| brent timothy saner on 27 Aug 2015 08:35:32 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Automatic provisioning of highly secure linux environments |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/27/2015 10:58 AM, Paul Walker wrote: > This is a pretty broad question, but there's a lot of talent on this > list that I'd like to hear from.. > > Assuming that I need to set up an arbitrary number of server > environments for serving web applications and would like to create a > repeatable (scripted), highly secure process for doing so, I'm curious > what people's go-to tools are and especially: > > • is anyone using 3rd-party / paid services that they are happy with > that include system provisioning, monitoring, firewalls and other strong > security measures > • what software / frameworks do people use for deployment / provisioning > / monitoring and security > > Any thoughts / feelings are greatly appreciated.. > > Paul Paul- What distro? No matter what you pick, I highly recommend iPXE (and serving the iPXE image via vanilla PXE). The menu system supports scripting (and can even be php-driven), making it a large win. That aside, I ask which distro because many support this as part of their base install methods. CentOS/RHEL (and others- I think SUSE as well?) supports kickstart, Debian and Ubuntu support preseeding. From there, you can execute arbitrary commands and such as part of the install process. I can provide further information and documentation depending on which distro you're trying to operate on. If you'd like some interactive help with this, ping me (r00t^2) in #plug or #sysadministrivia on Freenode IRC. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJV3y4wAAoJEIwATC+TSB9rlDEP/05ZHuI+eY98O8OHLaFqEnyV V5xAQAGJnpLZazTIXlZlNwPJRnm7pOubNGFVis/fusgunX1j1h3Derdfopl7/LWI R2aoTL9q7lrBnESciNINnclFYpYrXGxD3q4eda6dGGzyeR1yqoThJGKOq5neQv0U ILXVTZbm8yPKiRySKd1Pls896tDalQ8oZj7KaL2E23I4tnUwr0ck1EQNxjUAo42X Nx+papv4qQAC4mU98e/Ye1aVnZl8AOvsZRbnxE/kQGvsh6yvEJCynt1E2dQJEwOc xIXaM78nalbctEGQNuNK07qobzvIAF/XC5PiK4SHOcdljGFZVVeLXdulWCVNuUl+ v9KK4lyyKlMLIFyBqUeIlz8vWFXm17crsqH8BsOviqop6DfFjN6gsmXjzX2h4l/Z cxCCCPh+pAQ80KGLfsicYjaD/OBml9O6bUaAoR5CJ0/btuTt/3TB06IMdWnmH0IP h5l7n+VegJxbVdg1ZyTNcbYbzkAE6c9SPf/QUzTIxlBZdvAwvXAd2D4h08wS8E9S k6QWA2CM73ZhyyzuANycLofb/53ERWEA22H1AMzCpVjSB4fdqoCb2F8Phb+veu1w VcafyG+9x1tkyUWAol4Wr8w4AfXpANfBThVWRy4dfa2SDz7nETkz9Uix8DY8JgAU k77cvjNt0fyj9o+gvJ9X =N2gz -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug