diff --git a/exercises/rhdp_auto_satellite/1-compliance/images/1-compliance-aap2-template3.png b/exercises/rhdp_auto_satellite/1-compliance/images/1-compliance-aap2-template3.png index 41c968ae2..b729f734c 100644 Binary files a/exercises/rhdp_auto_satellite/1-compliance/images/1-compliance-aap2-template3.png and b/exercises/rhdp_auto_satellite/1-compliance/images/1-compliance-aap2-template3.png differ diff --git a/exercises/rhdp_auto_satellite/2-patching/README.md b/exercises/rhdp_auto_satellite/2-patching/README.md index 69324ee80..69fb6d417 100644 --- a/exercises/rhdp_auto_satellite/2-patching/README.md +++ b/exercises/rhdp_auto_satellite/2-patching/README.md @@ -110,12 +110,14 @@ Before we can finish the workflow we need to link 'SERVER / Fact Scan' to 'OS / * You will be prompted with an "Add Link" menu for the Run options. Leave the selection defined for 'On Success'. * Click "Save". * You will then need to hover over the 'OS / Patch OS to latest' node and edit the node by clicking on the pencil icon. Scroll down to the "Convergence" drop-down and select 'All'. - * Continue with clicking "Next", "Next" and "Save". + * Continue with clicking "Next", "Next", "Next", and "Save". Your workflow should resemble the following: ![workflow final](images/2-patching-aap2-workflow-final.png) +> NOTE!!! + Save and exit the workflow template editor by clicking on "Save" on the top right. #### 3\. Logging into Satellite @@ -144,8 +146,8 @@ Save and exit the workflow template editor by clicking on "Save" on the top righ ![Satellite RHEL7 CV](images/2-patching-aap-Satellite-CV-RHEL7.png) * In the Satellite UI on the left menu pane, navigate to Hosts > All Hosts and select node1.example.com. - * Select the "content" tab under Details. - * Notice the Installable errata; this is your number of errata before running your patch workflow. + * Notice the Applicable/Installable errata pie chart. + * You can choose to click on the number of errata linked to above the pie chart, or directly focus in on security advisories, bug fixes, or enhancements by click on those specific links. #### 5\. Navigate back to Ansible Automation Platform and launch workflow job @@ -164,14 +166,13 @@ Save and exit the workflow template editor by clicking on "Save" on the top righ * In the Satellite UI on the left menu pane, navigate to 'Content', then 'Lifecycle', then 'Content Views' and select RHEL7. * Notice the new content view version. * In the Satellite UI on the left menu pane, navigate to Hosts > All Hosts and select node1.example.com. - * Select the 'content' tab under Details. * Notice that the Installable errata has decreased. * This indicates that we have applied our updates. ![errata reduced](images/2-patching-aap2-Satellite-reduced-installable-errata.png) * You may notice that not all issues are remediated. - * This is to showcase that you can exclude updates based on type. + * This is to showcase that some updates can be excluded based on type. * In this case, we are not pushing out updates for kernel changes. * Of course, this can be configurable through use of the exclude definition for ```ansible.builtin.yum``` module in the server_patch.yml playbook. diff --git a/exercises/rhdp_auto_satellite/2-patching/images/2-patching-aap2-Satellite-reduced-installable-errata.png b/exercises/rhdp_auto_satellite/2-patching/images/2-patching-aap2-Satellite-reduced-installable-errata.png index 6fced3078..bb3b590c2 100644 Binary files a/exercises/rhdp_auto_satellite/2-patching/images/2-patching-aap2-Satellite-reduced-installable-errata.png and b/exercises/rhdp_auto_satellite/2-patching/images/2-patching-aap2-Satellite-reduced-installable-errata.png differ diff --git a/exercises/rhdp_auto_satellite/5-setupinsights/README.md b/exercises/rhdp_auto_satellite/5-setupinsights/README.md index b9f185045..2f5324b4b 100644 --- a/exercises/rhdp_auto_satellite/5-setupinsights/README.md +++ b/exercises/rhdp_auto_satellite/5-setupinsights/README.md @@ -2,9 +2,9 @@ Automated Satellite Workshop: Insights Environment Setup ---------------------------------------------------------------------- **Introduction**
-This use-case will focus on connecting an individual's Red Hat Portal Account to the Automated Satellite Workshop environment for the purposes of demonstrating Insights functionality at the end of the workshop. +This use-case will focus on connecting an individual's Red Hat Portal Account to the Automated Satellite Workshop environment for the purposes of demonstrating Insights functionality. -This exercise is primarily targeted for a Red Hat SA to deliver a demo of the Insights services, though any individual with a Red Hat Portal Account, the appropriate account permissions and other prerequiistes could run through this exercise. +This exercise is primarily targeted for a Red Hat SA/SSP to deliver a demo of the Insights services, though any individual with a Red Hat Portal Account, the appropriate account permissions and other prerequiistes could run through this exercise. This exercise is perscriptive in its setup, yet open-ended in its implementation. @@ -34,15 +34,15 @@ Prerequisites -------------- - Information required for executing this exercise - - Manifest created in your portal account targeted to Satellite 6.14 with appropriate subscriptions including a minimum of 2 RHEL Instance-based subscriptions with Smart Management and 1 Satellite Infrastructure subscription + - Manifest created in your portal account targeted to Satellite 6.15 with appropriate subscriptions including a minimum of 2 RHEL Instance-based subscriptions with Smart Management (Employee SKU can be used) and 1 Red Hat Satellite Infrastructure subscription - Record the name ⇒ manifest_name - Offline Token for accessing