April 18, 2018

Got Certified!!!

Posted in Redhat Satellite at 2:25 pm by alessiodini


Yesterday I passed the EX403 exam, finally I got certified as “Red Hat Certified Specialist in Deployment and Systems Management”.
I’m still waiting the PDF because Redhat does not send the certification within the mail as in the past.
Now I have 3 more exams to pass for reach the “Redhat Cloud Architect” level. Actually I’m planning to take Openstack RHCSA ( the next one ), after I would like to take the Openshift exam. Later I will think about the lastone exam.

Let’s study more and more!!

Advertisements

April 4, 2018

Redhat Satellite 6.2: How to isolate contents for specific capsules

Posted in Redhat Satellite at 2:21 pm by alessiodini


Let’s think a Satellite infrastructure as follow:

1x satelite core
multiple capsules ( 4x, 6x, or more )

What if we need to host custom packages isolating them on a single or only two capsules?
Satellite 6.2.x does not have this feature natively. In my case I solved with these steps:

1) Creating a new organization
2) Creating a new capsules inside the new organization
3) Modifying the subscription manifest and assigning a new one on the new organization

With this I’m sure that contents on the new organization are isolated between those capsules. I tried everything playing with Lifecycles/Content Views, but I was unable to isolate the contents within the present organization.

March 20, 2018

Failed Redhat Satellite Exam

Posted in Redhat Satellite at 9:16 am by alessiodini


Last Week I faced EX403V6K exam in KOALA mode. I left the room sure to pass the exam, I did 16 of 18 tasks requested. Anyway I received 173 score and I was very surprised because I was sure to about the tasks I worked for. The only thing I’m thinking about is to forget Uppercase in some name, because I manually tested each component and it worked great.
I found KOALA very very restrictive but with a bit of patience it’s not that bad.
The only issue is that I founded a couple of tasks a bit subjectives, at this point I think I understood bad that tasks.
I don’t give up and I will repeat the exam studying more and more because I want to reach RHCA cloud level.
Let’s study more!!

March 14, 2018

Redhat Satellite: How to sync a specific lifecycle environment on a capsule

Posted in Redhat Satellite at 10:50 am by alessiodini


In these days I’m working several hours with Redhat Satellite 6.2.9
The architecture is composited by:

1x satellite orchestrator
6x capsules

I made a new lifecycle/content view/activation keys objects and I need on a capsule to sync it for a specific lifecycle, instead of syncing it for *all* lifecycles assigned.

I was very funny to explore hammer CLI options:

[root@lsatellite ~]# hammer capsule list
—|————————————|————————————————-|————————–
ID | NAME | URL | FEATURES
—|————————————|————————————————-|————————–
2 | lxrp-capsule-area3.pippo.net | https://lxrp-capsule-area3.pippo.net:9090 | Templates, Pulp Node, …
7 | lxrp-capsule-ca4p1.pippo.net | https://lxrp-capsule-ca4p1.pippo.net:9090 | Templates, Pulp Node, …
3 | lxrp-capsule-dcs.pippo.net | https://lxrp-capsule-dcs.pippo.net:9090 | Templates, Pulp Node, …
4 | lxrp-capsule-ibi.pippo.net | https://lxrp-capsule-ibi.pippo.net:9090 | Templates, Pulp Node, …
5 | lxrp-capsule-itzrm.pippo.net | https://lxrp-capsule-itzrm.pippo.net:9090 | Templates, Pulp Node, …
6 | lxrp-capsule-visby.pippo.net | https://lxrp-capsule-visby.pippo.net:9090 | Templates, Pulp Node, …
1 | lxrp-ltm-satellite.pippo.net | https://lxrp-ltm-satellite.pippo.net:9090 | Pulp, Puppet, Puppet C…
—|————————————|————————————————-|————————–

[root@satellite ~]# hammer lifecycle-environment list –organization XXX
—|———————|——————-
ID | NAME | PRIOR
—|———————|——————-
9 | VcloudIrector | Library
4 | Test | development
22 | reference-snapshot | Library
23 | reference-release | reference-snapshot
2 | Production | Library
7 | Library-2 | Library
1 | Library |
3 | development | Production
10 | Content_Jenkins | Library
8 | Base-release-upload | Library-2
—|———————|——————-

[root@satellite ~]# hammer capsule content synchronize –id 7 –environment-id 22 –organization GTK
[………………………………………………………………………………………………………………………………………… ] [80%]
[………………………………………………………………………………………………………………………………………… ] [80%]
[………………………………………………………………………………………………………………………………………… ] [80%]

