. It's primary aim is to facilitate content federation across various geographical locations, but it is often used to:
- decrease the load on the central Katello server
- reduce bandwidth usage onto geographical links
- increase redundancy, and also to achieve a fine grained segregation level that may be required by some regulatory
Unless you are working in a quite small and not geographically distributed environment, it is very likely that you must provision a Foreman proxy sooner or later.
Provisioning Foreman proxies, same way as installing software in general, is a typical time consuming and error prone task that is often convenient to automate in some way.
As we already saw in the previous post, we can install Foreman proxy using Ansible having it to:
- ensure that the target systems meet the minimal requirements
- automatically partition the systems in the most convenient way
- install everything taking in account of using the right versions of the involved packages so as to avoid installation failure because of wrong dependencies
- set up all the configurations that are required to improve the usability of the installed environment
- take care of issuing all the necessary statements to configure a Foreman proxy (a Capsule) on Katello (the Satellite) and automatically provision it
This is the second part of the "Install Katello Using Ansible" post: we are about to see how the playbooks developed in that post can be used to easily install Foreman-proxy using Ansible.