the Subscription Manager API - access.redhat.com -> Subscriptions -> Manage -> RHSM API Tokens - Generate Token ⇒ offline_token - Your Organization ID - - access.redhat.com -> Subscriptions -> Manage -> Activation Keys ⇒ rhsm_org_id OR - - console.redhat.com -> Settings -> Remote Host Configuration -> Activation Keys⇒ rhsm_org_id + - access.redhat.com -> Subscriptions -> Systems -> Activation Keys ⇒ rhsm_org_id OR + - console.redhat.com -> Services -> Platform/Red Hat Enterprise Linux -> Inventory -> System Configuration -> Activation Keys⇒ rhsm_org_id - Red Hat Account username and password - username ⇒ redhat_portal_username @@ -94,7 +94,7 @@ Exercise: ![setup-insights](images/4-setupinsights-variables.png) -- Add the following variables captured during the prerequisites: +- Configure the following variables captured during the prerequisites: - manifest_name - offline_token diff --git a/exercises/rhdp_auto_satellite/6-exploreinsights/README.md b/exercises/rhdp_auto_satellite/6-exploreinsights/README.md index c453a4c8d..e67416197 100644 --- a/exercises/rhdp_auto_satellite/6-exploreinsights/README.md +++ b/exercises/rhdp_auto_satellite/6-exploreinsights/README.md @@ -19,13 +19,13 @@ This exercise is much less prescriptive and is designed to provide the student w - Login to console.redhat.com using portal account credentials - https://console.redhat.com -- Select Red Hat Enterprise Linux -> Red Hat Insights +- Select Services -> Red Hat Enterprise Linux -- This will bring you to the Overview page which depicts a dashboard of the hosts that are registered to Insights +- This will bring you to the Dashboard page which provides an overview of the hosts that are registered to Insights - Explore this dashboard noting that each box addresses an Insights Service -- Click on Inventory +- On the left side menu, click on Inventory -> Systems - Note that the hosts registered during the `Z / SETUP / Insights` workflow template job run are present at the top of the list @@ -42,7 +42,10 @@ This exercise is much less prescriptive and is designed to provide the student w - Let's now look at all hosts associated with a Service. In this example let's use Vulnerability service - - On the left hand navigation pane click on Vulnerability -> CVEs. This view will show the vulnerabilities for all systems registered to Red Hat Insights + - On the left hand navigation pane click on Security -> Vulnerability -> CVEs. This view will show the vulnerabilities for all systems registered to Red Hat Insights + +> NOTE +> - Over time, the CVEs with known exploits, CVEs with security rules, CVEs with critical severity, and CVEs with important severity will all vary as updates are applied to the registered systems, the screenshot displayed is for example purposes only and will differ from your dashboard. ![account-vulnerability-information](images/5-exploreinsights-account-vulnerabilities.png) diff --git a/exercises/rhdp_auto_satellite/6-exploreinsights/images/5-exploreinsights-inventory-general.png b/exercises/rhdp_auto_satellite/6-exploreinsights/images/5-exploreinsights-inventory-general.png index efd12e7bd..8ebdfc2e9 100644 Binary files a/exercises/rhdp_auto_satellite/6-exploreinsights/images/5-exploreinsights-inventory-general.png and b/exercises/rhdp_auto_satellite/6-exploreinsights/images/5-exploreinsights-inventory-general.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/README.md b/exercises/rhdp_auto_satellite/7-remediatevulnerability/README.md index e98b66fd5..300604a1c 100644 --- a/exercises/rhdp_auto_satellite/7-remediatevulnerability/README.md +++ b/exercises/rhdp_auto_satellite/7-remediatevulnerability/README.md @@ -25,19 +25,19 @@ Exercise #### 1\. Prepare to Remediate a Vulnerability -Now that you have some familiarity with the Insights Services let's go correct an issue. In this example, it will be a specific vulnerability. +Now that you have some familiarity with the Insights Services, let's correct an issue. In this example, it will be a specific vulnerability. - Login to Red Hat Insights by going to https://console.redhat.com using your Red Hat Portal Account credentials. -- Navigate to Red Hat Insights by going to Red Hat Enteprise Linux -> Red Hat Insights. +- Navigate to Red Hat Insights by clicking on Services -> Red Hat Enteprise Linux -- Navigatate to Inventory and click into node1.example.com +- On the left side menu, click on Inventory -> Systems and click on node1.example.com - Click on the Vulnerability tab. -- Select any Vulnerability listed that has a Playbook listed in the Remediation column. For this example we will choose "CVE-2023-22809". +- Select any Vulnerability listed that has a Playbook listed in the Remediation column. For this example we will choose "CVE-2024-1086" (NOTE, this CVE might not be present for your systems, if so, choose another CVE to remediate). -- Click on the box to the left of the CVE name and notice that the Remediate button becomes active. This indicates that a Remediation playbood can be created for this vulnerability. +- Click on the box to the left of the CVE name and notice that the blue Remediate button becomes active. This indicates that a Remediation playbook can be created for this vulnerability. ![remediate-button-active](images/6-remediatevulnerability-remediate-button.png) @@ -55,7 +55,7 @@ Now that you have some familiarity with the Insights Services let's go correct a - Select Next and you are presented with a Remediation Review screen. -> **NOTE** In order to correct this vulnerability a reboot is required. If you desire to reboot later, select "turn off autoreboot". +> **NOTE** In order to correct this vulnerability a reboot is required. If you desire to reboot later, click the radio button "Auto