Sam Doran
Author Archives: Sam Doran
- Home → Author's archive:
Sam Doran
Reboot Plugin for Linux in Ansible 2.7
Rebooting Linux systems with Ansible has always been possible, but was often tricky and error-prone. In Ansible 2.7, I am happy to say that rebooting Linux hosts with Ansible is now easier and can be done with a single task using the newly minted reboot plugin.
Some History
The win_reboot module was written by Matt Davis and included with Ansible 2.1. Rebooting Windows hosts is a much more common occurrence than rebooting Linux hosts. Necessity is the mother of invention, so it made sense that win_reboot appeared before the equivalent for Linux. And while less than elegant, it is possible to reboot Linux hosts using shell and wait_for or wait_for_connection[1].
Rebooting Linux systems with Ansible never felt right to me — much too error prone and finicky. It finally bugged me enough that I refactored win_reboot into reboot so Linux hosts could join the reboot party with their Windows counterparts.
Development Story
When I set out to make the reboot plugin[2], the goal was to create a common class that win_reboot (and potentially others) could easily subclass to override specific parts of the reboot process. I was also working in reverse, deconstructing win_reboot into a new Continue reading
Security is Hard. Why Not Automate It?
Security automation doesn't get a lot of time in the spotlight, but it's something that deserves more thought and attention. The almost constant stream of headlines about the latest data breach or large scale hack make these seem like inevitable events that can't be prevented. Nothing could be further from the truth.
In reality, most data breaches are easily prevented by applying basic security standards and fixing known vulnerabilities in a timely manner. Covering the basics frees information security teams to monitor, detect, and stop more advanced attacks. Hardened systems also make life difficult for attackers, which is always a good thing.
But where does Ansible fit into all this? Ansible is great for configuration management, continuous integration and delivery, orchestration, application deployment and even infrastructure provision. But “I solved a security problem with Ansible” might not be what you’re accustomed to hearing at the water cooler from your average information security or operations person.
To understand how Ansible fits into to the security picture, it’s worth stepping back a little to understand exactly what is information security.
Information security is a multifaceted problem
Keeping information secure isn’t easy. We all know what needs to be Continue reading