Ansible Automation | Apply CIS Security BenchMarking for RHEL/ CentOS 6

25
5



As a system/build engineer we spend lot of time on searching and applying the security recommendations for RHEL/CentOS SOE images. In this video demo is on Ansible CIS benchmark role written by Major Hayden.

This saves a lot of time and accuracy level is very high.

Thanks to Major Hayden.

source

Previous articleAnsible 101 – Episode 3 – Introduction to Playbooks
Next articleWinRM Setup [Ansible Tower Windows Automation]

5 COMMENTS

  1. Hi Yogesh, thanks for the excellent job you doing. However, when I have tried to run the playbook getting below error. Please suggest where I'm doing wrong.

    [[email protected] cis-rhel-ansible]# ansible-playbook playbook.yml -i hosts –tags section8

    PLAY [all] *******************************************************************

    TASK [setup] *****************************************************************
    [DEPRECATION WARNING]: Accelerated mode is deprecated. Consider using SSH with ControlPersist and pipelining enabled instead.
    This feature will be removed in a future
    release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
    [DEPRECATION WARNING]: accelerate is kept for backwards compatibility but usage is discouraged. The module documentation details page may explain more about this
    rationale..
    This feature will be removed in a future release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
    fatal: [192.168.1.84]: FAILED! => {"failed": true, "msg": "Failed to connect to 192.168.1.84 on the accelerated port 5099"}
    to retry, use: –limit @/etc/ansible/cis-rhel-ansible/playbook.retry

    PLAY RECAP *******************************************************************
    192.168.1.84 : ok=0 changed=0 unreachable=0 failed=1

    [[email protected] cis-rhel-ansible]#
    [[email protected] cis-rhel-ansible]# cat hosts
    [rhel-6.8]
    192.168.1.84
    [[email protected] cis-rhel-ansible]#

    Thanks,
    Vasudev