Using Packer and Ansible for Hardening

Get Started
1 hour
  • 2 Learning Objectives

About this Hands-on Lab

This lab facilitates learning by doing by utilizing Packer to create an ami-image file that is staged in Amazon aws. The Packer tool is used to run an Ansible role against the OS image to harden the image. The resulting ami-image would then be available to specify when creating or upgrading Kubernetes clusters using installers such as kops.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Grab the aws keys and Install the Ansible Role

Use the directory list command to verify the files in your home directory.

$ ls -l

Verify that ansible is installed by typing:

$ ansible --version

Display the AWS Credentials setup for your lab and make note of them.

IMPORTANT: DO NOT STORE THESE KEYS ANYWHERE BUT ON YOUR PRIVATE CLIENT SYSTEM.

$ cat .aws/credentials

Generate an RSA key for use by the ansible playbook that will be used to harden the OS system.

$ ssh-keygen -b 4096

Note: Use defaults (blank return responses) to the prompts.

Create a default vpc for your lab instance:

$ aws ec2 create-default-vpc

Use the anisible-galaxy to install the sample plybook we will use in this lab:

$ ansible-galaxy install githubixx.harden-linux
Edit the keys into the Packer run script, and Run the Packer Job

Use the editor of your choice to edit the ksac-packer-build.sh file and place the actual aws key id and secret key that you recorded into the place where the environment variables appear now.

$ vi ksac-packer-build.sh

Use the cat command to examine the contents of the ksac-packer.json file.

$ cat ksac-packer.json

Use the cat command to examine the contents of the playbook.yml file.

$ cat playbook.yml

When you are ready to execute the packer build and provisioning process, enter:

$ ksac-packer-build.sh

When the output is complete, use the amazon console to view the ami images created.

Additional Resources

This lab installs ansible and packer on the bastion host. Basic linux commands are used to run a packer job that has been preconfigured.

The student should be familiar with Linux commands and able to edit shell scripts.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!
Thanks for reaching out!

You’ll hear from us shortly. In the meantime, why not check out what our customers have to say about ACG?