Done!!! 🙂

February 16, 2018

New challenge: design an automation jobs architecture

Posted in Ansible at 11:22 am by alessiodini


Customer often asks me to automate tasks on hundred Linux systems. Those tasks can be very simples as user creation or more complex as operating system customization.
I used ansible reaching the goal but I want to share ansible features with the customer and his colleagues. For this purpose I’m designing a simple architecture composited by:

– GIT as a SCCM
– Ansible as a dedicated automation host
– AWX as a orchestrator

The idea is to write code ( playbooks, perl, bash, python, etc.etc. ) and to publish it to GIT repository. AWX takes the code and let ansible executing it giving back each detail about the execution.
I want let the customer have a single button called “GO” for multiple tasks automation!
I’m playing with this architecture and I need to make a presentation explaining the details.
Let’s gooooo!! 🙂

February 13, 2018

RHEV 4.2 BETA

Posted in Redhat Enterprise Virtualization at 11:24 am by alessiodini


Can’t wait for play with RHEV 4.2 !
With 4x I began to work from 4.0 release and it was only pain, bugs, bugs, and again bugs. No performance graphics. After running yum update everything went bad.

I’m reading about 4.2 features and I hope now RHEV is more stable and it can gives at least basic graphic informations about the guests. I wait the official “stable” status and I will begin to play with.

Here you can find a description about the main new features.
Let’s have fun 🙂

February 2, 2018

Ansible: dealing with SSH vulnerabilities

Posted in Ansible at 3:57 pm by alessiodini


Today the customer asked to help him fixing a couple of issues on multiple Linux systems. Those vulnerabilities were:

Medium

The remote SSH server is configured to allow weak encryption algorithms or no algorithm at all.

Contact the vendor or consult product documentation to remove the weak ciphers.       N/A       90317

 

Low

“The remote SSH server is configured to allow MD5 and 96-bit MAC

algorithms.”

“Contact the vendor or consult product documentation to disable MD5 and

96-bit MAC algorithms.”               N/A 71049

I was funny to fix both of them with a simple playbook called fixssh.yaml :


– name: MAC SSH Vulnerability FIX
hosts: all
tasks:

– name: Backing up /etc/ssh/sshd_config
shell: cp -prf /etc/ssh/sshd_config /etc/ssh/sshd_config.02-02-18
become: true
become_method: sudo

– name: Updating MACs directive in /etc/ssh/sshd_config file
lineinfile:
path: /etc/ssh/sshd_config
regexp: ‘^MACs’
line: ‘MACs hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160@openssh.com’
become: true
become_method: sudo

– name: Updating ciphers directive in /etc/ssh/sshd_config file
lineinfile:
path: /etc/ssh/sshd_config
regexp: ‘^Ciphers’
line: ‘Ciphers aes128-ctr,aes192-ctr,aes256-ctr’
become: true
become_method: sudo

– name: Restarting sshd service
service: name=sshd state=restarted
become: true
become_method: sudo

 

 

January 31, 2018

Solaris 11.4 Beta released!

Posted in Solaris at 2:14 pm by alessiodini


I read about the Solaris 11.4 release. It’s strange, I tought Solaris was dead. it seems not yet!!

It’s long time I don’t play with Solaris 11, I think the last time was in 2013.
I hope to play with it again!

This link contains the new features within Solaris 11.4

 

November 27, 2017

Solaris QFS

Posted in Solaris at 3:28 pm by alessiodini


Recently the customer I’m working for, asked to support him for a storage refresh project.
Host side he has multiple Vmware farms, Linux systems and three Solaris clusters running:

  • Solaris 10 on Sparc
  • QFS shared filesystem
  • Oracle RAC

I sincerely forgot tons of things about Solaris but I was happy to run “clq status” again, it was exciting 🙂

I also have the opportunity to play with QFS, I never saw it before. I’m dealing with an old version but I can’t wait to play more with sam* commands!!
I finally understand mcf file syntax and hosts file under /etc/opt/SUNWsamfs directory.
At same time I’m dealing with SRDF tasks, and I need to lear more about storage, EMC VMAX in this case 😀

November 17, 2017

New job!

Posted in News at 11:23 am by alessiodini


From yesterday I’m working for Sinergy company as Solution Architect.
I’m so glad about this new adventure!! 😀
I hope to help much as possible and to grow learning a lot of architectures design.
At same time my goal is still to reach RHCA Cloud level.

Let’s work hard!!
😀

Previous page · Next page