Category: Linux

Automating Node Exporter and VMagent Deployment with Ansible

Introduction

Keeping your infrastructure healthy means keeping a close eye on it—and that is where monitoring tools like Node Exporter and VictoriaMetrics VMagent come in. They are great at collecting and shipping system metrics from your servers, but here is the catch: installing and configuring them manually across dozens of machines is tedious, messy, and frankly, a recipe for inconsistency. That is where automation saves the day. In this guide, we will walk through how to use Ansible to deploy Node Exporter and VMagent cleanly and reliably, following best practices that are ready for real-world production environments. Continue reading “Automating Node Exporter and VMagent Deployment with Ansible”

Introduction To Inodes

Today we had an interesting problem for a project. We were getting the message ‘disk is full’ despite having plenty of free space. Luckily my first thought was ‘inodes?’

 I logged in and checked inode usage

$ df -i
Filesystem   Inodes    IUsed    IFree   IUse% Mounted on
/dev/xvda1   525312   524844   468   100%   /
tmpfs           1007942   1102  1006840    1% /run

This shows that all the inodes on the disk itself are full.

 High inode usage is usually caused by a massive number of small files. In this case, the session files are normally stored somewhere temporary and removed when not in use. Either there could have been a bug in the code not removing them or it was a higher traffic website.

So we can see that inode is a very important aspect of Linux, so this blog will take u to a detailed journey to inodes.

Continue reading “Introduction To Inodes”

Linux OS Hardening: CIS Benchmarks

CIS benchmarks for Linux provide security configuration guidelines that are widely accepted across the industry to protect the operating system from various threats. These standards provide clear and actionable steps—such as disabling unnecessary services, limiting permissions, and enhancing SSH security—that are organized into two levels: Level 1 for essential practices and Level 2 for those looking for high-security measures, which apply to both servers and workstations.  To enforce these guidelines, CIS hardened images and automation tools, such as Ansible, can be used to ensure compliance and mitigate the risks associated with default, insecure settings.

As we’re going through a pandemic majority of business have taken things online with options like work from home and as things get more and moreover the internet our concerns regarding cybersecurity become more and more prominent. We start to dig a little to have standards in place and terms like  Compliance, Hardening, CIS, HIPPA, PCI-DSS are minted out. Today we’ll be discussing why to have CIS benchmarks in place in the least and how we at Opstree have automated this for our clients.

Before moving forward get familiar with basic terms:

CIS Benchmarks are the best security measures that are created by the Centre of Internet Security to improve the security configuration of an organization. Continue reading “Linux OS Hardening: CIS Benchmarks”

Raktbeej Proxy

All we could think of imagining a routine day of a NOC guy is looking at all the fancy and colorful multiple screens around, but is this all it?

The answer to the above statement is NO! As a NOC, We have access to the information that is critical to analyze and plot company infra strength and on top of that, access to the servers and protected network makes the situation more critical if thing happens to be in wrong hands.

Continue reading “Raktbeej Proxy”

Shell initialization files

Introduction

A shell initialization file is a shell script that runs automatically each time the shell executes. The initialization file sets up the “work environment” and “customizes” the shell environment for the user. The main agenda of Shell initialization files are to persist common shell configuration, such as Continue reading “Shell initialization files”