How to manage a dynamic inventory using ansible on AWS

Building on the ansible tutorial from earlier, this tutorial shows you how to use your existing virtual environment to control your AWS ansible inventory. This saves you from having to upload playbooks and maintain ansible installations - basically you can run your playbooks from your work station using your workstation's ansible installation to send commands to your inventory over SSH.

IPSec Troubleshooting

Some handy commands to see what's going on with a strongswan-based ipsec connection

ip -s xfrm state
ip route list table 220
ipsec status

How to install and configure multiple versions of ansible and the AWS CLI on Mac OSX

If you work with the AWS CLI and it's cousins, you notice quickly that there are different versions and functionality depending on which version of python you use to install them. This is also the case with ansible, so I recommend setting up a virtual environment for each version of python, so you can always be working with the most functional packages and not have to create confusion in your root environment.

Oracle RAC installations with VMWare and change block tracking

Are you plagued by that need for five 9's and have an Oracle RAC VM? Can't spare the time to shut down that VM? You don't need the Bass-o-matic 76 just the following to allow you to alter Change Block Tracking with an online VM. (Though a Bass-o-matic is highly recommended).

Just fetch your friendly PowerCLI interface to VMWare and connect to your friendly neighborhood vCenter:

$vm="VM_Name"

$vmtest = Get-vm $vm| get-view $vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec

Using multiple CLI accounts

AWS CLI

  1. Edit the file ~/.aws/config
  2. create a profile for each set of credentials:
    [profile personal-account]
    aws_access_key_id = A***Q
    aws_secret_access_key = f***0
    region = us-west-2
    output = table
  3. Update your AWS CLI settings
    export AWS_DEFAULT_PROFILE=personal-account

EB CLI settings

eb init --profile business-account 

Terraform settings

  1. Edit the file ~/.aws/credentials
  2. create a profile for each set of credentials:
    [default]
    aws_access_key_id = A***Q

Customize your Powershell prompt

This jaunty little powershell profile will give you a multicolor prompt, and will change the username red when your running in administrator context.

Use a custom avatar for multiple Identities in Google Chrome

This article assumes that you've uploaded a custom avatar to your Google chrome identity already.

Glossary

Since I build an internal glossary at pretty much every organization I join, I figure it's about time to start writing down the most common definitions here that I reference globally:

Policy: A guideline or statement of position with respect to a given topic.

Allow Services through firewalld and SELinux

Systemd

systemctl list-units --type service --all
systemctl status [service]
systemctl enable [service]

Firewalld

firewall-cmd --list-all
firewall-cmd --get-services
cat /usr/lib/firewalld/services/[service].xml
firewall-cmd --permanent --add-service=[service]
firewall-cmd --add-port=[port]/[tcp or udp]
firewall-cmd --reload

SELinux

getsebool -a | grep [service]
setsebool -P [service]

Sample Troposphere Template

This is a simple Python script one can use to bring a single server stack online with a new Elastic IP. Note that sometimes you'll have properties nested within properties, such as the rules nested within the security group below. The only way to define these that I've found is by defining them within the property -- that is, one cannot define them outside the "Properties" tag of the current resource. Network interfaces are also an example of this.

Pages

Subscribe to badllama.com RSS