Due to billing or organizational structures, certain parts of the infrastructure could be divided over several Azure subscriptions. From an infrastructure management point of view however, it might be interesting to manage the resources in those multiple subscriptions in one Terraform playbook. In the required_providers section, the configuration_aliases must be configured first (usually in the…
HAProxy provides a socket file which can be used to do maintenance (enable/ disable backends, retrieve information and statistics, …). The statistics part contains quite some interesting information for monitoring and alerting. The below Perl code snippit will loop over a glob of socket files (for instance when you have multiple HAProxy configurations running as…
I released a small project I wrote a while ago, to create quick Prometheus exporters in Perl for providing some custom data. The project itself can be found at https://github.com/insani4c/prometheus-exporter. Back then I decided not to use Net::Prometheus as I wanted to use HTTP::Daemon with threads and not Plack. A small example of how to…
OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol. Many graphical interfaces are available for managing user accounts in OpenLDAP like PHPLDAPAdmin (http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page) or LAM (https://www.ldap-account-manager.org/lamcms/). When generating a bulk amount of accounts with automation or just managing user details with a simple script, allows much more flexibility and can be…
With AppArmor enabled on Debian/ Ubuntu systems, starting up virtual machines with libvirt can cause startup failures if not AppArmor is not properly configured. AppArmor will write messages to the kernel log (visible with either the dmesg command or in kernel.log if available) regarding its actions. If your libvirt guests are not starting up or…
Ansible is a great automation tool to manage operating systems, but also to manage database like PostgreSQL. Many Ansible modules are available to create playbooks which execute various database administration tasks. In this article we will have a closer look how to ensure that a default database has been created a set of configured extensions…
Ansible provides a more flexible way to fine-tune Hashicorp Packer images compared to cloud-init. Playbooks can be executed once the guest image building is ready and boots up for the first time. This allows to create different types of Packer images based on different playbooks. In this article, Packer images will created for Azure using…
In a previous article (IPTables Logging in JSON with NFLOG and ulogd2) we learned how to log certain IPTables rules to JSON log files. Monitoring the logs in real-time on the command line, can also be very useful when debugging either the rules themselves or when analyzing certain issues. Rather than just looking at the…
De-duplication of configuration information is key when managing large environments which use different types of automation (Terraform, Jenkins, Ansible, scripts executed as Systemd timers, Puppet…). Although many different configuration management tools exist (RDBMS, Consul, …), one of the easiest to use is Hiera or just a plain normal Git repository with YAML files, in some…
Libvirt (libvirtd) nodes (based on KVM and Qemu) are a great and cheap (read: free) alternative of deploying virtual nodes in a cloud. Required is a server which will act as a hypervisor, in our article we chose to use a Hetzner server installed with Ubuntu Linux 20.4-lts. After the default installation of Ubuntu 20.4-lts,…
