Home Page Icon
Home Page
Table of Contents for
Copyright and Credits
Close
Copyright and Credits
by James Freeman
Hands-On Enterprise Automation on Linux
Title Page
Copyright and Credits
Hands-On Enterprise Automation on Linux
Dedication
About Packt
Why subscribe?
Foreword
Contributors
About the author
About the reviewers
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Reviews
Section 1: Core Concepts
Building a Standard Operating Environment on Linux
Understanding the challenges of Linux environment scaling
Challenges of non-standard environments
Early growth of a non-standard environment
Impacts of non-standard environments
Scaling up non-standard environments
Addressing the challenges
Security
Reliability
Scalability
Longevity
Supportability
Ease of use
What is an SOE?
Defining the SOE
Knowing what to include
Exploring SOE benefits
Example benefits of an SOE in a Linux environment
Benefits of SOE to software testing
Knowing when to deviate from standards
Ongoing maintenance of SOEs
Summary
Questions
Further reading
Automating Your IT Infrastructure with Ansible
Technical requirements
Exploring the Ansible playbook structure
Exploring inventories in Ansible
Understanding roles in Ansible
Understanding Ansible variables
Understanding Ansible templates
Bringing Ansible and the SOE together
Summary
Questions
Further reading
Streamlining Infrastructure Management with AWX
Technical requirements
Introduction to AWX
AWX reduces training requirements
AWX enables auditability
AWX supports version control
AWX helps with credential management
Integrating AWX with other services
Installing AWX
Running your playbooks from AWX
Setting up credentials in AWX
Creating inventories in AWX
Creating a project in AWX
Creating a template in AWX
Running a playbook from AWX
Automating routine tasks with AWX
Summary
Questions
Further reading
Section 2: Standardizing Your Linux Servers
Deployment Methodologies
Technical requirements
Knowing your environment
Deploying to bare-metal environments
Deploying to traditional virtualization environments
Deploying to cloud environments
Docker deployments
Keeping builds efficient
Keeping your builds simple
Making your builds secure
Creating efficient processes
Ensuring consistency across Linux images
Summary
Questions
Further reading
Using Ansible to Build Virtual Machine Templates for Deployment
Technical requirements
Performing the initial build
Using ready-made template images
Creating your own virtual machine images
Using Ansible to build and standardize the template
Transferring files into the image
Installing packages
Editing configuration files
Validating the image build
Putting it all together
Cleaning up the build with Ansible
Summary
Questions
Further reading
Custom Builds with PXE Booting
Technical requirements
PXE booting basics
Installing and configuring PXE-related services
Obtaining network installation images
Performing your first network boot
Performing unattended builds
Performing unattended builds with kickstart files
Performing unattended builds with pre-seed files
Adding custom scripts to unattended boot configurations
Customized scripting with kickstart
Customized scripting with pre-seed
Summary
Questions
Further reading
Configuration Management with Ansible
Technical requirements
Installing new software
Installing a package from operating system default repositories
Installing non-native packages
Installing unpackaged software
Making configuration changes with Ansible
Making small configuration changes with Ansible
Maintaining configuration integrity
Managing configuration at an enterprise scale
Making scalable static configuration changes
Making scalable dynamic configuration changes
Summary
Questions
Further reading
Section 3: Day-to-Day Management
Enterprise Repository Management with Pulp
Technical requirements
Installing Pulp for patch management
Installing Pulp
Building repositories in Pulp
Building RPM-based repositories in Pulp
Building DEB-based repositories in Pulp
Patching processes with Pulp
RPM-based patching with Pulp
DEB-based patching with Pulp
Summary
Questions
Further reading
Patching with Katello
Technical requirements
Introduction to Katello
Installing a Katello server
Preparing to install Katello
Patching with Katello
Patching RPM-based systems with Katello
Patching DEB-based systems with Katello
Summary
Questions
Further reading
Managing Users on Linux
Technical requirements
Performing user account management tasks
Adding and modifying users with Ansible
Removing users with Ansible
Centralizing user account management with LDAP
Microsoft AD
FreeIPA
Enforcing and auditing configuration
Managing sudoers with Ansible
Auditing user accounts with Ansible
Summary
Questions
Further reading
Database Management
Technical requirements
Installing databases with Ansible
Installing MariaDB server with Ansible
Installing PostgreSQL Server with Ansible
Importing and exporting data
Automating MariaDB data loading with Ansible
Performing routine maintenance
Routine maintenance on PostgreSQL with Ansible
Summary
Questions
Further reading
Performing Routine Maintenance with Ansible
Technical requirements
Tidying up disk space
Monitoring for configuration drift
Understanding process management with Ansible
Rolling updates with Ansible
Summary
Questions
Further reading
Section 4: Securing Your Linux Servers
Using CIS Benchmarks
Technical requirements
Understanding CIS Benchmarks
What is a CIS Benchmark?
