Uncategorised

System administrator Tasks in OS & Servers using ansible

August 11, 2023 Leave a Comment
  • Os / Servers Updates and Patching
  • Os / Servers Vulneability Scan & Security Management
  • Os / Servers User and Group Management
  • Os / Servers Policy Management
  • Os / Servers Performance Monitoring and Tuning
  • Os / Servers Service Management
  • Os / Servers User Authentication and Access
  • Os / Servers Monitoring and Alerts
  • Os / Servers Disaster Recovery Planning

List of Ansible Modules of Servers Updates and Patching

  1. yum Module (For Red Hat-based Systems):
    • yum: Manages packages using the YUM package manager on Red Hat-based systems like CentOS and RHEL.
  2. apt Module (For Debian-based Systems):
    • apt: Manages packages using the APT package manager on Debian-based systems like Ubuntu.
  3. dnf Module (For Fedora Systems):
    • dnf: Manages packages using the DNF package manager on Fedora systems.
  4. zypper Module (For SUSE Systems):
    • zypper: Manages packages using the Zypper package manager on SUSE Linux systems.
  5. pkgng Module (For FreeBSD Systems):
    • pkgng: Manages packages on FreeBSD systems using the pkg package manager.
  6. pip Module (For Python Packages):
    • pip: Manages Python packages using the Python Package Installer.
  7. gem Module (For Ruby Gems):
    • gem: Manages Ruby gems using the RubyGems package manager.
  8. composer Module (For PHP Dependencies):
    • composer: Manages PHP dependencies using Composer.
  9. win_updates Module (For Windows Systems):
    • win_updates: Manages updates on Windows systems using Windows Update.
  10. dnf Module (For OpenSUSE Systems):
    • dnf: Manages packages using the DNF package manager on OpenSUSE systems.

List of Ansible Modules of Servers Vulneability Scan & Security Management

  1. redhat_security Module:
    • redhat_security: Interacts with the Red Hat Security Data API to fetch information about security vulnerabilities and advisories.
  2. os_hardening Module:
    • os_hardening: Enforces system hardening configurations based on predefined or custom security policies.
  3. debsecan Module:
    • debsecan: Scans Debian-based systems for known vulnerabilities in installed packages using the Debsecan tool.
  4. lynis Module:
    • lynis: Executes Lynis security auditing tool to perform system security assessments.
  5. osquery Module:
    • osquery: Manages the installation and execution of osquery, a tool that allows you to query and monitor system information for security purposes.
  6. ufw Module:
    • ufw: Manages Uncomplicated Firewall (UFW) rules on Linux systems, allowing you to configure and manage firewall settings.
  7. firewalld Module:
    • firewalld: Manages firewalld firewall settings on Linux systems, including adding or removing rules.
  8. seboolean Module:
    • seboolean: Manages SELinux boolean values, allowing you to enable or disable specific security settings.
  9. sefcontext Module:
    • sefcontext: Manages SELinux file context mappings, which define how files and directories should be labeled for security purposes.
  10. aide Module:
    • aide: Manages the installation and execution of the Advanced Intrusion Detection Environment (AIDE) tool to perform file integrity checks.

List of Ansible Modules of Servers User and Group Management

  1. user Module:
    • user: Manages user accounts, including creating, modifying, and deleting users. It also allows you to set user attributes such as password, home directory, and shell.
  2. group Module:
    • group: Manages groups, including creating, modifying, and deleting groups. You can also add or remove users from groups using this module.
  3. user_password Module:
    • user_password: Manages user passwords, allowing you to set or change user passwords.
  4. authorized_key Module:
    • authorized_key: Manages SSH public keys for user authentication, enabling you to add or remove authorized keys for user accounts.
  5. ssh_authorized_key Module:
    • ssh_authorized_key: Similar to authorized_key, this module specifically manages SSH public keys for user authentication.
  6. user_secret Module:
    • user_secret: Manages user secrets, which are typically used for managing credentials and other sensitive information associated with users.
  7. group_membership Module:
    • group_membership: Manages group membership, allowing you to add or remove users from groups.
  8. group_vars Module:
    • group_vars: Manages variables associated with groups. While not directly for user and group management, it can be used to manage configurations for different groups of users.

