Book Image

Hands-On Enterprise Automation on Linux

By : James Freeman
Book Image

Hands-On Enterprise Automation on Linux

By: James Freeman

Overview of this book

Automation is paramount if you want to run Linux in your enterprise effectively. It helps you minimize costs by reducing manual operations, ensuring compliance across data centers, and accelerating deployments for your cloud infrastructures. Complete with detailed explanations, practical examples, and self-assessment questions, this book will teach you how to manage your Linux estate and leverage Ansible to achieve effective levels of automation. You'll learn important concepts on standard operating environments that lend themselves to automation, and then build on this knowledge by applying Ansible to achieve standardization throughout your Linux environments. By the end of this Linux automation book, you'll be able to build, deploy, and manage an entire estate of Linux servers with higher reliability and lower overheads than ever before.

Related Content you might be interested in

Current Title:

Small book image
Hands-On Enterprise Automation on Linux
James Freeman
Jan, 2020 | 512 pages
Small book image
Practical Ansible 2
Fabio Alessandro Locati | Daniel Oh | James Freeman
Jun, 2020 | 410 pages
Small book image
Practical Ansible
Fabio Alessandro Locati | Daniel Oh | James Freeman
Sep, 2023 | 420 pages
Small book image
Mastering Ansible, 4th Edition
Jesse Keating | James Freeman
Dec, 2021 | 540 pages
Table of Contents (23 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Section 1: Core Concepts
Section 1: Core Concepts
Free Chapter
2
Building a Standard Operating Environment on Linux
Building a Standard Operating Environment on Linux
Understanding the challenges of Linux environment scaling
What is an SOE?
Exploring SOE benefits
Knowing when to deviate from standards
Ongoing maintenance of SOEs
Summary
Questions
Further reading
3
Automating Your IT Infrastructure with Ansible
Automating Your IT Infrastructure with Ansible
Technical requirements
Exploring the Ansible playbook structure
Exploring inventories in Ansible
Understanding roles in Ansible
Understanding Ansible variables
Understanding Ansible templates
Bringing Ansible and the SOE together
Summary
Questions
Further reading
4
Streamlining Infrastructure Management with AWX
Streamlining Infrastructure Management with AWX
Technical requirements
Introduction to AWX
Installing AWX
Running your playbooks from AWX
Automating routine tasks with AWX
Summary
Questions
Further reading
5
Section 2: Standardizing Your Linux Servers
Section 2: Standardizing Your Linux Servers
6
Deployment Methodologies
Deployment Methodologies
Technical requirements
Knowing your environment
Keeping builds efficient
Ensuring consistency across Linux images
Summary
Questions
Further reading
7
Using Ansible to Build Virtual Machine Templates for Deployment
Using Ansible to Build Virtual Machine Templates for Deployment
Technical requirements
Performing the initial build
Using Ansible to build and standardize the template
Cleaning up the build with Ansible
Summary
Questions
Further reading
8
Custom Builds with PXE Booting
Custom Builds with PXE Booting
Technical requirements
PXE booting basics
Performing unattended builds
Adding custom scripts to unattended boot configurations
Summary
Questions
Further reading
9
Configuration Management with Ansible
Configuration Management with Ansible
Technical requirements
Installing new software
Making configuration changes with Ansible
Managing configuration at an enterprise scale
Summary
Questions
Further reading
10
Section 3: Day-to-Day Management
Section 3: Day-to-Day Management
11
Enterprise Repository Management with Pulp
Enterprise Repository Management with Pulp
Technical requirements
Installing Pulp for patch management
Building repositories in Pulp
Patching processes with Pulp
Summary
Questions
Further reading
12
Patching with Katello
Patching with Katello
Technical requirements
Introduction to Katello
Installing a Katello server
Patching with Katello
Summary
Questions
Further reading
13
Managing Users on Linux
Managing Users on Linux
Technical requirements
Performing user account management tasks
Centralizing user account management with LDAP
Enforcing and auditing configuration
Summary
Questions
Further reading
14
Database Management
Database Management
Technical requirements
Installing databases with Ansible
Importing and exporting data
Performing routine maintenance
Summary
Questions
Further reading
15
Performing Routine Maintenance with Ansible
Performing Routine Maintenance with Ansible
Technical requirements
Tidying up disk space
Monitoring for configuration drift
Understanding process management with Ansible
Rolling updates with Ansible
Summary
Questions
Further reading
16
Section 4: Securing Your Linux Servers
Section 4: Securing Your Linux Servers
17
Using CIS Benchmarks
Using CIS Benchmarks
Technical requirements
Understanding CIS Benchmarks
Applying security policy wisely
Scripted deployment of server hardening
Summary
Questions
Further reading
18
CIS Hardening with Ansible
CIS Hardening with Ansible
Technical requirements
Writing Ansible security policies
Application of enterprise-wide policies with Ansible
Testing security policies with Ansible
Summary
Questions
Further reading
19
Auditing Security Policy with OpenSCAP
Auditing Security Policy with OpenSCAP
Technical requirements
Installing your OpenSCAP server
Evaluating and selecting policies
Scanning the enterprise with OpenSCAP
Interpreting results
Summary
Questions
Further reading
20
Tips and Tricks
Tips and Tricks
Technical requirements
Version control for your scripts
Inventories – maintaining a single source of truth
Running one-off tasks with Ansible
Summary
Questions
Further reading
21
Assessments
Assessments
Chapter 1 - Building a Standard Operating Environment on Linux
Chapter 2 - Automating Your IT Infrastructure with Ansible
Chapter 3 - Streamlining Infrastructure Management with AWX
Chapter 4 - Deployment Methodologies
Chapter 5 - Using Ansible to Build Virtual Machine Templates for Deployment
Chapter 6 - Custom Builds with PXE Booting
Chapter 7 - Configuration Management with Ansible
Chapter 8 - Enterprise Repository Management with Pulp
Chapter 9 - Patching with Katello
Chapter 10 - Managing Users on Linux
Chapter 11 - Database Management
Chapter 12 - Performing Routine Maintenance with Ansible
Chapter 13 - Using CIS Benchmarks
Chapter 14 - CIS Hardening with Ansible
Chapter 15 - Auditing Security Policy with OpenSCAP
Chapter 16 - Tips and Tricks
22
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Chapter 13 - Using CIS Benchmarks

  1. They provide a standardized, industry-agreed way to secure Linux servers.
  2. Yes, it does.
  3. A level 1 benchmark is not expected to have an impact on day-to-day operations of your server. A level 2 benchmark is and so should be implemented with care.
  4. Scored benchmarks are expected to be crucial to all systems, whereas benchmarks that are not scored are expected to be applied to only some systems (for example, wireless network adapter configuration hardening will only apply to a subset of machines—hence, this should not affect the score of all machines).
  5. This is normally provided in the benchmark document but often involves using the grep utility within the script to check for the configuration settings in a given file and reporting back on whether it was found or not.
  6. Possible answers include the following:
    • Pattern matching can be an imprecise...
Previous Section
End of Section 14
Next Section