Solutions — Solutions by Endosys

INFRASTRUCTURE Automation

Building and managing IT infrastructure is a complex task that takes highly specialized, skilled employees. Technologies, such as Virtualization, RH Satellite, Ansible, and SaltStack, have enhanced the ability of IT System Administrators to build ever complex environments.

Case Study - Automating IBM Tivoli Deployment using Ansible

IBM Tivoli deployment took weeks, even moths for specific subcomponents, according the experts hired to work on the implementation. With two weeks of effort, starting from scratch, a new hire was able to reduce the installation of Tivoli using Ansible to a few hours. The installations are now repeatable, reliable, and no longer require a subject matter expert to spend time clicking through install menus and selecting components, etc.

Case Study - Provisioning Video Production Render Farm using Cobbler

Video production, for both movie and television studios, managed render farm by hand. Updates hadn't been performed on systems for several years, since the initial installation by vendor. Migration to RHEL 6 was necessary and systems had custom as well as off-the-shelf software installed. A new provisioning system based on Cobbler was configured that installed new OS and updated all the off-the-shelf software on expanded render farm, which was doubled in capacity. This system also allowed the customer to add new nodes at will, without the need for an expert in Cobbler or Enterprise Linux. From zero updates in two years to a completely updated render farm with the latest updates in less than one week.

Case Study - Provisioning Mobile Racks using Cobbler

Customer had rack chassis to be mounted in vehicles for mobile data centers that needed to be provisioned with a mix of RHEL, VMWare, and Microsoft systems. Several thousand of these systems had to be built. The original process took approx 200 hours per chassis, was error prone, and required significant effort to correct. Using Cobbler, a new deployment system was built that reduced the build time for each chassis to approximately 2 hours and included a half page of instructions. The deployment system was condensed to single 20Gbyte image that was used to build the deployment system, which was then used to build each chassis.

Case Study - Systems Lifecycle Management using RH Satellite Server

Customer had already deployed RHN Satellite server and using it simply as an RPM repository system. Channel systems management strategies existed for Solaris infrastructure, which was mostly manual in nature, but nothing had been developed for the Enterprise Linux systems. An environment and promotion strategy was developed and prototyped that moved approved RPMs through sets of custom channels in a way that provided for the development and testing of new Enterprise Linux baselines for the customer. This work became the basis and inspiration for the spacewalk-manage-channel-lifecycle tool, now included in RH Satellite 5.x.

Customers often find the need for a central point of management for identities and authentication credentials to be a key part of daily operations, security posture and compliance requirements in their IT systems. Endosys has solved this business problem in a variety of methods, including building custom application on top of an LDAP data store, and by implementing FreeIPA or RH iDM.

Identity Management

Case Study - Identity Management using OpenLDAP:

Customer had a mixed environment with Linux servers, Linux workstations, and Microsoft Windows workstations with locally managed accounts on each workstation and service. Samba server provided access to both Windows and Linux workstations. Accounts and logins were managed independantly. OpenLDAP was implemented to centralize authentication to the Linux servers and workstations via SSSD and to the Samba service. Users were able to login to workstations, servers, and Samba services using the same login and password. The new system provided a self serve mechanism for users to recover their password and a single location for updating and maintaining their passwords.

Case Study - Identity Management using FreeIPA:

Customer was previously using Oracle Unified Directory with a set of custom scripts and Apache Directory Studio for management of the logins to Linux workstations, Linux servers, RHEV, RH Satellite, networking gear (via RADIUS), as well as plenty of other custom and off the shelf applications. A separate PKI was also being used to issue SSL certificates and validate workstation connectivity using 802.1X ethernet authentication. FreeIPA was implemented to provide a redundant, single point of management for identity and authentication services to all of the above clients and systems. This reduced the errors in managing users and allowed non-LDAP experts to create accounts, reset passwords, manage SSH keys, sudoers configuration, automount NFS maps, and SSL certificates.