Earlier this week, I ran into an issue in a new environment that I had just deployed. The vCloud stack was installed as vCAC 6.1 Appliance, external vCO, and vCAC IaaS VM running on Windows Server 2012R2. In this post, we'll run through setting up a CentOS VM with the vCAC guest agent in order … Continue reading vCAC and Linux Guest Agent How-To and Gotchas
Automate password changes with Ansible
Everyone should be changing root passwords from time to time on their infrastructure. It's something we all put off as long as possible for various reasons whether they be the hatred of learning a new password or just sheer laziness. Needless to say, it is a necessity of being an admin of ANY system, hope … Continue reading Automate password changes with Ansible
Shellshock continued!
Since my last post, there have been FIVE new vulnerabilities released for bash. The floodgates have opened it seems... Obviously you want to push the bash updates to all your servers sooner rather than later and you have no reason not to as it's a non-disruptive update. A user in the sysadmin channel on FreeNode … Continue reading Shellshock continued!
Shellshock CVE-2014-6271 Vulnerability and Ansible Playbook
It's been an interesting year in terms of finding massively exploitable Linux issues. Heartbleed was a nightmare that caused several late and long nights for IT teams across the entire globe. It was also one of the first times the Windows IIS crew could sit back and laugh at us for once. And now here … Continue reading Shellshock CVE-2014-6271 Vulnerability and Ansible Playbook
The heavens parted and then… ESXi Heartbleed patch!
Better late than never, yea? Quick Saturday post, here is how to get your host up to date real quick via SSH, generate new certs, and change the root password. Better safe than sorry, friends. Note: This is only for ESXi 5.5 Update 1! If you are not running 5.5u1, replace ESXi-5.5.0-20140404001-standard with ESXi-5.5.0-20140401020s-standard. This … Continue reading The heavens parted and then… ESXi Heartbleed patch!
Centralized rsyslog with ESXi 5.x hosts
One of the most important things in any environment is the syslog server. A centralized host to keep all the debug, runtime, and access information to be sent to your Kibana/Logstash or Splunk implementations will make any sysadmins life easier. The walk-through below sets up a central server running rsyslog, accepting logs on 514 from … Continue reading Centralized rsyslog with ESXi 5.x hosts