When Linux's sysadmin graybeards got their start, they all used the shell to manage systems. Years later, they also used system administration programs such as Red Hat Enterprise Linux (RHEL)'s Red Hat Satellite and SUSE Linux Enterprise Server (SLES)'s YaST. Then, DevOps programs, like Ansible, Chef, and Puppet, appeared so we can manage hundreds of servers at once. Now, Red Hat is bridging the gap between the old-style server management tools and DevOps with Red Hat Satellite 6.4.
This new management tool comes with a deeper integration with Red Hat Ansible Automation automation-centric approach to IT management. This enables sysadmins to use the Red Hat Satellite interface to manage RHEL with Ansible's remote execution and desired state management. This integration will help identify critical risks, create enterprise change plans, and automatically generate Ansible playbooks.
Also: How Red Hat's strategy helps CIOs take baby steps to the cloud TechRepublic
Red Hat claimed, "This exciting integration is designed to help not only identify critical risks but then create enterprise change plans and automatically generate Ansible playbooks to better remediate those risks."
The updated Red Hat Satellite also comes with these new features:
- Redesigned user interface for easier navigation and improved auditing of user events.
- Increased supportability including the ability to provision in AWS GovCloud and custom configuration preservation.
- Enhanced performance including RHEL Performance Co-Pilot integration and general stability fixes.
Red Hat Satellite 6.4 will be available later in October through the Red Hat Customer Portal.
But that's only the start of Red Hat's DevOps and sysadmin news. Red Hat is also introducing a Red Hat Ansible Automation Certification Program to deliver tested, trusted, and supported Ansible Playbooks.
These certified Playbooks, from Red Hat and its partners, will provide everything you need to automate your infrastructure, networks, containers, and deployments. Besides Red Hat's offerings, Cisco, CyberArk, F5 Networks, Infoblox, NetApp, and Nokia will offer 275 Ansible modules in the initial release.
These Playbooks, Modules and Plugins are scanned against known vulnerabilities, checked for compatibility, and validated to work in production. These will have a similar lifecycle to Ansible Engine. They'll also be regularly re-evaluated for certification qualification and are fully-backed with Red Hat's support.
If you're using Ansible and RHEL and you don't want to build your own Playbooks, this new offering is a must.
Looking ahead, Red Hat is adding automated security capabilities, such as enterprise firewalls, intrusion detection systems (IDS), and security information and event management (SIEM) to Ansible.
In 2019, Ansible will include the following security features:
- Detection and triage of suspicious activities: Automatically configure logging across enterprise firewalls and IDS,
- Threat hunting: Automatically create new IDS rules to investigate the origin of a firewall rule violation and whitelist non-threatening IP addresses.
- Incident response: Ansible will be able to automatically validate a threat by verifying an IDS rule, trigger a remediation from the SIEM solution and create new enterprise firewall rules to blacklist the source of an attack.
Joe Fitzgerald, Red Hat Business Management VP, explained in a statement:
"Since Red Hat acquired Ansible in 2015, we have been working to make the automated enterprise a reality by driving Ansible into new domains and expanding automation use cases. With the new Ansible security automation capabilities, we're making it easier to manage one of enterprise IT's most complex tasks: systems security. These new modules can help users take an automation-centric approach to IT security, integrating solutions that otherwise would not work together and helping to manage and orchestrate entire security operations with a single, familiar tool."
It sounds good to me. We'll see early next year how well Red Hat delivers on this promise.