This might read a little bit like an advert, but it’s not. I’m not getting paid for this. I like to talk about things that make my life easier, and there’s going to be a few more in this mini-series. I’m just gonna come out and say it. Patch Management is hard, but it needn’t be. The following comes from my personal experience of managing patches and software updates in an enterprise environment for the last 4-odd years....

Whenever we have planned (and sometimes unplanned) downtime, at work, I’m usually asked the question “While we’ve got the entire system down to do X, shall we do Y also?” Typically X is planned, and we’re doing major maintenance - There’s one coming up when there’s grid circuit maintenance, where we’re hoping it’ll be fine on UPS and emergency generator - with an at-risk period. Occasionally, X is unplanned, like the time that the air conditioning failed, and everything shut down to save itself....

This article suffers from severe linkrot. It’s been a while since I wrote Parts 1,2,3,4 on my Ansible Tutorial series, but I’ve recently changed my approach somewhat when using Ansible, and certainly when I build on Parallax. I’ve started using more and more from Ansible Galaxy. For those of you who don’t know, Galaxy is a community “app store”-like thing for sharing reusable Ansible Roles. https://galaxy.ansible.com/ Let’s pretend we want to deploy a staging server for a Python/Django application, using Postgres as the backend database all on a single server running Ubuntu 14....

This article suffers from severe linkrot. You may remember that in January, I wrote a trilogy of blogposts surrounding the use of Ansible, as a handy guide to help y’all get started. I’ve decided to revisit this now, and write another part, about Ansible Tower. In the 6-odd months since I wrote Parts 1, 2 and 3 of my Getting Started with Ansible guide, it’s had over 10,000 unique visitors. I’m quite impressed with that alone....

This no longer represents good practices. Use Terraform for deploying resources to AWS instead of Ansible. By this point, you should have read Part 1: Getting Started with Ansible, and Part 2: Deploying Applications with Ansible. If you haven’t, go and do it now. You should also be familar with some of the basic concept surrounding AWS deployment, how AWS works, and so on. So, you’ll have some idea how Ansible uses playbooks to control deployment to target hosts, and some idea of the capability for deploying code from version control systems (in Part 2, we used the Ansible git: module....

You should by now have worked your way through Part 1: Getting Started with Ansible. If you haven’t, go and do that now. In this article, I’ll be demonstrating a very simple application deployment workflow, deploying an insanely simple node.js application from a github repository, and configuring it to start with supervisord, and be reverse-proxied with Nginx. As with last time, we’ll be using Parallax as the starting point for this....

An introduction to Ansible Configuration Management A brief history of Configuration Management =========================================== CFEngine - Released 1993. Written in C Puppet - Released 2005 - Written in Ruby. Domain Specific Language (DSL. SSL Nightmare. Chef - Released 2009 - Written in Ruby, also a DSL, more like pure Ruby Juju - Released 2010, Python, Very ubuntu. Salt - Released 2011, Python, Never got it working right Ansible - Released 2012, Python....

What does VPN stand for? Virtual Private Network. Moving on… What is a VPN? A VPN is a mechanism to extend a private network (like your LAN [Local Area Network]) across a public network (like the Internet). The upshot of this is, that you can connect two separate computers, each on their own LAN, across a VPN so that they appear to be on the same network; which, in a sense, they are....

We live in a dangerous world. It should come as no surprise to anyone who is a Citizen of the Internet, that the risks of interacting with others on the ’net is a somewhat dangerous business. Riskier still, is operating a server, or entire network with direct connection to the internet. The number of denial of service and code execution exploits has risen dramatically in the last decade, unsurprisingly. The number of black-hat hacking attempts (to use “hacking” from the vernacular of the media - rather than it’s true, nobler meaning) has also risen....

I’ve been tinkering with Virtualisation quite a bit recently. For a new project, without an allocated budget, I was asked to provide some simple Virtualisation capability, to hold them over until they get budget approval, and can buy their own hardware. I managed to rescue a Dell R510 server from the scrap heap, only to discover that it contains a Dell S300 “FakeRAID” card, that’s not supported by Linux (so KVM, Xen et al are out)....