Heard about CUE (https://cuelang.org/) but not sure where to get started? Unsure how to integrate CUE with an existing configuration? Need some pointers on the best practices for structuring and managing your data and schema? Unclear how and when to use the tooling layer?
Marcel van Lohuizen and Paul Jolly start with a quick overview of CUE the language, then move on to present practical examples of CUE in action, including common patterns for validation, policy, integration with existing non-CUE configuration and more.
With the Foreman Project dropping support for EL7 in Foreman 3.3 (~Summer 2022), it's finally time to tackle that migration to EL8 you have been putting off for a while now.
In this session we will present various ways how you can migrate your installation from EL7 to EL8, with the main focus on the in-place upgrade using LEAPP/ELevate.
With redpesk, we provide customers the ability to cross-build an embedded, CentOS Stream-based Linux distribution in the cloud. This requires a significant infrastructure: Koji/RPM builders, Angular-based WebUI, Gitlab forge, network and RPM package dependency management, Qemu test lab management, all need to come together and be connected, in a mix of Qemu virtual machines and LXC containers. Fortunately, Ansible and Proxmox comes to the rescue to manage this complexity.
In this talk, we'll present our architecture of a self-contained CI/CD environment in the cloud, to cross-build RPM packages and Linux images. We will then dive into the specifics of using Ansible to drive Proxmox and deploy a mix of Packer-built Qemu virtual machines and LXC containers. Those provide a full Koji build system (hub and builders), an Angular frontend, Go backend, a Gitlab forge as well as network isolation/firewalling and a Qemu virtual target lab.
We'll continue with lessons learned from doing these deployments for multiple customers. We will finish describing solutions we are currently working on, like Ansible AWX, to address the challenges of doing it at scale and increase automation.
Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages.
With the the introduction of CI/CD best practices into our day to day workflows we protect ourselves for introducing "bad" code into production and exposing flaws to our (end-)users. But what about influences from bad actors in- and out-side our projects. This talk will focus on the additional steps we can add to our Waypoint build pipelines to also protect ourselves to so called supply chain attacks while running our jobs in Nomad. We ll discuss scanning for vulnerabilities in incoming code, packages and images and signing the content artifacts we trust before exposing them to our users.
ARA Records Ansible playbooks and makes them easier to understand and troubleshoot.
The author will explain why he created the project back in 2016 and how it might be useful for a wide range of use cases wherever Ansible runs from.
Including a live demo, we'll see how it works under the hood and you can expect to walk away from the presentation with an understanding on how to get started for your own Ansible playbooks within minutes.
Flatcar Container Linux is a minimal base OS to run containers.
As a friendly fork of CoreOS Container Linux it continues the project under a new name.
The main features are the A/B partitions for automatic updates and rollbacks, and the integration of Ignition for declarative configuration on first boot.
Declarative configuration is a key element for managing machines following the principle of Immutable Infrastructure, but causes friction if it means that the whole machine has to be reprovisioned for configuration changes.
With Ansible instead of Ignition for the configuration management we can find a compromise by giving up on avoiding configuration drift due to leftovers of old configurations and their side effects.
Out of this experience the idea was born to rerun Ignition on configuration changes.
While the big hammer method is to reformat the filesystem and losing application data, a more fine-grained solution could exist by clearing only parts of the filesystem.
This talk shows how to use Flatcar Container Linux with Terraform, Ignition, and Ansible, and ends with a proof-of-concept demo for Flatcar Container Linux to allow configuration changes through Ignition while avoiding configuration drift.
The use of Bare Metal to run containerized workload is coming back into popularity. Therefore users need the ability to easily create Bare Metal based OpenShift clusters as automatically as possible.
Central Infrastructure Management (CIM) exposes an intuitive user interface, allowing the infrastructure administrator to define a pool of Bare Metal machines making them available for users to independently create OpenShift clusters from them.
An introduction (live demo with questions and answers) into RPort - a new open-source software for remote access and remote management of heterogeneous it-landscapes. Use the UI, the command line or an REST API to manage servers and desktop efficiently from a central place.