List of Ansible Modules of Servers Policy Management

  1. os_hardening Module:
    • os_hardening: Enforces system hardening configurations based on predefined or custom security policies. It helps ensure that servers adhere to specific security standards.
  2. selinux Module:
    • selinux: Manages SELinux settings, allowing you to enable, disable, or change the SELinux mode on a system. SELinux policies can enforce security policies related to access controls.
  3. seboolean Module:
    • seboolean: Manages SELinux boolean values, allowing you to enable or disable specific security settings defined in the SELinux policy.
  4. sefcontext Module:
    • sefcontext: Manages SELinux file context mappings, which define how files and directories should be labeled for security purposes.
  5. sysctl Module:
    • sysctl: Manages kernel parameters (sysctl settings) on Linux systems. This can help enforce specific system-wide configurations.
  6. aide Module:
    • aide: Manages the installation and execution of the Advanced Intrusion Detection Environment (AIDE) tool to perform file integrity checks. AIDE helps maintain the integrity of system files and directories.
  7. firewalld Module:
    • firewalld: Manages firewalld firewall settings on Linux systems, including adding or removing rules. Firewalld can help enforce network-level security policies.
  8. ufw Module:
    • ufw: Manages Uncomplicated Firewall (UFW) rules on Linux systems, allowing you to configure and manage firewall settings.
  9. hostname Module:
    • hostname: Manages the system hostname, which is an important aspect of policy management for identifying and securing systems.
  10. ntp Module:
    • ntp: Manages NTP (Network Time Protocol) settings, helping ensure accurate time synchronization across systems.

List of Ansible Modules of Servers Performance Monitoring and Tuning

  1. sysctl Module:
    • sysctl: Manages kernel parameters (sysctl settings) on Linux systems. Adjusting these parameters can impact system performance and behavior.
  2. tuned Module:
    • tuned: Manages system tuning profiles using the tuned daemon. Tuning profiles optimize various aspects of system performance based on predefined configurations.
  3. shell and command Modules:
    • shell and command: These modules allow you to run custom performance monitoring scripts or command-line tools to gather system metrics.
  4. setup Module:
    • setup: Collects facts about the system, including hardware, network, and software details, which can help you understand system performance characteristics.
  5. netstat Module:
    • netstat: Provides information about network connections and statistics, which can be useful for identifying network-related performance issues.
  6. top and htop Modules:
    • top and htop: These modules allow you to run the top or htop command to monitor real-time CPU, memory, and process information.
  7. iostat Module:
    • iostat: Runs the iostat command to gather input/output statistics for disks and storage devices.
  8. vmstat Module:
    • vmstat: Executes the vmstat command to collect information about system virtual memory and process statistics.
  9. free Module:
    • free: Runs the free command to provide information about system memory usage and availability.
  10. sar Module:
    • sar: Runs the sar command to collect and report system activity and performance statistics over time.
  11. ps Module:
    • ps: Executes the ps command to gather process-related information, such as process status and resource utilization.
  12. nmon Module:
    • nmon: Manages the installation and execution of the nmon tool, which provides extensive system performance data.

List of Ansible Modules of Servers Service Management

  1. systemd Module:
    • systemd: Manages services using the systemd init system. This module can start, stop, restart, enable, or disable services.
  2. service Module:
    • service: Manages services using traditional init systems like SysV init. This module is versatile and can work with different init systems based on the distribution.
  3. upstart Module:
    • upstart: Manages services using the Upstart init system, which is used in some Linux distributions.
  4. win_service Module:
    • win_service: Manages Windows services. This module allows you to start, stop, restart, or change the state of services on Windows machines.
  5. launchctl Module:
    • launchctl: Manages services on macOS systems using the launchd init system.
  6. cron Module:
    • cron: Manages scheduled tasks using the cron daemon. While not strictly a service, cron jobs are essential for automated tasks.
  7. initctl Module:
    • initctl: Manages services on systems using the initctl command, which is part of the Upstart init system.
  8. zfs Module:
    • zfs: Manages ZFS datasets and properties, including starting and stopping ZFS services if needed.

