Skip to content

2019

  • 5 min read

Automate Publishing and Promoting Content Views in Red Hat Satellite

Recently, I have been working with Red Hat's system mangement solution, a product called Satellite. If you want more information on what Satellite is or what it can do for you and your organization, please read Crossvale's data sheet. However, the purpose of this post is to document the process I used to automate the publishing of Content Views and then automate the promotion of those Content View versions to the first step in the Lifecycle Environment path. When a product offers, not only a web browser interface(GUI), but also a CLI and API for installation, cofiguration, and mangement tasks, the possiblilities are endless to what solutions can be achieved.

  • 6 min read

Continuous Deployment with GitHub Actions - AWS SAM

A couple of weeks ago, I finally got my email giving me access to the new feature released by GitHub, called GitHub Actions. This weekend, I finally got some free time to play around with it and kick the tires so to speak. The purpose of this post is to run through a simple Continuous Deployment workflow I was able to setup using the new GitHub Actions feature.

The Plan

The idea here is to leverage GitHub Actions to create a pipeline or workflow to automatically deploy/update an AWS Lambda function using the Serverless Application Module everytime a GitHub branch is merged into the master branch. I used an already working Lambda function that serves as a twitter bot with the purpose of retweeting tweets to promote technical conferences that are looking for speakers and papers.

  • 3 min read

My Tricks with UFW, Fail2Ban, and Python

I am using a combination of tools to monitor, temporarily ban, and block problem IPs that attempt to brute force SSH on my Digital Ocean, Ubuntu server. Then allow SSH, so I can manage my server.

First, I installed ufw to easily create firewall rules. Below commands allow me to show all available options. You can list pre-configured apps that I can allow or block. I can also get more info on a specific app.

  • 3 min read

Enhanced SSL Cipher Walkthrough

If your site or service has any interaction with customer data, especially credit cards, then you will want to ensure that you are using the latest up-to-date SSL ciphers. Below are some quick notes that I took while recently updating some ciphers I'm responsible for. A lot of credit goes to Ivan Ristic as I did spend time reading thru his OpenSSL Cookbook. This post will not cover creating or converting SSL keys, but focus more of the cipher suite and how to change to increase security.

Find out current complete version info

opensslVersionA

  • 2 min read

Red Hat Subscription Management for Self-Registered Satellite Upgrade

So I learned today while preparing to upgrade my Red Hat Satellite server from 6.2 to 6.3 before taking the next step in the path to 6.4, that self-registered Satellite server upgrade is not possible. This means I needed to unregister my server, basically from itself, and register it to the Red Hat CDN.

This process was not that big of a deal, until I realized that my Satellite Subscriptions were all already entitled to the Satellite manifest. There was a NOTE in the Red Hat docs that even provided a link to Managing Subscriptions, and you can look for yourself, but I didn't see any clear instructions on how to remove a subscription from the manifest.