As a system/build engineer we spend lot of time on searching and applying the security recommendations for RHEL/CentOS SOE images. In this video demo is on Ansible CIS benchmark role written by Major Hayden.
This saves a lot of time and accuracy level is very high.
Thanks to Major Hayden.
source
Thanks Bro , really benefited from your tutorial. Keep it up.
Great video. Next time check your sound levels.
Can you share the same for Ubuntu 16.04, it would be a great help if you share any link to start with.
How much configuration is necessary to make this work for Cent OS 7? Or are the benchmarks completely different.
Hi Yogesh, thanks for the excellent job you doing. However, when I have tried to run the playbook getting below error. Please suggest where I'm doing wrong.
[[email protected] cis-rhel-ansible]# ansible-playbook playbook.yml -i hosts –tags section8
PLAY [all] *******************************************************************
TASK [setup] *****************************************************************
[DEPRECATION WARNING]: Accelerated mode is deprecated. Consider using SSH with ControlPersist and pipelining enabled instead.
This feature will be removed in a future
release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: accelerate is kept for backwards compatibility but usage is discouraged. The module documentation details page may explain more about this
rationale..
This feature will be removed in a future release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
fatal: [192.168.1.84]: FAILED! => {"failed": true, "msg": "Failed to connect to 192.168.1.84 on the accelerated port 5099"}
to retry, use: –limit @/etc/ansible/cis-rhel-ansible/playbook.retry
PLAY RECAP *******************************************************************
192.168.1.84 : ok=0 changed=0 unreachable=0 failed=1
[[email protected] cis-rhel-ansible]#
[[email protected] cis-rhel-ansible]# cat hosts
[rhel-6.8]
192.168.1.84
[[email protected] cis-rhel-ansible]#
Thanks,
Vasudev