How to deploy Open-AKC(Authorized Key Chain)

. Acting as a centralised trust management platform: By allowing the “authorized_keys” mechanism on the hosts to be completely disabled, OpenAKC permits SSH trust across an entire estate to be managed (with rich control and monitoring features) centrally by “systems administration” or “information security” staff. This means that users, or application developers etc. cannot add or remove trust relationships, effectivelyRead the Rest…

How to add a custom tomcat installation to SystemD with ansible.

Okay so say you have a custom install of tomcat and java, which is what a lot of people do because java update and tomcat updates can bring things down. So things need to be tested before updates and standard patch cycles can end up affecting the environment. But you want to handle the startup and stopping via systemd toRead the Rest…

How to deploy an EC2 instance with Terraform

Okay so terraform is like ansible but for the cloud. Its probably a bit cooler in what it can do than ansible….but im still still picking it up myself. But ultimately the same thing. If you know ansible you can pick up terraform without too much difficulty. After a couple of cool writes you should be good to go. .Read the Rest…

How to generate new Network UUID’s with Ansible

Okay some of you might have deployed linux vm’s from clone templates using ansible by way of the vmware_guest module. Now everybody goes about it differently, and from what I read online…. It would seem that lots of people over complicate the generation of the UUID with over complicated code to generate the UUID. . At the end of theRead the Rest…

How to deploy Vmware VM’s using Ansible from Cloned Templates

QUICK OVERVIEW OF WHAT ANSIBLE IS.. Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs. Designed for multi-tier deployments since day one, Ansible models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time. It uses no agents and noRead the Rest…

How to check if ports are open on an array of servers

Okay now there is a whole bunch of ways you can do this. This is just the way I played around with to save myself a bunch of time, using NCAT. Also previously known as NETCAT. 1.Ensure your Jumphost can ssh to all your newely deployed machines. Either you will use a root password or ssh key of some sort.Read the Rest…

How to setup SMTP port redirect with IPTABLES and NAT

RedHat/Centos Okay its really easy to do. You will need to add the following in /etc/sysctl.conf Note: these are kernel parameter changes 1.vi /etc/sysctl.conf add the following lines kernel.sysrq = 1 net.ipv4.tcp_syncookies=1 net/ipv4/ip_forward=1 (important) net.ipv4.conf.all.route_localnet=1 (important) net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.all.send_redirects = 0 . 2.Save the file and run • Sysctl -p (this will load the new kernel parameters) 3.Now you ifRead the Rest…

How to rebuild a drive that’s fallen out of a software raid

Now I know nobody uses this kind of raid technology anymore, but it was one of the cool things I learned from my mentor at the time, when I first started my career centuries ago. I happen to find this in my archives and thought I would write up to share. There is another way to do this as usingRead the Rest…

How to add a new SCSI LUN while server is Live

REDHAT/CENTOS: In order to get wwn ids from a server: • cat /sys/class/scsi_host/host0/device/fc_host\:host0/port_name • cat /sys/class/scsi_host/host1/device/fc_host\:host1/port_name Or: • systool -av -cfc_host | grep port_name | awk ‘{ print $3 }’ | cut -d\” -f 2 | cut -dx -f 2 . 1.To add a new SAN LUN while live: Run this to find the new disks after you have added them to yourRead the Rest…

How to figure out switch and port via tcpdump

Okay if you have ever worked in a place where their network was complete choas with no documentation or network maps to help you figure out where something resides. You can sometimes use tcpdump to help you figure out where the server is sitting by using tcpdump. Syntax tcpdump -nn -v -i <NIC_INTERFACE> -s 1500 -c 1 ‘ether[20:2] == 0x2000’Read the Rest…