Exploring CIS Benchmarks in detail
Applying security policy wisely
Applying the SELinux security policy
Mounting of filesystems
Installing Advanced Intrusion Detection Environment (AIDE)
Understanding CIS Service benchmarks
X Windows
Allowing hosts by network
Local firewalls
Overall guidance on scoring
Scripted deployment of server hardening
Ensuring SSH root login is disabled
Ensuring packet redirect sending is disabled
Running CIS Benchmark scripts from a remote location
Summary
Questions
Further reading
CIS Hardening with Ansible
Technical requirements
Writing Ansible security policies
Ensuring remote root login is disabled
Building up security policies in Ansible
Implementing more complex security benchmarks in Ansible
Making appropriate decisions in your playbook design
Application of enterprise-wide policies with Ansible
Testing security policies with Ansible
Summary
Questions
Further reading
Auditing Security Policy with OpenSCAP
Technical requirements
Installing your OpenSCAP server
Running OpenSCAP Base
Installing the OpenSCAP Daemon
Running SCAP Workbench
Considering other OpenSCAP tools
Evaluating and selecting policies
Installing SCAP Security Guide
Understanding the purpose of XCCDF and OVAL policies
Installing other OpenSCAP policies
Scanning the enterprise with OpenSCAP
Scanning the Linux infrastructure with OSCAP
Running regular scans with the OpenSCAP Daemon
Scanning with SCAP Workbench
Interpreting results
Summary
Questions
Further reading
Tips and Tricks
Technical requirements
Version control for your scripts
Integrating Ansible with Git
Organizing your version control repositories effectively
Version control of roles in Ansible
Inventories – maintaining a single source of truth
Working with Ansible dynamic inventories
Example – working with the Cobbler dynamic inventory
Running one-off tasks with Ansible
Summary
Questions
Further reading
Assessments
Chapter 1 - Building a Standard Operating Environment on Linux
Chapter 2 - Automating Your IT Infrastructure with Ansible
Chapter 3 - Streamlining Infrastructure Management with AWX
Chapter 4 - Deployment Methodologies
Chapter 5 - Using Ansible to Build Virtual Machine Templates for Deployment 
Chapter 6 - Custom Builds with PXE Booting
Chapter 7 - Configuration Management with Ansible
Chapter 8 - Enterprise Repository Management with Pulp
Chapter 9 - Patching with Katello
Chapter 10 - Managing Users on Linux
Chapter 11 - Database Management
Chapter 12 - Performing Routine Maintenance with Ansible
Chapter 13 - Using CIS Benchmarks
Chapter 14 - CIS Hardening with Ansible
Chapter 15 - Auditing Security Policy with OpenSCAP
Chapter 16 - Tips and Tricks
Other Books You May Enjoy
Leave a review - let other readers know what you think
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Title Page
Next
Next Chapter
Hands-On Enterprise Automation on Linux
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset