I’ve been playing with 2-factor authentication a lot lately, either commercially / within the enterprise with RSA SecurID, or at home, with a variety of services, such as Google Authenticator, Symantec VIP and most recently, Duo Security. RSA SecurID is a bit of a pain to set up, but it does seem to work well in the enterprise. It’s too expensive to consider for home use, but for a VPN, it’s pretty good....

A few months ago - quite a few months ago now actually, I started a project looking at the potential replacements for traditional AntiVirus (AV). Note: I use the terms virus and malware pretty much interchangeably in this article, antivirus and antimalware too. I’m wrapping a bunch of different types of malware and virus up with trojans and worms and ransomware and everything else that you get into a single thing....

This might read a little bit like an advert, but it’s not. I’m not getting paid for this. I like to talk about things that make my life easier, and there’s going to be a few more in this mini-series. I’m just gonna come out and say it. Patch Management is hard, but it needn’t be. The following comes from my personal experience of managing patches and software updates in an enterprise environment for the last 4-odd years....

Whenever we have planned (and sometimes unplanned) downtime, at work, I’m usually asked the question “While we’ve got the entire system down to do X, shall we do Y also?” Typically X is planned, and we’re doing major maintenance - There’s one coming up when there’s grid circuit maintenance, where we’re hoping it’ll be fine on UPS and emergency generator - with an at-risk period. Occasionally, X is unplanned, like the time that the air conditioning failed, and everything shut down to save itself....

This article suffers from severe linkrot. It’s been a while since I wrote Parts 1,2,3,4 on my Ansible Tutorial series, but I’ve recently changed my approach somewhat when using Ansible, and certainly when I build on Parallax. I’ve started using more and more from Ansible Galaxy. For those of you who don’t know, Galaxy is a community “app store”-like thing for sharing reusable Ansible Roles. https://galaxy.ansible.com/ Let’s pretend we want to deploy a staging server for a Python/Django application, using Postgres as the backend database all on a single server running Ubuntu 14....

This article suffers from severe linkrot. You may remember that in January, I wrote a trilogy of blogposts surrounding the use of Ansible, as a handy guide to help y’all get started. I’ve decided to revisit this now, and write another part, about Ansible Tower. In the 6-odd months since I wrote Parts 1, 2 and 3 of my Getting Started with Ansible guide, it’s had over 10,000 unique visitors. I’m quite impressed with that alone....

This no longer represents good practices. Use Terraform for deploying resources to AWS instead of Ansible. By this point, you should have read Part 1: Getting Started with Ansible, and Part 2: Deploying Applications with Ansible. If you haven’t, go and do it now. You should also be familar with some of the basic concept surrounding AWS deployment, how AWS works, and so on. So, you’ll have some idea how Ansible uses playbooks to control deployment to target hosts, and some idea of the capability for deploying code from version control systems (in Part 2, we used the Ansible git: module....

You should by now have worked your way through Part 1: Getting Started with Ansible. If you haven’t, go and do that now. In this article, I’ll be demonstrating a very simple application deployment workflow, deploying an insanely simple node.js application from a github repository, and configuring it to start with supervisord, and be reverse-proxied with Nginx. As with last time, we’ll be using Parallax as the starting point for this....

An introduction to Ansible Configuration Management A brief history of Configuration Management =========================================== CFEngine - Released 1993. Written in C Puppet - Released 2005 - Written in Ruby. Domain Specific Language (DSL. SSL Nightmare. Chef - Released 2009 - Written in Ruby, also a DSL, more like pure Ruby Juju - Released 2010, Python, Very ubuntu. Salt - Released 2011, Python, Never got it working right Ansible - Released 2012, Python....

What does VPN stand for? Virtual Private Network. Moving on… What is a VPN? A VPN is a mechanism to extend a private network (like your LAN [Local Area Network]) across a public network (like the Internet). The upshot of this is, that you can connect two separate computers, each on their own LAN, across a VPN so that they appear to be on the same network; which, in a sense, they are....