Configmanagement |

August 2, 2017

SaltStack - Experimenting with templating

I was planning on saving this post until I got a couple of others out the way exlaining Salt and my usage of it, but this post is pretty short, so I might as well commit it now :shrug: While Salt is the swiss army knife of configuration management, I had a somewhat trivial task to accomplish - deployment of config files. Using a centralised point such as Pillar or the Salt file system along with Salt’s templating tools, it’s simple to distrbute dynamic config files and get that warm & fuzzy feeling of never having to connect to a remote host again. ... Read more

March 20, 2017

Ansible + Windows - Beating the second hop with CredSSP

WinRM - Transport protocols As I alluded to in my previous post, there are a number of different transport protocols to use with winrm, and it was quite good fortune that the docs had caught up as I was playing with them all. The last one on my list was CredSSP, which is probably the best authentication method in my mind! CredSSP CredSSP is a transport protocol that allows us to overcome the ‘second hop’ problem of authenticating to a remote resource from the target server. ... Read more

February 10, 2017

Managing Windows hosts with Ansible - Authenticating

Backstory Managing a Windows environment at a relatively small scale usually means a lot of manually crafted virtual machines. It’s just the nature of the job. The infrastructure doesn’t frequently change, time is stretched and budgets moreso. When every change is manual and the VMs have been in production for a long time, it becomes extremely difficult to ascertain the ‘desired’ state of a server. So how do we know when configuration has drifted enough to cause an issue? ... Read more

© James Booth 2017