The articles below are on various topics, though the majority are focused on some aspect of systems administration.
All the cool DevOps kids are using puppet and chef for configuration management these days, but I’m still sticking with CFEngine, which has served me well since the late 1990s.
CentOS doesn’t have a native cfengine package, so I’ve used the EPEL cfengine package on CentOS 6 machines for some time now. There’s currently no such package for CentOS 7, however, so I’ve relied instead on the one found in the Fedora 20 package set.
I’m fairly fluent in basic firewall operations with
iptables, but the
firewalld included in CentOS 7 is new to me. I’d gotten the firewalld-friendly version of
fail2ban working on a VM I manage. One remote host was pounding away on port 22/tcp; it was duly denied access for several minutes at a time, but it never took the hint and went away.
I finally decided just to drop all packets from the IP address completely. To do so, I had to spend some time in the man page for
firewall-cmd, the command-line interface to