Unless you've been under a rock the last few days, you've no doubt heard of the Shellshock vulnerability affecting a large number of *nix machines with the Bash shell installed. Note: Bash doesn't even need to be the default shell - plenty of 'Dash' users are also affected. Luckily, there's a way to avoid this mess - a policy management engine in ManageIQ, combined with VM fleecing, that lets you route around the vulnerability, turning off VMs that are vulnerable. This video gives you the goods:
That video comes courtesy of John Hardy, all-around good guy (mostly) and CloudForms man about town. He wrote up an accompanying blog post that includes the bits needed for implementation:
Fancy finding out really quickly if your [linux boxes] are patched correctly? Even if they are turned off right now? Wow that is clever not even the virtual infrastructure players can do that…I know…its cool. Here it is..
Using Cloudforms (or ManageIQ for FREE!) download this policy and import it into Control. Then assign the policy to your targets. The policy will only check Linux systems, though it could do with a makeover to check only RHEL 6.5 systems too.
Download and import this policy profile (GitHub.com)
Protect yourselves out there!
Aaron Patterson joined us from Russia on this fun podcast, covering many topics, from the Rails 4 migration and the ManageIQ Design Summit to why you should "just use Ruby".
You can see Aaron and lots of other smart people at the upcoming ManageIQ D...
John Hardy and Brad Ascar stopped by the studio to discuss their talks at the upcoming ManageIQ Design Summit on October 7 & 8 in Mahwah, NJ
John and Brad's upcoming talks:
Fisher Price: My First State Machine - John Hardy
Navigating the M...
If you're headed to the ManageIQ Design Summit on October 7 & 8, you're in for a treat. Aaron Patterson (@tenderlove) will be leading a session in the design track on the topic of migrating ManageIQ to Ruby on Rails 4.
One of the things Aaron wil...
We just finished up the Sprint 12 demo, ended September 9.
If you want to read the highlights of the sprint demo, notes are posted below:
Sprint 12 Demo Highlights
- Sprint Statistics
- User Interface
- REST API
- 3 weeks long each ending on a Monday
- GitHub Milestone per Sprint
- GitHub Milestone called Roadmap
Sprint 12 Ended Sept 8
- links to sprint issues
- Over 90 Pull Requests Merged!
- 63 issues labeled as â€œbugâ€
- 15 issues labeled as â€œapplianceâ€
- 22 issues labeled as â€œenhancementâ€
- Form Buttons (css based)
- Patternfly modified Bootstrap
- EMS Refresh (Amazon virtualization type)
- Exposed cloud relationship in service models
- Persistent state data through retries
- Automate Model changes
- High level rubyrep changes
Amazon Virtualization Type
Service Models: Cloud Relationship
* expose :cloud_tenants
Persistent state data through retries
- New automate methods for state machine methods:
- set_state_var(var_name, value)
test_data = $evm.get_state_var(â€œtest_dataâ€)
# TODO: Something interesting
# First time through, initialize data
Automate Model changes
- Auto-placement run from a state machine step for Cloud and Infrastructure provisioning
- Added common "Finished" step to all Automate state machine classes
Added eligible* and set* methods for cloud resources to provision task service model
- Config temp disk for OpenStack Fleecing
- Key generation
- CertMonger Integration
- IPA Research for Single Sign-On
- Ruby 2.0 changes (compatible with 1.9.3)
- Logrotate now rotates our logs!
- Gem upgrades for bugs/enhancements
- Added/labelled issues for ruby2.x/rails4.x
- Update for Authentication
- With External Authentication (httpd) enabled against an IPA Server
- fixed bug in the REST API and Appliance Console to honor the external credentials like the Web UI when targeting the /api entrypoint
XFS Filesystem Support
- Work in Progress
- Most of the code is complete
- Lacking Unit Tests
- Expected to be completed in Sprint 13
We're happy to announce the preliminary agenda for the upcoming ManageIQ Design Summit, a 2-day event on October 7 & 8 in Montvale, NJ. Be sure to RSVP soon, as space is very limited. As mentioned in the title, it's a small intimate gathering of cl...
All good things must come to an end. I can say with no equivocation that the last three years have been the most rewarding from a work perspective than any other job I’ve ever had. When I accepted this challenge in May, 2011, I had no idea that the project and community would blossom as […]