This blog will cover how we can pass custom values into the SaltStack state that make up the security checks. Such customisation provides the ability to define SaltStack compliance policies with a custom variable value. It essentially supports applying certain checks with required variables using the out-of-the-box CIS benchmarks, e.g. security compliance check “Ensure password expiration is 365 days or less”, which will ensure password expiration is 365 days or less. However, my standard policy accepts password expiration to 180 days. Variables are used to customize policies to the specific organization’s internal policies. Please note that this process is not applicable If you like to create and test custom compliance…
-
-
Patching Linux VM using VMware SaltStack Config Management
This blog will cover VM workload configuration management by using SaltStack, which provides configuration management besides compliance and vulnerability capabilities for the workload. Before we dive into how to use SaltStack config management functionalities, I will quickly share a bit more on VMware SaltStack. SaltStack, by default, comes as SaltStack Config, which helps maintain configuration and perform day 2 actions. Essentially, the benefit of SaltStack is to provide native config management, self-healing config with event-driven automation & orchestration. It supports building and scheduling repeatable jobs for self-service automation. Also, preserve tons of workload/systems with fast, hyper-scale automation. SaltStack supports flexible control with agents, agentless, and API proxy agents. For more…
-
Enabling VMware SaltStack SecOps functionality for Compliance & Vulnerability Management.
This blog will cover enabling SecOps functionality on SaltStack, which provides compliance and vulnerability capabilities for the workload. Before we dive into how to enable the SecOPs feature, I will quickly share a bit more on VMware SaltStack. SaltStack, by default, comes as SaltStack Config, which helps maintain configuration and perform day 2 actions. Essentially, the benefit of SaltStack is to provide native config management, self-healing config with event-driven automation & orchestration. It supports building and scheduling repeatable jobs for self-service automation. Also, preserve tons of workload/systems with fast, hyper-scale automation. SaltStack supports flexible control with agents, agentless, and API proxy agents. For more details on SaltStack, please refer to…
-
Provisioning Web Application using vRealize Automation 8.x REST API via Postman
In this blog, I will cover vRealize Automation 8.x operations using REST API via Postman. The main goal of this blog is to provide a handy example for vRA operation using API. The vRealize Automation REST API provides consumer, administrator, and provider-level access to the service catalog with the same services that support the vRealize Automation console user interface. You can perform vRealize Automation functions programmatically by using REST API service calls. The vRealize Automation REST API offers multiple services and functions. For a detailed offering, please refer to VMware Programming Guide for vRA. REST Client Applications Any client application that can send HTTPS requests is an appropriate tool for…
-
Postman API Collections for Equinix Metal – Bare Metal As A Service
Why API functionality is one of the most sought after capabilities for infrastructure, software or application? Today’s DevOps processes and tools aim to achieve a model of continuous software development right from coding to deploying and maintaining the desired state of the infrastructure and applications. Besides, for Automation and DevOps processes to work, infrastructure needs to be available as code. API is the starting point whereby you can start API automation for those repetitive operational tasks. This blog will cover the REST API collection and examples for Equinix Metal Day 1 and Day 2 operations via Postman. This Postman’s import collection capabilities will assist you with sample API calls. This…
-
vRealize Automation 8 Code Stream – Part 3 Continuous Integration & Deployment
vRealize Automation 8 Code Stream – Part 3 Continuous Integration & Deployment In part 1 of this blog series, I covered how to create vRealize Automation Code Stream Endpoint for Jenkins Server. In part 2 of this blog series, we went through how to create vRealize Automation Code Stream Pipeline with Jenkins Jobs. In this last part of the blog series, I will cover CI/CD for a webapp and run the vRA Code Stream Pipeline which will trigger Jenkins job in the backend that uses Git & Ansible. vRealize Automation Code Stream Introduction – You will find more information about vRA Code Stream in VMware Docs. However, a high level,…
-
vRealize Automation 8 Code Stream – Part 2 Create Pipeline for Jenkins CI/CD Job with Git.
vRealize Automation 8 Code Stream – Part 2 Create Pipeline for Jenkins CI/CD Job with Git. In part 1 of this blog series, I covered how to create vRealize Automation Code Stream Endpoint for Jenkins Server. In this 2nd part of the blog series, I will cover how to create vRealize Automation Code Stream Pipeline with Jenkins for CI/CD with Git as Source Code Management. vRealize Automation Code Stream Introduction – You will find more information about vRA Code Stream in VMware Docs. However, a high level, vRealize Automation Code Stream models the tasks in your software release process and automates the development and test of developer code to release…
-
vRealize Automation 8 Code Stream – Part 1 Create Endpoint for Jenkins CI/CD Job with Git.
vRealize Automation 8 Code Stream – Part 1 Create Endpoint for Jenkins CI/CD Job with Git. In this 1st part of the blog series, I will cover how to integrate vRA 8 Code Stream with Jenkins, Create a Code Stream Endpoint to run Jenkins Job for CI/CD with Git as Source Code Management. vRealize Automation Code Stream Introduction – You will find more information about vRA Code Stream in VMware Docs. However, a high level, vRealize Automation Code Stream models the tasks in your software release process and automates the development and test of developer code to release it to production. It integrates your release process with developer tools to…
-
vSphere 7 with Kubernetes Part 6 – Cloud Native Storage with vSphere CSI for Persistent Volumes
vSphere 7 with Kubernetes Part 6 – Cloud Native Storage with vSphere CSI for Persistent Volumes In part 1 of this blog series, I covered how to create Storage tag and Policy to be used for the Workload management. In part 2 of this blog series, I covered how to enable Workload Management on vSphere 7. In part 3 of this blog series, we discovered how to set up the Content Library. In part 4 of this blog series, we enabled Harbor Image Registry. In part 5 of this blog series, we deployed a Tanzu Kubernetes Grid (TKG) cluster. In this 6th part of this blog series, I am going to cover how…
-
vSphere 7 with Kubernetes Part 5 – Create Tanzu Kubernetes Grid Cluster
vSphere 7 with Kubernetes Part 5 – Create Tanzu Kubernetes Grid Cluster In part 1 of this blog series, I covered how to create Storage tag and Policy to be used for the Workload management. In part 2 of this blog series, I covered how to enable Workload Management on vSphere 7. In part 3 of this blog series, we discovered how to set up the Content Library. In part 4 of this blog series, we enabled Harbor Image Registry. In this 5th part of the blog series, we will see how to deploy Tanzu Kubernetes Grid (TKG) cluster. Previously, these clusters were referred to as ‘Guest Cluster’. TKG cluster is a Kubernetes cluster…