This video highlights the role-based access controls within Red Hat CloudForms and how they can be tied into Microsoft Active Directory, to leverage a company’s existing user and group structure. The goal of the video is to help customers understand how they can integrate CloudForms into their organizational structure with rather minimal setup.
Continue reading “Setting up Red Hat CloudForms with Microsoft Active Directory (Video)”
When talking to IT leaders about Red Hat CloudForms, we often point out the time and cost savings that CloudForms can have on their organization. While we have several customer success stories that highlight the various benefits of CloudForms to each organization, we wanted a more formal study of the business value that CloudForms could bring to an organization. To that end, Red Hat commissioned a study, conducted by IDC, to look at the business value of CloudForms. This blog post will highlight some of their findings, with IDC’s complete report available for review.
Continue reading “The Business Value of Red Hat CloudForms”
The recent discovery of a protocol flaw on Samba server (see CVE-2016-2118) raises once again the question of managing security and compliance of systems. How can we identify easily which systems are affected? And, how can we validate that these environments are correctly patched?
Continue reading “Are your systems affected by BADLOCK Security flaw?”
As you have probably noticed by now, the attack on OpenSSL known as DROWN – Decrypting RSA using Obsolete and Weakened eNcryption has recently been discovered. Red Hat Product Security have provided patches for OpenSSL and recommend to apply them to affected systems.
In this post, we will discuss how Red Hat CloudForms and ManageIQ can assist in identifying environments at risk of the DROWN OpenSSL cross-protocol vulnerability. In addition, CloudForms can audit your environments and validate that the patches have been applied.
How can Red Hat CloudForms help?
CloudForms provides a policy based compliance check which can be used to verify software and configuration of servers and validate security requirements. These policies are created as a combination of an event, a condition and an action, and use a scope (usually set to infrastructure or guests) to determine if the policy needs to run. Additional information on using policies can be found in the product documentation: Defining policies and profiles.
Continue reading “Managing Patching Compliance Using DROWN OpenSSL Vulnerability as an Example”
UPDATED : Video version of this blog…..found here… http://youtu.be/RDcIIyYK044
So this Shell-Shock stuff is hitting the press quite a bit!
Fncy finding out really quickly if your Red Hat Enterprise Linux 6.5 systems are patched correctly? Even if they are turned off right now? Wow that is clever not even the virtual infrastructure players can do that…I know…its cool. Here it is..
Continue reading “Shell-Shock – Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271, CVE-2014-7169)”
So for the past few years Savon v1.1.0 has been the default GEM in the appliance. Heres a scoop! In future releases, and the upstream builds have Savon v2.
What does this mean? Well v2 has a slightly different syntax to its connections and function call. Here is a v2 SOAP example:
Continue reading “SOAP – SAVON v2 Syntax”
This is pretty simple but very useful. I have done a little research and whilst inspect is a way of seeing inside of an object its also hard to read and not very re-usable. Being somewhat old now (crazy thought) XML used to be the way we described things. Yes I know yaml, json etc have come to replace XML in languages such as Ruby, but I cannot get away from XML is far easier to read and self describing than the aforementioned.
If you have used InspectME that ships with the product then this is the same but in XML format, with a few advantages…
Continue reading “inspectXML – Dump objects as XML”
The base automate model does not contain the email methods for the VM Reconfigure approval process, this post gives you this capability.
Ensure your CFME appliance can send a test email from the configuration page. If you get the test email, then continue otherwise keep trying until you do!
Continue reading “VM ReConfigure Approval Emails”
This is a really simple export routine for VMware using a custom button.
In an implementation I would maybe wrap this with
- A dialog to offer different export locations and naming of the export to include date/time stamp and maybe a checkbox to enable disable the overwrite of existing exports.
- Add in the approval system, basically some workloads should require authorisation by a manager to allow the export, we could do this by tag, and capture this in the method.
- Some error checking and folder creation stuff in the simple method.
Continue reading “Exporting VM (VMware)”
This post will solve anything! Quite simply anything you can script, code or model in CloudFORMS you can call externally too using simple web services.
We will need a few things as follows;
- A sample method that we can call
- A ruby script to call our web services and execute our sample method.
Continue reading “CloudFORMS and Simple WebServices (RUBY)”