I had to fight a little with GPG Suite (Mac) and forwarding gpg-agent to a Ubuntu 16.04 target. This post describes what ended up working for me. Source Machine: macOS Sierra 10.12.6 GPG Suite 2017.1 (2002) Target Machine: gpg2 installed on Ubuntu 16.04 (sudo apt-get install gpg2 -y) Source machine: File: ~/.gnupg/gpg-agent.conf Add this lines: extra-socket /Users/[user]/.gnupg/S.gpg-agent.remote File: ~/.ssh/config Add these lines: RemoteForward /home/[user]/.gnupg/S.gpg-agent /Users/[user]/.gnupg/S.gpg-agent.remote ExitOnForwardFailure Yes Restart gpg-agent: gpgconf --kill gpg-agent gpgconf --launch gpg-agent Destination Machine: File: /etc/ssh/sshd_config Add this line:...

I found and upvoted this solution on ServerFault. TLDR: Use OS X Disk Utility to Create a New Sparse, Case Sensitive Disk Configure VirtualBox to use this new disk Some screenshots that may be helpful: From Disk Utility -> File -> New Image: From VirtualBox -> Preferences: 

While debugging an Ansible playbook, I tweeted about variable precedence: https://twitter.com/andyhky/status/734859666337861633 Through that tweet I learned how to spell mnemonic AND I got a recommendation to buy Mastering Ansible. This blog post is a quick review of Mastering Ansible. Overall, I enjoyed the book’s format more than anything else. The flow of objective/code/screenshot really made the concepts gel (using herp/derp in examples is a close second!). I’m an advanced Ansible user (over 3 years), and this book still showed me new parts of Ansible....

Rolling deployments is well covered in the Ansible Docs. This post is about using those rolling deployments patterns but with F5 Load Balancers. These techniques use the F5 modules require BIG-IP software version >= 11 and have been tested with Ansible 1.9.4. There are a couple of things to examine before doing one of these deployments: Preflight Checks Ansible’s pre_tasks / post_tasks Preflight Checks If you’re using a pair of F5s for High Availability, consider having a preflight check play to ensure your configurations are in sync and determine your primary F5:...

FlowBAT is a graphical flow based analysis tool. FlowBAT is a very snappy UI which wraps flow collection software called SiLK. My interests with FlowBAT and SiLK are around using Open vSwitch to push sFlow data to SiLK and FlowBAT to quickly query that data. Hopefully I’ll get around to posting about OVS, sFlow, SiLK and FlowBAT. While I was getting started with FlowBAT (and SiLK) I saw there weren’t any ansible roles for either component....

I’ve seen a couple of automated remediation tools get some coverage lately: FBAR Stack Storm And both have received interesting threads on Hacker News. One HN commenter that stood out (bigdubs): I don’t like being the voice of the purist in this, but this seems like a bandaid on a bullet wound. For most of the cases where this would seem to be useful there is probably a failure upstream of that usage that should really be fixed....

Over a year ago, I left San Antonio and started working from home in Lexington, KY. ( previously) AV Tools Microphone: Still very happy with the Meteor microphone. Camera: Purchased a Logitech HD Portable 1080p Webcam C615 with Autofocus. Works with OSX 10.9.4 well enough. The only pains were reconfiguring various VC software to use the new camera. Hangouts users, beware: every Flash update you must to set your non-default video/mic....

LLDP is a wonderful protocol which paints a picture of datacenter topology. lldpd is a daemon to run on your servers to receive LLDP frames outputs network location and more. There’s also a recently patched lldp Ansible module. Like all tools, using LLDP/lldpd has had some issues. Here’s the ones I’ve seen in practice, with diagnosis and resolution: Switch isn’t configured to send LLDP frames Diagnosing: [code] tcpdump -i eth0 -s 1500 -XX -c 1 ’ether proto 0x88cc' [/code]...

Recently, I began a deep dive into more SDN and OpenFlow. Overall I was very happy with the process and quality of the material out there for newcomers. However, I noticed a gap when I hit my first stumbling block. I set up a mininet instance, noticed it was running Open vSwitch (OVS) v2.0. I needed a newer version of OVS, and turfed the mininet instance while the upgrading OVS. It quickly became apparent that I needed a repeatable development environment setup....

There’s a few good posts out there about Graphite Events with how and why to use them. Earlier I was trying to add events to Graphite but ran into an issue: my events used a timestamp in the past. The examples I found only showed publishing events with a ’now’ timestamp. I went digging and found the extension of Graphite to add events - the functionality exists. Just add a ‘when’ to your payload with a Unix timestamp....