Testing Ansible Roles with Docker

Ansible-Docker-Blog

Background

When you first start using Ansible, you go from writing bash scripts that you upload and run on machines to running desired end state playbooks. You go from a write-once read-never set of scripts to an easily readable and updatable yaml. Life is good.

Fast forward to when you become an Ansible power user. You’re now:

  • Writing playbooks that run on multiple distros

  • Breaking down your complex Ansible project into multiple bite-sized roles

  • Using variables like a boss: host vars, group vars, include variable files

  • Tagging every possible task and role so you can jump to any execution point and control the execution flow

  • Sharing your playbooks with colleagues and they’ve started contributing back

As you gain familiarity with Ansible, you inevitably end up doing more and more stuff-- which in turn makes the playbooks and roles that you’re creating and maintaining longer and a bit more complex. The side effect is that you may feel that development begins to move a bit slower as you manually take the time to verify variable permutations. When you find yourself in this situation, it’s time to start testing. Here’s how to get started by using Docker and Ansible to automatically test Continue reading

Three more hospitals hit with ransomware attacks

Wham, bam, bam – three more hospitals have been hit with ransomware.Kentucky hospital hit with ransomwareDavid Park, COO of Methodist Hospital in Henderson, Kentucky, told WFIE 14 News that after attackers copied patients’ files, locked those copies and deleted the originals, the hospital notified the FBI. The attack happened on Friday after the ransomware made it past the hospital’s email filter; by Monday, Methodist officials said their system was “up and running.”To read this article in full or to leave a comment, please click here

Wireless As We Know It Is Dead

WirelessTombstone

Congratulations! We have managed to slay the beast that is wireless. We’ve driven a stake through it’s heart and prevented it from destroying civilization. We’ve taken a nascent technology with potential and turned it into the same faceless corporate technology as the Ethernet that it replaced. Alarmist? Not hardly. Let’s take a look at how 802.11 managed to come to an inglorious end.

Maturing Or Growing Up

Wireless used to be the wild frontier of networking. Sure, those access points bridged to the traditional network and produced packets and frames like all the other equipment. But wireless was unregulated. It didn’t conform to the plans of the networking team. People could go buy a wireless access point and put it under their desk to make that shiny new laptop with 802.11b work without needing to be plugged in.

Wireless used to be about getting connectivity. It used to be about squirreling away secret gear in the hopes of getting a leg up on the poor schmuck in the next cube that had to stay chained to his six feet of network connectivity under the desk. That was before the professionals came in. They changed wireless. They put a Continue reading

Bridge vs Macvlan

Bridge

A bridge is a Layer 2 device that connects two Layer 2 (i.e. Ethernet) segments together. Frames between the two segments are forwarded based on the Layer 2 addresses (i.e. MAC addresses). Although the two words are still often used in different contexts, a bridge is effectively a switch and all the confusion started 20+ years ago for marketing purposes.

Switching was just a fancy name for bridging, and that was a 1980s technology – or so the thinking went.

A bridge makes forwarding decisions based on the MAC address table. Bridge learns MAC addresses by looking into the Frames headers of communicating hosts.

A bridge can be a physical device or implemented entirely in software. Linux kernel is able to perform bridging since 1999. By creating a bridge, you can connect multiple physical or virtual interfaces into a single Layer 2 segment. A bridge that connects two physical interfaces on a Linux host effectively turns this host into a physical switch.

Linux Bridge

Switches have meanwhile became specialized physical devices and software bridging had almost lost its place. However, with the advent of virtualization, virtual machines running on physical hosts required Layer 2 connection to the physical network Continue reading

Prepare to patch a critical flaw in Windows and Samba file sharing in 3 weeks

Systems administrators should get ready to fix a critical vulnerability on April 12 that affects the Windows and Samba implementations of the Server Message Block (SMB) protocol. The vulnerability was discovered by Stefan Metzmacher, a core developer of the Samba software, which is a popular open-source implementation of the SMB/CIFS (Server Message Block/Common Internet File System) networking protocol. SMB/CIFS is implemented by default in Windows, where it's used for network file and printer sharing. Linux and other Unix-like systems can interoperate and share resources with Windows systems over the same protocol using the Samba software.To read this article in full or to leave a comment, please click here

Should your board of directors include a cybersecurity expert?

Should companies have a cybersecurity expert on their board of directors? The federal government seems to think so, and increasingly so do security and risk professionals, although companies would prefer to make that decision without government involvement, according to a sampling of industry pros. A disclosure bill introduced by the U.S. Senate in December would ask companies to disclose whether they have a “cyber security expert” or equivalent measure on its board of directors. While no action is required if no expert currently has a seat on the board, the company would need to provide an explanation for how it is approaching cybersecurity.To read this article in full or to leave a comment, please click here(Insider Story)

Should you worry that your car will be hacked?

