Red Hat Security: Linux in Physical, Virtual, and Cloud

Bookmark this page
P123456789101112
PreviousNext

Guided Exercise: Integrating Red Hat Insights and Automation Controller

Remediate an issue that is reported by Red Hat Insights by using an Ansible Playbook provided by Insights and automation controller.

Back to video
Pause
00:00
Pause
Seek 10 seconds backwards
Seek 10 seconds forward
01:53 / 04:36
Unmute
Settings
Fullscreen
Integrating Red Hat Insights with Automation Controller

Outcomes

  • Register a host by using the insights-client command.

  • Configure Insights and create an Ansible job template.

  • Remediate the host by running the Ansible job template.

As the student user on the workstation machine, use the lab command to prepare your environment for this exercise, and to ensure that all required resources are available.

[student@workstation ~]$ lab start insights-integrating

Instructions

  1. From the workstation machine, log in to the serverd machine as the student user, and switch to the root user.

    1. Log in to the serverd machine as the student user.

      [student@workstation ~]$ ssh student@serverd
[student@serverd ~]$

    2. Change to the root user. Use student as the password.

      [student@serverd ~]$ sudo -i
[sudo] password for student: student
[root@serverd ~]#

  2. Check the serverd machine registration status with Red Hat Customer Portal and Red Hat Insights.

    1. Check the serverd machine registration status with Red Hat Customer Portal. If the machine is not registered, then register it by using the subscription-manager register command. Use a valid Red Hat Customer Portal account.

      [root@serverd ~]# subscription-manager status
+-------------------------------------------+
   System Status Details
+-------------------------------------------+
Overall Status: Disabled
Content Access Mode is set to Simple Content Access. This host has access to content, regardless of subscription status.

System Purpose Status: Disabled

      Important

      The preceding output indicates that the client is registered using Simple Content Access for its content access mode, even though the overall subscription status is Disabled. Because the client is using Simple Content Access, it does not need to have specific product entitlements enabled.

    2. Check the serverd machine registration status with Red Hat Insights. If the machine is not registered, then register it by using the insights-client --register command. Use a valid Red Hat Customer Portal account.

      [root@serverd ~]# insights-client --status
System is registered locally via .registered file. Registered at 2023-12-19T11:17:23.005881
Insights API confirms registration.

  3. Create a playbook to remediate a CVE vulnerability.

    1. Log in to the Red Hat Insights web UI at https://console.redhat.com/insights/. Use the same Red Hat Customer Portal account that you used in Step 2.

    2. Navigate to InventorySystems.

    3. Click serverd.lab.example.com.

    4. Click the Vulnerability tab.

    5. Select the checkbox for the CVE-2023-3972 CVE identifier, and click Remediate.

    6. In the dialog, enter CVE remediation playbook in the Create new playbook field, and click Next.

    7. If it is not already selected, then select the serverd.lab.example.com value and click Next.

    8. Review the remediation. If Insights requests a reboot, then you can disable it by clicking Turn off autoreboot.

    9. Click Submit to create the playbook.

  4. Log in to the automation controller web UI at https://controller.lab.example.com. Use admin as the user and redhat as the password.

  5. Create a Machine credential type named Classroom servers credential.

    1. Navigate to ResourcesCredentials and click Add.

    2. Enter Classroom servers credential in the Name field.

    3. In the Organization search field, enter the Default organization.

    4. Select Machine from the Credential Type list.

    5. Enter student in the Username field.

    6. Enter student in the Password field.

    7. Select sudo from the Privilege Escalation Method list.

    8. Enter root in the Privilege Escalation Username field.

    9. Enter student in the Privilege Escalation Password field.

    10. Leave the other fields untouched and click Save.

  6. Create an Insights credential type named RH account credential. Use the same Red Hat Customer Portal account that you used in Step 2.

    1. Navigate to ResourcesCredentials and click Add.

    2. Enter RH account credential in the Name field.

    3. In the Organization search field, enter the Default organization.

    4. Select Insights from the Credential Type list.

    5. Enter a valid Red Hat Customer Portal account username and password for the Type Details credentials.

    6. Click Save.

  7. Create a Red Hat Insights project type named Insights project.

    1. Navigate to ResourcesProjects and click Add.

    2. Enter Insights project in the Name field.

    3. Select Red Hat Insights from the Source Control Type list.

    4. Under Type details, enter the RH account credential value in the Insights Credential search field.

    5. Leave the other fields untouched and click Save.

  8. Create the My servers inventory standard inventory. Add the serverd.lab.example.com host.

    1. Navigate to ResourcesInventories.

    2. Click Add, and select the Add inventory type.

    3. Enter My servers inventory in the Name field.

    4. Leave the other fields untouched and click Save.

    5. Under the My servers inventory details, select the Hosts tab, and click Add.

    6. Enter serverd.lab.example.com in the Name field

    7. Leave the other fields untouched and click Save.

  9. Create a job template named Fix Insights servers.

    1. Navigate to ResourcesTemplates.

    2. Click Add, and select Add job template from the list.

    3. Enter Fix Insights servers in the Name field.

    4. Select Run from the Job Type list.

    5. Enter My servers inventory in the Inventory search field.

    6. Enter Insights project in the Project field.

    7. Select the Ansible Playbook that is associated with the maintenance plan that you want to run from the Playbook list.

    8. Enter Classroom servers credential in the Credentials search field.

    9. Leave the other fields untouched and click Save.

  10. Launch the Fix Insights servers job template, and verify the result.

    1. Navigate to ResourcesTemplates.

    2. Click the Launch Template icon for the Fix Insights servers job template and wait for the job to complete.

    3. Verify the results of the job.

      ...output omitted...
PLAY RECAP *********************************************************************
serverd.lab.example.com    : ok=3    changed=1    unreachable=0    failed=0    skipped=4    rescued=0    ignored=0

  11. Verify that the CVE-2023-3972 CVE identifier is no longer reported in the Red Hat Insights web UI for the serverd.lab.example.com system.

    1. Log in to the Red Hat Insights web UI at https://console.redhat.com/insights/. Use the same Red Hat Customer Portal account that you used in Step 2.

    2. Navigate to InventorySystems.

    3. Click serverd.lab.example.com.

    4. Click the Vulnerability tab.

    5. Enter the CVE-2023-3972 CVE identifier in the Search ID or description search field. Confirm that the CVE is no longer reported for the serverd.lab.example.com system.

Finish

On the workstation machine, use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish insights-integrating

PreviousNext
Revision: rh415-9.2-a821299