A couple months ago one of our customers migrated their production environment to a new Cloud provider. They still needed live access to portions of their legacy system, but wanted downsize and decommission a subset of about 500+ Virtual Machines to save cost. The process of decommissioning/resizing each VM was […]
Ramblings
13 posts
I was really surprised to see how easy it is to configure Ansible Tower/AWX to use Microsofts Azure AD as an external Identity Provider. Not only does this simplify user management in Ansible Tower within our organisation but also opens the possibility of providing “Ansible as a Service” to our […]
I’m currently busy with a project in my home lab that requires a machine on my test LAN to be issuing IP addresses. I figured I’d use an LXC container on my Ubuntu Desktop because it’s lightweight and a convenient way to contain DHCP server software without having to install […]
To skip to the How To, Click here for the details. I’ve just started my journey with Juju and have quickly built a number of deployments on various models. As I started to churn out the application landscapes I realized that it would be great to link functionality from one model […]
In this post, I look at capturing network packets at the Hypervisor layer instead of inside the Virtual machines or at the network layer. I found myself in this situation when I was asked to troubleshoot an issue where I didn’t have access to the VM nor the network device. […]
There’s a massive trend right now to containerise application deployments. It makes sense to do so because there’s no real reason to run every application on it’s own dedicated server. Instead, putting it inside it’s own little box makes it highly portable and a pleasure to deal with… sort of. […]
One of the most annoying things about dealing with Solaris zones deployed using OEDA is that all VM’s get deployed into a single LUN. What this means is even though your database hosts may be “isolated” from each other, they all depend on one top level ZFS dataset for their […]
Recently I encrypted all my home folders on my Linux machines hosted in public clouds. See article Sysadmins Behaving Badly part 1. One thing that I wasn’t anticipating was the fact that when the user is logged out, sshd can’t read the authorized key file which sits inside the home […]
This may seem like a useless post, but I’ve always wondered about the banner ssh shows when connecting to a new server. How do you actually know that you’re connecting to the correct server. Usually when ssh’ing to a host you see a banner like this one : test@creamsoda:~$ ssh […]
When working with Solaris zones, it’s inevitable that you will need to pass some kind of additional storage into the zone from the Global zone. One of my favourite ways to do this is to delegate a ZFS dataset to the zone. The benefit here is that you can run […]
Recently I had to add an additional interface to a VM cluster post deployment. For the most part it’s pretty well documented but can get confusing depending on the configuration. Unfortunately mistakes were made however a lot was learnt. The Exadata in question was an X6-2 Quarter rack, with 2x […]
When I first started writing this post I was thinking about the dangers of generating and using ssh keys for authentication on shared platforms. If you’re like me and enjoy the convenience of using private and public key pairs for ssh authentication, you’ve probably heard it a million times that […]