August 2, 2017

Backing up remote servers with rsnapshot

To back up remote my Linux hosts, I use a tool called rsnapshot. This utility is a wrapper for the venerable rsync (Think robocopy on steroids if you’re from the Windows world) and leverages SSH as a secure transport mechanism. It can be run both locally and remotely. The strength in using rsnapshot over plain old rsync is that rsnapshot creates snapshots (Who would have guessed?) and rolls them over into a defined number of recovery points. ... Read more

August 2, 2017

SaltStack - Experimenting with templating

I was planning on saving this post until I got a couple of others out the way exlaining Salt and my usage of it, but this post is pretty short, so I might as well commit it now :shrug: While Salt is the swiss army knife of configuration management, I had a somewhat trivial task to accomplish - deployment of config files. Using a centralised point such as Pillar or the Salt file system along with Salt’s templating tools, it’s simple to distrbute dynamic config files and get that warm & fuzzy feeling of never having to connect to a remote host again. ... Read more

March 28, 2017

Ansible - A dynamic inventory for AD

So far, I’ve been keeping separate inventories for different servers based on their role (Fileserver, apps server, etc.). But every time a server is added or changed, I have to manually edit the inventory files - That goes against the name of automation! To remedy this, I’ve written a simple python dynamic inventory script that searches AD for computers in a defined OU. And since all of my VMs are organised by role in separate OUs, I only have to update them in one place. ... Read more

March 20, 2017

Ansible + Windows - Beating the second hop with CredSSP

WinRM - Transport protocols As I alluded to in my previous post, there are a number of different transport protocols to use with winrm, and it was quite good fortune that the docs had caught up as I was playing with them all. The last one on my list was CredSSP, which is probably the best authentication method in my mind! CredSSP CredSSP is a transport protocol that allows us to overcome the ‘second hop’ problem of authenticating to a remote resource from the target server. ... Read more

March 18, 2017

Docker Discoveries - Volume 1

My approach to new technology is to treat it like Lego. Start small, build the pieces together, miss a few blocks, watch it topple over and rebuild with the new knowledge in mind. This has been especially true with Docker, as the barrier to entry is very low, but there are a lot of specific features that are great when you need them, but they often come with big gotchas. ... Read more

February 10, 2017

Managing Windows hosts with Ansible - Authenticating

Backstory Managing a Windows environment at a relatively small scale usually means a lot of manually crafted virtual machines. It’s just the nature of the job. The infrastructure doesn’t frequently change, time is stretched and budgets moreso. When every change is manual and the VMs have been in production for a long time, it becomes extremely difficult to ascertain the ‘desired’ state of a server. So how do we know when configuration has drifted enough to cause an issue? ... Read more

December 29, 2016

Using Git submodules for Docker projects (and more!)

Organising Docker projects I’ve been toying with Docker for a little while now, and after my brief learning stint, I’ve begun to move all of my linux-based services to Docker containers. After overcoming some of the beginner pitfalls, I decided it was best to standardise on a single layout for all of my Docker projects. Firstly, I ensure that that the containers are always defined and run via. a docker-compose. ... Read more

June 16, 2016

Lability - The ultimate Hyper-V lab tool (Powershell DSC)

After a somewhat lengthy haitus from Windows as my primary OS, I decided to trade in my Macbook Pro for a Windows laptop with a bit more oomph. My plan was to have something sturdy enough to handle whatever I could throw at it day-to-day, as well as being able to run a portable lab in times when I need to spin up VMs. Naturally, when I saw Lability mentioned in the Powershell slack, I knew I’d hit the jackpot. ... Read more

© James Booth 2017