To round this up here a recording of smartstate in AWS with auto-remediation of a vulnerability (java) via policy and ansible inside.
This will be the last part of the blog series but probably the most interesting one. When you launch a smartstate analysis you will see the following in you evm log files.
[----] I, [2018-03-11T16:12:10.941498 #3004:4f7130] INFO -- : MIQ(ManageIQ::Providers::Amazon::CloudManager::Vm#raw_scan) NAME [Scan from Vm vmtosmartstate] SCAN [nil] [NilClass]
[----] I, [2018-03-11T16:12:11.068516 #3004:4f7130] INFO -- : Job created: guid: [b0c7c318-2844-436c-bc44-21a29dfa3cce], userid: [admin], name: [Scan from Vm vmtosmartstate], target class: [VmOrTemplate], target id: , process type: [VmScan], server id: , zone: [default]
[----] I, [2018-03-11T16:12:15.868847 #3014:4f7130] INFO -- : MIQ(MiqQueue.put) Message id: , id: , Zone: [default], Role: [smartstate], Server: , Ident: [generic], Target id: , Instance id: , Task id: [job_dispatcher], Command: [JobProxyDispatcher.dispatch], Timeout: , Priority: , State: [ready], Deliver On: , Data: , Args: 
[----] I, [2018-03-11T16:12:21.133242 #3004:4f7130] INFO -- : MIQ(MiqPriorityWorker::Runner#get_message_via_drb) Message id: , MiqWorker id: , Zone: [default], Role: [smartstate], Server: , Ident: [generic], Target id: , Instance id: , Task id: [job_dispatcher], Command: [JobProxyDispatcher.dispatch], Timeout: , Priority: , State: [dequeue], Deliver On: , Data: , Args: , Dequeued in: [5.266320951] seconds
[----] I, [2018-03-11T16:13:05.374585 #3424:4f7130] INFO -- : MIQ(ManageIQ::Providers::Amazon::AgentCoordinator#find_or_create_keypair) KeyPair smartstate-2ae1670a-2fcc-4bbb-abcc-3fa962895096 will be created!
[----] I, [2018-03-11T16:13:05.877668 #3424:4f7130] INFO -- : MIQ(ManageIQ::Providers::Amazon::AgentCoordinator#deploy_agent) Smartstate agent will be deployed in vpc: [vpc-076ad862], zone: [us-east-1a] subnet: [subnet-3cc6154b]
[----] I, [2018-03-11T16:13:11.145451 #3424:4f7130] INFO -- : MIQ(ManageIQ::Providers::Amazon::AgentCoordinator#get_agent_image_id) AMI Image: RHEL-Atomic_7.4_HVM_GA-20180104-x86_64-1-Access2-GP2 [ami-d97120a3] is used to launch smartstate agent.
[----] I, [2018-03-11T16:15:55.976224 #2716:4f7130] INFO -- : MiqServer: local=Y, master=Y, status= started, id=99000000000001, pid=02716, guid=c5b77187-7fc9-426e-b3cb-6f0ce7860c8e, name=EVM, zone=default, hostname=ip-172-31-44-62.ec2.internal, ipaddress=172.31.44.62, version=220.127.116.11, build=20180221205805_f93a675, active roles=automate:database_operations:datab
There are a few interesting parts here. What is the AgentCoordinator? The code can be found here: /opt/rh/cfme-gemset/bundler/gems/manageiq-providers-amazon-9620e26f4381/app/models/manageiq/providers/amazon/agent_coordinator.rb . Its out of scope Read more about CloudForms in AWS part 3[…]
This part of the CloudForms in AWS blog series will walk you through how to make sure that CloudForms reaches its full potential in AWS. IMPORTANT: If you want SmartState analysis to work you need to register your AWS account with the cloud access program. Use the link below to enable cloud access: https://engage.redhat.com/forms/cloud-access-registration Once Read more about CloudForms in AWS part 2[…]
Ever wondered how you could run ansible tower in clustered mode across multiple AZ in AWS? This post will describe how you can build the following architecture: First, build 3 ec2 instances each in a different AZ’s. You should be more than ok with t2.large instance sizes. The subnets in the VPC can be private. Read more about AWS Multi – AZ Ansible Tower Cluster backed by RDS and fronted by ALB[…]
Ever wondered what CloudForms can do for you in AWS? The next few blog posts will walk you through step by step how to upload the CloudForms image to AWS, how to assign the correct policies and roles and how to configure it correctly so it can discover your environment. Part 1 is dedicated to Read more about CloudForms in AWS part 1[…]
I was speaking at the “IT Modernization with Open Management and Containers” event in Rochester, NY June 14th. The talk was covering how you can embrace cloud get insights into the different players like AWS, GCP, Azure and manage your instances and services through the CloudForms Management Engine. Here are the slides to the presentation:
Red Hat Summit is already over. There was an unbelievable energy during the 4 days of the Summit. If you were not able to make it to our session S102320 – Button push deployments with integrated Red Hat Management you can review it now: The demo can be found here:
I’ve been waiting for this feature since quite a while and its finally here and working. CloudForms 4.2 and OpenShift 3.4 have the ability combined of scanning docker images and define if the images are compliant or not. If the image is not compliant CloudForms annotates the image in OpenShift with images.openshift.io/deny-execution: true and if Read more about Deny container image execution via CloudForms 4.2 / OpenShift 3.4[…]
Today I finally finished my Ikea Helmer rack project. The goal of the project was to have enough resources to build a full Red Hat Cloud Suite lab. I am in IT now since 1996 and learned that the only way to stay on top of the game is by playing with the technology. I have Read more about Red Hat Cloud Suite In A Box[…]