reboot is on" so that it changes from blue to gray. ![remediation-review](images/6-remediatevulnerability-remediation-review.png) @@ -69,7 +69,7 @@ At this point a playbook that has been created is available in the Remediations - Click on Return to Application or close the window. -- Select Toolkit -> Remediations. +- On the left side menu, click Automation Toolkit -> Remediations. > **NOTE** That the playbook you created in the step above is available. @@ -122,7 +122,7 @@ Let's create a Job Template that uses this playbook. - Click the BLUE 'Add' drop-down icon and select 'Add job template' from the drop-down selection menu. Fill out the details as follows: - Name: Insights / Remediation - CVE-2023-22809 + Name: Insights / Remediation - CVE-2024-1086 Job Type: Run @@ -133,14 +133,12 @@ Let's create a Job Template that uses this playbook. Execution Environment: insights execution environment (Click the magnifying glass icon to select.) - Playbook: cve-2023-22809-(uuid).yml (Click drop-down to select.) + Playbook: cve-2024-1086-(uuid).yml (Click drop-down to select.) Credentials: Workshop Credential (Click drop-down to select.) > **NOTE** The diagram below depicts the job template that should be created. - - ![insights-template](images/6-remediatevulnerability-insights-template.png) - Click Save. @@ -162,13 +160,13 @@ Let's go validate that the Remediation playbook eliminated the vulnerability. Login to https://console.redhat.com using portal account credentials -- Select Red Hat Enterprise Linux -> Red Hat Insights. +- Select Services -> Red Hat Enterprise Linux. - This will bring you to the Overview page which depicts a dashboard of the hosts that are registered to Insights. First verify that the Remediation was run. -- Navigate to Toolkit -> Remediations. +- On the left side menu, click Automation Toolkit -> Remediations. - Verify that the remediation playbook created earlier shows a green checkmark under "Complete actions". @@ -177,12 +175,12 @@ First verify that the Remediation was run. Now let's go look at the CVE to verify that node1.example.com is no longer an impacted system. -- Navigate to Vulnerability -> CVE's and search for the CVE you targeted in this remediation and click into it. In this example it is CVE-2023-22809. +- On the left side menu, click Security -> Vulnerability -> CVE's and search for the CVE targeted in this remediation and click into it. In this example, it is CVE-2024-1086. ![insights-remediation-complete](images/6-remediatevulnerability-cve-remediation-complete.png) -- Verify that node1 no longer shows up as a vulnerable system for this CVE. +- Verify that node1.example.com no longer shows up as a vulnerable system for this CVE. -This completes this exercise. \ No newline at end of file +This completes the exercise. \ No newline at end of file diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-cve-remediation-complete.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-cve-remediation-complete.png index 0b927f1fe..7fbaeb026 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-cve-remediation-complete.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-cve-remediation-complete.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-insights-template.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-insights-template.png index f834117ac..7e48be284 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-insights-template.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-insights-template.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-playbook-created.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-playbook-created.png index d50bc1fc1..fd23983d8 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-playbook-created.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-playbook-created.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediate-button.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediate-button.png index 10625eecd..a7627abe3 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediate-button.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediate-button.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-playbook-complete.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-playbook-complete.png index e7f4092e2..b871f7404 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-playbook-complete.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-playbook-complete.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-review.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-review.png index 77680268d..f267d141e 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-review.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-remediation-review.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-review-systems.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-review-systems.png index 7e9a7cee4..e01e0a0d0 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-review-systems.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-review-systems.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-select-playbook.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-select-playbook.png index b08ffbdc1..1259e7fe4 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-select-playbook.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-select-playbook.png differ diff --git a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-template-complete.png b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-template-complete.png index 195801c83..d3a48470e 100644 Binary files a/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-template-complete.png and b/exercises/rhdp_auto_satellite/7-remediatevulnerability/images/6-remediatevulnerability-template-complete.png differ