With VMworld 2016 US event just around the corner, we thought it would be a good time to look at some of the new features introduced in the ManageIQ community related to our support for VMware.
ManageIQ is the open source project behind Red Hat CloudForms. The latest product features are implemented in the upstream community first, before eventually making it downstream into Red Hat CloudForms. This process is similar for all Red Hat products. For example, Fedora is the upstream project for Red Hat Enterprise Linux and follows the same upstream-first development model.
In this article, we look at the recent development of a vCloud provider in ManageIQ. VMware vCloud becomes the latest addition to the list of supported public cloud providers, joining Amazon Web Services, Microsoft Azure, Google Cloud Platform and OpenStack.
Continue reading “First look at VMware vCloud provider in ManageIQ / CloudForms”
The VMworld 2016 US event is approaching and Red Hat will be there to showcase our Management portfolio. This includes Red Hat CloudForms which provides unified management for container, virtual, private, and public cloud infrastructures.
With this in mind, we thought it would be a good time to recap how easy it is to deploy Red Hat CloudForms in a VMware virtualized environment. Deploying CloudForms for VMware is very straightforward and consists of three steps to get to an implemented solution that gives full visibility of your VMware infrastructure.
Continue reading “Getting started with managing VMware with Red Hat CloudForms”
This is part 5, the last post of our series on Ansible Tower Integration in Red Hat CloudForms.
As you saw from previous articles, Job Templates can be launched from CloudForms via Ansible Tower to run playbooks on targeted hosts. In particular we have looked at launching them from a button on a VM and from the CloudForms Service Catalog. In this last article, we examine how to expose Job Templates as Service Items to utilize them as part of a Service Bundle.
In this example, we reuse our ‘Deploy PostgreSQL’ Job Template to automate the installation and configuration of a PostgreSQL database on a newly provisioned VM. Our service bundle will deploy a new RHEL7 instance on Amazon EC2 and launch our Ansible Job Template to configure the database on this host.
Continue reading “Using an Ansible Job Template in a CloudForms Service Bundle”
This is part 4 of our series on Ansible Tower Integration in Red Hat CloudForms.
In the previous article, we have seen how Ansible Job Templates can be launched from a VM button in CloudForms. In this article, we explore how Ansible Job Templates can be published as Catalog Items and made available for end user consumption from a CloudForms Service Catalog.
In this example, we use ec2_elb_lb, an Ansible core module, to demonstrate how we can easily extend the capabilities of CloudForms by re-using automation already provided by Ansible. In particular, we provide the ability to create an Amazon Elastic Load Balancer (ELB) from CloudForms Service Catalog without having to write any Ruby code.
Continue reading “Publishing an Ansible Job Template as a Service in CloudForms”
This is part 3 of our series on Ansible Tower Integration in Red Hat CloudForms.
In this article, we will explore how to use the Ansible Tower integration in CloudForms by configuring the launch of an Ansible Template Job on a click of a button from a VM.
In this example, we use an Ansible Job Template created based on a role found on the Ansible Galaxy role library. In particular, we installed on our Ansible Tower the sfromm.postgresql role dedicated to managing PostgreSQL. Our associated Ansible Playbook is available on GitHub.
Continue reading “Launching our First Ansible Job Template on a VM in CloudForms”
This is part 2 of our series on Ansible Tower Integration in Red Hat CloudForms.
As mentioned in our previous post, CloudForms 4.1 brings native integration capabilities with Ansible Tower. This post explores the Ansible Tower requirements as well as the configuration of the provider in CloudForms.
Like all providers within CloudForms, the Ansible Tower provider is agent-less and only requires connectivity and credentials to the Ansible Tower API.
Continue reading “Configuration of an Ansible Tower provider in CloudForms”
Ansible Tower is a management tool designed to help automate infrastructure operations. Ansible Tower features management of host inventory, Ansible playbooks, access keys and passwords, as well as detailed reporting and audit of infrastructure deployments. Ansible Tower is designed for team-based infrastructure management, and as such, facilitates user’s involvement at different levels of the infrastructure operations. It enhances basic Ansible CLI operations with a visual overview of the infrastructure states and provides management workflows across the enterprise. Using Ansible Tower, users can schedule Ansible playbook runs and monitor current and historical results, allowing for troubleshooting or identification of issues before they occur.
Continue reading “Introducing Ansible Tower Integration in CloudForms 4.1”
The recent discovery of a protocol flaw on Samba server (see CVE-2016-2118) raises once again the question of managing security and compliance of systems. How can we identify easily which systems are affected? And, how can we validate that these environments are correctly patched?
Continue reading “Are your systems affected by BADLOCK Security flaw?”
As you have probably noticed by now, the attack on OpenSSL known as DROWN – Decrypting RSA using Obsolete and Weakened eNcryption has recently been discovered. Red Hat Product Security have provided patches for OpenSSL and recommend to apply them to affected systems.
In this post, we will discuss how Red Hat CloudForms and ManageIQ can assist in identifying environments at risk of the DROWN OpenSSL cross-protocol vulnerability. In addition, CloudForms can audit your environments and validate that the patches have been applied.
How can Red Hat CloudForms help?
CloudForms provides a policy based compliance check which can be used to verify software and configuration of servers and validate security requirements. These policies are created as a combination of an event, a condition and an action, and use a scope (usually set to infrastructure or guests) to determine if the policy needs to run. Additional information on using policies can be found in the product documentation: Defining policies and profiles.
Continue reading “Managing Patching Compliance Using DROWN OpenSSL Vulnerability as an Example”