Freitag, 26. September 2014

Upgrade your Servers with Rex - fix ShellShock

If you need to upgrade your servers to protect them against ShellShock or other vulnerabilities Rex can help you to do this fast and reliable.

Rex is a tool that runs on your workstation or a central management server. Rex will connect via ssh to your hosts and executes the given commands. There is a simple perl based DSL to ease the execution, so you don't care about running apt-get, yum, zypper, ... to install a package. For example there are functions to manage services, packages, users, files and many more.

The installation is easy and described on the webpage.

If you already have a Rexfile which defines your server groups and authentication you can just use it to upgrade bash.

$ cd path/to/your/Rexfile
$ rex -G $server_group -e "pkg 'bash', ensure => 'latest';"

If you don't have a Rexfile yet, you can also use something like this:

$ rex -H 'frontend[01..10] middleware[01..05]' \
    -u $user -p $password \
    -e "pkg 'bash', ensure => 'latest';"

If you need Key-Authentication

$ rex -H 'frontend[01..10] middleware[01..05]' \
    -u $user \
    -P /path/to/private.key -K /path/to/public.key \
   [-p keypass ] \
    -e "pkg 'bash', ensure => 'latest';"


If you want to execute the installation in parallel you can use the -t $thread_count cli option to control the threading.

$ rex -H 'frontend[01..10] middleware[01..05]' \
    -u $user -p $password \
    -t 50 \
    -e "pkg 'bash', ensure => 'latest';"

Keine Kommentare:

Kommentar veröffentlichen