network automation blog
-
Event-Driven Ansible with Zabbix
Zabbix supports Event-Driven Ansible. This makes it possible to launch job_templates in Ansible Automation Platform based on triggers in Zabbix. One use case is to update host events in Zabbix with facts from Ansible, which we will take a look at in this post. Ansible Automation Platform You will need various credentials, a decision environment…
-
Gitlab CI/CD for Ansible inventory
The inventory is your source of truth in Ansible. It contains all your hosts along with data about your hosts. The data from the inventory represents the desired state you want to reach with Ansible and is used to overwrite arguments (defaults) in roles and playbooks. You can build your inventory statically, using dynamic inventory…
-
MariaDB tuning for Zabbix
I have a Zabbix server with 40GB of memory that requires around 700 new values per second. The server runs MariaDB 11.4 in a standard LAMP-stack and I use MySQLTuner-perl to tune the database. Here is how. Enable the following configuration in /etc/my.cnf.d/mariadb_server.cnf Restart MariaDB: Let the server run for some time and then execute…
-
MariaDB 10.5 to 11.4 upgrade
I recently upgraded MariaDB from version 10.5 to 11.4 for a couple of RHEL9 servers. Here are the steps I used: Add the MariaDB repo containing version 11.4 and exclude MariaDB 10.5 from the system default AppStream repository. Uninstall MariaDB 10.5 and install version 11.4: Create socket: Start and enable MariaDB: Run the upgrade script:…
-
Useful Linux commands
Command Comment $ sudo su – Get root privileges and load the root user’s environment. $ sudo !! Repeat the last command with sudo privileges. $ printenv Prints all environment variables. $ ssh-copy-id remote-host Use locally available keys to authorize logins on a remote machine. $ journalctl -rx -p 4 Displays logs in the reverse…
-
Faster SNMP monitoring in Zabbix 7.0
I recently upgraded Zabbix from version 6.0 to 7.0, and one of the major improvements is that you can use SNMP GETBULK when performing low-level discovery. In this post, we will discover all the object identifiers (OIDs) representing the interface names (which start at OID 1.3.6.1.2.1.31.1.1.1.1) for a Cisco Nexus switch with IP 192.0.2.1. The…
-
Conditional variables in Ansible
I recently had to use a Jinja2 if statement to create variables depending on a set of conditions in an Ansible role. To achieve this, I had to revisit YAML block scalars and Jinja2 whitespace control. YAML block style scalar A scalar in YAML represents an indivisible value such as a string, number, or boolean,…
-
Linux troubleshooting with journald
systemd is a service and system manager for Linux that contains the command line tool journalctl and the journald daemon that aims to make life easier for anyone troubleshooting syslog messages in a Linux system. The journald daemon collects syslog messages and forwards them to the rsyslog service which sorts the syslog messages and writes…
-
SELinux and Firewalld
I harden all my RHEL servers with SELinux and Firewalld. Here is a crash course. SELinux SELinux (Security-Enhanced Linux) is a security architecture that enforces mandatory access controls to restrict applications, processes, and users to the least privileges necessary. For instance, if a web server tries to read files in /home/user/private (even if the file…
-
Ansible directory structure for efficient work
There is a lot of ways you can structure your playbooks, inventory, roles, and collections in Ansible, but it’s beneficial to find a structure that is suitable for both development and AWX/AAP. This is what my layout looks like: I have a Git repository called playbooks that contains all my playbooks. Symbolic links point to…