In my last post, I showed you how I automated my Kubernetes lab build out by using Salt. This took the build time and cut it by more than 70% (Im guessing here but you get the point). In addition, I’ve been making all of my changes for the cluster in Salt rather than applying them directly to the host. Not only does this give me better documentation, it allows me to apply changes across multiple nodes very quickly. You might be wondering why I chose Salt since I’ve blogged about Chef in the past. The answer isn’t cut and dry, but Salt just made sense to me. On top of that, there is VERY good documentation out there about all of the state and state functions so it’s pretty easily consumable. As I walk through the process I used to create the lab build scripts, I hope you’ll start to catch onto some of the reasons that made me decide to learn Salt.
Let’s start by taking a look at me GitHub repo…
While there’s a lot here, the pieces we really want to talk about are the files that end Continue reading
Many security baseline processes are rife with challenges. Whether organizations use scripts to manually brute-force their system-level compliance baseline, or perhaps leverage the all-too-common “Gold Disk” approach, routine security baseline compliance remediation remains largely an unsolved and constant challenge even for the most mature of IT organizations.
Even for organizations that are using an existing management tool to help with their security baselining, issues frequently arise around how to identify systems that require baselining as they come online, and then immediately recognize what needs to be done on those systems in order to verify their compliance.
To add to the challenge, applying a baseline to a newly deployed server or application is one thing, but validating compliance throughout the server and application lifecycle typically requires a separate set of tools or processes, or at very least scripts that are smart enough to smartly change the existing state of a server or application without impacting its availability.
MindPoint Group knew there was a better way. The security folks at MindPoint group are leveraging the power and simplicity of Ansible to bring automation to the problem of security baselines. And thanks to Ansible’s design, the work that MindPoint group has done is Continue reading
The convergence trend on HTTPS protocol continues to gather momentum. This time it is the venerable WHOIS protocol that is poised to be replaced with RDAP over HTTP.
The post The End of WHOIS ? appeared first on EtherealMind.
Having built a customer base, Puppet Labs is adding more uses for its IT automation tools.