List of Ansible Modules of Servers User Authentication and Access

  1. user Module:
    • user: Manages user accounts, including creating, modifying, and deleting users. It also allows you to set user attributes such as password, home directory, and shell.
  2. authorized_key Module:
    • authorized_key: Manages SSH public keys for user authentication, enabling you to add or remove authorized keys for user accounts.
  3. ssh_authorized_key Module:
    • ssh_authorized_key: Similar to authorized_key, this module specifically manages SSH public keys for user authentication.
  4. group_membership Module:
    • group_membership: Manages group membership, allowing you to add or remove users from groups.
  5. user_secret Module:
    • user_secret: Manages user secrets, which are typically used for managing credentials and other sensitive information associated with users.
  6. pam_limits Module:
    • pam_limits: Manages PAM (Pluggable Authentication Module) resource limits for users, helping control resource consumption.
  7. pam_deny Module:
    • pam_deny: Manages PAM access controls, enabling you to deny or allow specific users access to the system.
  8. pam_permit Module:
    • pam_permit: Manages PAM access controls to permit specific users’ access to the system.
  9. pam_tally2 Module:
    • pam_tally2: Manages PAM user login counts and lockout policies.
  10. group Module:
    • group: Manages groups, including creating, modifying, and deleting groups. You can also add or remove users from groups using this module.
  11. user_password Module:
    • user_password: Manages user passwords, allowing you to set or change user passwords.
  12. pam_unix Module:
    • pam_unix: Manages PAM configuration for UNIX authentication, allowing you to control user authentication settings.

List of Ansible Modules of Servers Monitoring and Alerts

  1. nagios Module:
    • nagios: Manages Nagios monitoring configurations, including hosts, services, and contacts. This module helps set up Nagios-based monitoring.
  2. zabbix_host Module:
    • zabbix_host: Manages Zabbix host configurations, allowing you to configure host monitoring parameters in a Zabbix server.
  3. zabbix_action Module:
    • zabbix_action: Manages Zabbix actions, which define what should happen when a specific trigger condition is met.
  4. zabbix_screen Module:
    • zabbix_screen: Manages Zabbix screens, allowing you to create and manage visual representations of monitored data.
  5. telegraf Module:
    • telegraf: Manages the installation and configuration of the Telegraf agent, which collects and sends system and application metrics to various monitoring systems.
  6. syslog Module:
    • syslog: Configures syslog settings on remote servers, helping you centralize system logs for monitoring and analysis.
  7. monit Module:
    • monit: Manages Monit monitoring configurations, including service monitoring and alerting.
  8. heartbeat Module:
    • heartbeat: Manages Heartbeat configurations for high availability and failover setups.
  9. snmp Module:
    • snmp: Manages SNMP (Simple Network Management Protocol) settings for monitoring network devices and systems.
  10. prometheus_alert Module:
    • prometheus_alert: Manages Prometheus alerting rules, allowing you to configure alerts based on specific conditions.
  11. nagios_contact Module:
    • nagios_contact: Manages Nagios contact configurations for alert notifications.
  12. zabbix_template Module:
    • zabbix_template: Manages Zabbix templates, which define sets of items, triggers, and graphs for monitoring.

List of Ansible Modules of Servers Disaster Recovery Planning

  1. backup Module:
    • backup: Manages system backups and snapshots. This module can be used to create and manage backups of files, directories, and system configurations.
  2. rsync Module:
    • rsync: Performs file synchronization between local and remote systems, which is useful for backup and data replication.
  3. archive Module:
    • archive: Creates compressed archives of files and directories, suitable for backup purposes.
  4. shell and command Modules:
    • shell and command: These modules allow you to run custom scripts or command-line tools for backup and recovery purposes.
  5. copy Module:
    • copy: Copies files from the local machine to remote servers, which can be part of backup strategies.
  6. fetch Module:
    • fetch: Retrieves files from remote servers to the local machine, which can be useful for recovering backups.
  7. template Module:
    • template: Creates configuration files based on templates, helping you automate the setup of backup and recovery configurations.
  8. uri Module:
    • uri: Interacts with REST APIs or web services, which can be used for integrating with disaster recovery tools or services.
  9. shell and command Modules:
    • shell and command: These modules allow you to run custom scripts or command-line tools for recovery tasks.
  10. delegate_to Parameter:
    • The delegate_to parameter allows you to run tasks on a different host, which can be useful for offloading backup and recovery processes to a designated server.
Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x