The federal government's warning last week about cybersecurity vulnerabilities in vehicles is a well-intentioned public service announcement that has little value for consumers.The warning noted the highly publicized wireless vehicle hack of a Chrysler Jeep Cherokee last July, where two security experts demonstrated they could control critical functions of the vehicle. The revelation lead to Chrysler recalling 1.4 million vehicles to update software.To read this article in full or to leave a comment, please click here

Security spring cleaning time

Get rid of that stuff collecting dustImage by ThinkstockAs new security threats continue to emerge and security teams find themselves stuck in the cycle of piling on new products and policies each time they receive an alert notification, true functions of security programs get lost in the clutter. As melting snow and longer days promise that spring is right around the corner, take this time to start fresh and “spring clean” your security ecosystems. To help get you started, these infosec professionals provide guidelines for what to check off on a security spring-cleaning list.To read this article in full or to leave a comment, please click here

Understanding OpenStack: Capabilities & Challenges

In this episode of Network Matters with Ethan Banks, learn about the basics of OpenStack and why the open-source cloud platform has become so popular. Ethan explains exactly what OpenStack is, then dispels some of the myths around IT's expectations for OpenStack adoption.

Ethan is the co-host of the Future of Networking Summit at Interop Las Vegas. Learn more about the conference program or register for Interop, May 2-6 in Las Vegas.

Male computer programmers shown to be right up there with chefs, dentists on gender pay gap scale

Glassdoor Economic Research A deep dive into crowdsourced salary data from more than half a million employees shows that the gender pay gap is very real, and that male computer programmers make far more than their female counterparts.The Economic Research arm of online jobs marketplace Glassdoor has issued a report titled Demystifying the Gender Pay Gap that attempts to explain why males are making so much more than females across industries and countries. While the researchers have come up with explanations for much of the pay gap in the United States, about a third of the gap is unexplained and presumed to be due to factors such as intentional or unintentional bias as well differences in pay negotiations.To read this article in full or to leave a comment, please click here

Learn SDN And OpenFlow Fundamentals

If you're looking for a practical, hands-on, real world approach to learning and implementing SDN and OpenFlow, look no further. The video course Practical SDN and OpenFlow Fundamentals from GNS3 Academy offers a unique way to learn about and experiment with SDN with no risk -- using your own laptop along with free or demo software.

GNS3 Academy courses are low-cost, self-paced, work on any device, and access never expires. Plus, courses are updated monthly with new material to keep your skills current.

In this course, instructor and CCIE emeritus David Bombal demonstrates SDN and OpenFlow in detail, covering everything from the basic definition of SDN to capturing messages with Wireshark and even building your own SDN switch with Raspberry Pi.

Register for this course and you can delve into:

  • SDN architecture tiers
  • Controller configurations including OpenDaylight, ONOS, RYU, Floodlight and HP VAN
  • Overlays, underlays and APIs
  • How companies like Google, Facebook, and the NSA use SDN
  • How OpenFlow works
  • Configuring Mininet switches using Open vSwitch
  • Installing and configuring OpenDaylight
  • Traffic engineering

The first 10 Network Computing members to register receive the course FREE, so register now and enter the code NETWORKCOMPUTING.

This bag of tricks may help stop a Locky ransomware infection

A malware researcher has found a few tricks to stop one of the latest types of ransomware, called Locky, from infecting a computer without using any security programs.Ransomware is malware that encrypts a computer's files. Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundreds dollars to thousands, payable to cybercriminals in bitcoin.Locky is a relative newcomer to the ransomware scene, which computer security researchers first saw over the last few months. It is primarily distributed through spam messages that try to trick people into opening attachments, such as fake invoices.To read this article in full or to leave a comment, please click here

The Syrian Electronic Army was careless with Gmail, Facebook

If you're a hacker, it's a good idea to stay away from Facebook and Gmail to communicate with your colleagues.Three men, who allegedly were part of a multi-year hacking campaign executed by the Syrian Electronic Army (SEA), left a long digital trail that didn't make them hard to identify, according to court documents.The U.S. Department of Justice unsealed charges on Tuesday against the men, who are accused of hacking companies and defacing websites.The SEA, which emerged around July 2011, claimed credit for prominent hacks that sought to support Syrian President Bashar al-Assad. The group targeted the White House, Harvard University, Reuters, the Associated Press, NASA and Microsoft, among others.To read this article in full or to leave a comment, please click here

1 2,940 2,941 2,942 2,943 2,944 3,696