Storage Replica
Kanban 
Mind mapping
Mike Tech Show

Type of VPNs:

• Site 2 Site Vpn
• Client VPNs

Brighton Digital Freelancers
Anglian Linux User Group
 SOCIABLE TECH 
Geekup

DK – My First Coding 
Usborne Coding for Beginners using Scratch 

Openstack: Ironic’s
Debian preseeding

Ansible YAML callback plugin!!

Certbot
acme.sh

oggcamp 18

thebugcast

This is the episode of the ironsysadin podcast we discuses in the podcasts

Windows admin Center is the new way to manage servers in windows 2016.

tldr command

Tiny Tiny RSS

• • Enabling TLS 1.2 and disabling TLS 1.1, 1.0 and SSL 3.0 and SSL 2.0.
    • Test your Server to what SSL/TLS version you website uses – ssl labs
    • Enable/Disable TLS versions via a GUI  –  IISCrypto
  • Immutable Infrastructures – CoreOS
    • CoreOS is a linux distribution that is completely described by YAML
    • Kubernetes – learnt a bit more about it by actually installing it (kubespray), also, trying to do it in an “air-gapped” environment proved hard work
    • kubespray works by bootstrapping python onto the CoreOS nodes so it can use ansible.
    • Doing Immutable Infrastructure with deb packages?
    • Docker
    • Terraform
      • Plan & Apply stage
      • Providers talk to cloud provider APIs
    • Lab with PXE Booting using Ansible
  • Highly available Network Appliances on OpenStack
    • Allowed_Address_Pairs – 0.0.0.0/1 and 128.0.0.0/1
    • Virtual MAC address between HA members, which means adding an extra Allowed_Address_Pairs pair per Virtual MAC address
    • Ansible with Jinja2 for the Allowed_Address_Pairs variable
  • Ansible 2.5 is out
    • With_SubElements has been depreciated – still works, but documentation refers to loop and lookup plugins
    • loops can have names now
    • roles: has been replaced by include_roles
    • Ansible Galaxy roles don’t need to be the files from galaxy.ansible.com – you can use Git repos.
  • Matrix.org / riot.im
    • Bridges to Telegram and others
    • Matrix.org runs bridges to IRC, Slack and Gitter and host some bots and plugins.
    • Other bridges are in-place (e.g. t2bot.io) and you can host your own.
    • French Government to use Matrix as their inter-government communication system
    • Synapse (Matrix.org homeserver) federates between all the other Synapse servers, and updates the servers when they all come back online. Demo at matrix.org.
  • Email about Postlayer (Email and Spam Filtering) being demised
    • Replaced by Fusemail
    • Discussed open source options (no conclusion)
  • Bullet journal revisited
    • Monthly too often – weekly…

• Audio Production by Dave Lee @thebugcast
• Fosstalk Live
• Glasgow Podcrawl
• Oggcamp

In this edition of the Admin Admin Podcast, we discuss a little bit about FOSDEM and ConfigMgmtCamp, and then our deep-dive on Ansible.

When talking about Ansible, we talk about the alternatives (Puppet, Chef, Salt, Desired State Configuration and reverse DSC, and that you can install software on Windows via Group Policy), and then talk about:

• Provisioning cloud environments with Ansible
• Ansible Modules
• The Inventory file
• Playbooks
• Variables
• Filters
• Jinja2
• Yaml
• Handlers
• Ansible Tower and it’s upstream project – AWX
• Example files by Jon
• Tags
• Example files by Al
• Roles
• Ansible Vault
• Hashing
• Jon’s Github Profile
• Al’s Github Profile
• Jerry’s Github Profile

We plug the following forthcoming events: FossTalk Live – 9th June at King’s Cross, London, Glasgow Podcrawl – 28th July, Glasgow and OggCamp – 18th and 19th August, Sheffield

We mention the following other things: Jerry’s Tech Blog, Bullet Journals, Hackable Podcast, Cool Tools Podcast, Centre for Computing History, Cambridge, and the fiction series Within the Wires.

Special Guest Co-Presenter: Russ Woodman from Linux In The Ham Shack

Errata: Jon got Streisand Routing wrong in the last show.

Russ works for a Broadband Carrier (ISP) that also supplies telephone, cellular (mobile), internet, satellite and cable. He’s in a team of 5 people, and is the main escalation point for the team.

Jon explains “Pets versus Cattle” (badly) and Russ explains they’re converting from Pets to Cattle.

The Broadband Carrier that Russ works for uses mostly open source technologies, and he is trying to move to more robust services.

He explains his path to Linux and Open Source, via VMS, BSD, Minix and SCO Unix. He started in his current job just after Y2K but has been working in System Administration for many years before that.

Russ talks about using Amateur Radio with Linux and Open Source.

We talk about how his job has changed, which is mostly in the abstraction of Hardware away from users, but Russ also talks about REST APIs and SOAP.

We all talk about Cloud reliability and cost.

Jerry brings up RINA.

Russ talks about his home network. Jon talks about “Becoming your own WISP”.

Al asks Russ about Amateur Radio and how you use it from Linux. Russ talks about different transmission modes and encoding/decoding. He then explains a bit about the Linux In The Ham Shack podcast.

Al talks about setting up a new server for hosting WordPress and how he’s moving away from FreeBSD to Ubuntu (or RedHat/CentOS). He asks for guidance about Ansible and authentication. Russ suggests OpenSUSE as an alternative to review as well. Jon mentions about commercial support. Jon also talks about the recent history of SUSE. Al asks about running sudo to become root. Jon talks about setting up TOTP (Google Authenticator) and enabling it for PAM authentication.

Al also asks about Linux permissions. Russ talks about setting permissions. There is a talk about SetUID and SetGID. Jon suggests using containers or chroot instead of trying to harden a whole machine. Jerry talks about ACLs.

Al goes on to ask about whether he’s in the right job. Jerry, Jon and Russ all provide their viewpoints.

Al mentions about a telegram group which he heard about on Tuxjam Podcast which alert you on the latest security alerts  https://t.me/itsecalert

We read some feedback

• Gary Williams talks about naming conventions on servers, dnsnames for SQL servers
• Mike Bickerton says we’re good 🙂 Mentions we’re very Windows, likes the audio, and asks about the theme tune (it’s “Now It’s Over” by “The ClayFoxes” as listed on our “About” page.) He mentions he asked our telegram channel for help with getting DNS hosting on Hurricane Electric, and then blogged about it. Jerry mentions some alternatives. Russ asks about IPv6 records.
• Paul Tansom mentions his naming conventions

We ask a question for a follow-up podcast – if you have got some suggestions about how you would do a backup for your clients and customers which doesn’t involve spending money, or at least, as cheaply as possibly.

We mention FossTalk Live (9th June at King’s Cross, London), OggCamp (18th and 19th August in Sheffield) and Podcrawl Glasgow (28th July in Glasgow).

Please consider spreading the word about the podcast. We have a presence on Facebook and Twitter. The team chat on Telegram, and if you want to support the show, we have a Patreon account.

What would you would like to see on the podcast? Is there anything we should change? Please get in touch via our Telegram group or email feedback@nospam.adminadminpodcast.co.uk (remove the filter to send the mail…) 🙂