Infrastructure Automation Use Case

Use Case Overview: Mike Pompey Jump Host

This use case showcases Bob's ability to automate complex on-premises infrastructure deployments. The project configured a RHEL jump host for IBM Data & AI Evangelist Michael Pompey with SSH and xRDP access, Active Directory integration, and QRadar SIEM logging.

30 min

Planning & Documentation

3,749

Lines of Documentation

95%

Time Savings

10

Documentation Files

What Was Automated

1. OpenShift Virtualization Deployment

RHEL 9.x virtual machine on OpenShift cluster (fusion1.ibm.aessatl.arrow.com)
VM Name: aec-jmp-host-pompey
Namespace: aec-jump-hosts
GNOME Desktop Environment with xRDP

2. MetalLB LoadBalancer Services

SSH Service (Port 22) with external IP 172.20.21.215
xRDP Service (Port 3389) sharing the same IP
IP sharing annotation for MetalLB configuration
Kubernetes service manifests with proper selectors

3. On-Premises DNS Configuration

Microsoft DNS Server integration
A Record: mikejmp.ibm.aessatl.arrow.com → 172.20.21.215
PTR Record for reverse DNS lookup
PowerShell script for automated DNS record creation

4. Enterprise Integration

Active Directory domain join (IBM.aessatl.arrow.com)
SSSD configuration for AD authentication
QRadar SIEM logging (172.20.28.11:514 UDP)
Automatic home directory creation for AD users

Implementation Process

Step 1: MetalLB LoadBalancer Services

# SSH Service Configuration
apiVersion: v1
kind: Service
metadata:
  name: mikejmp-ssh
  namespace: aec-jump-hosts
  annotations:
    metallb.universe.tf/loadBalancerIPs: 172.20.21.215
    metallb.universe.tf/allow-shared-ip: "mikejmp-shared"
spec:
  type: LoadBalancer
  selector:
    kubevirt.io/vm: aec-jmp-host-pompey
  ports:
  - name: ssh
    protocol: TCP
    port: 22
    targetPort: 22

✓ Services deployed successfully
✓ External IP assigned: 172.20.21.215
            

Step 2: On-Premises DNS Registration

# PowerShell script for Microsoft DNS Server
Add-DnsServerResourceRecordA `
  -Name "mikejmp" `
  -ZoneName "ibm.aessatl.arrow.com" `
  -IPv4Address "172.20.21.215" `
  -TimeToLive 01:00:00

Add-DnsServerResourceRecordPtr `
  -Name "215" `
  -ZoneName "21.20.172.in-addr.arpa" `
  -PtrDomainName "mikejmp.ibm.aessatl.arrow.com"

✓ DNS records created
✓ Forward lookup: mikejmp.ibm.aessatl.arrow.com → 172.20.21.215
✓ Reverse lookup: 172.20.21.215 → mikejmp.ibm.aessatl.arrow.com
            

Step 3: Active Directory Integration

# Install AD integration packages
sudo dnf install -y realmd sssd sssd-tools adcli krb5-workstation

# Join domain
sudo realm join --user=administrator IBM.aessatl.arrow.com

# Configure SSSD for authentication
sudo systemctl enable sssd
sudo systemctl start sssd

✓ Domain joined successfully
✓ AD authentication configured
✓ Automatic home directory creation enabled
            

Key Features

✓ On-Premises Integration
Seamless integration with existing Microsoft DNS and Active Directory infrastructure

✓ Enterprise Security
QRadar SIEM logging, AD authentication, and network segmentation

✓ Comprehensive Documentation
10 documentation files with 3,749 lines covering all aspects of deployment

✓ Production-Ready
Enterprise-grade configuration with proper error handling and monitoring

Results

Access Points Created:

ssh mpompey@mikejmp.ibm.aessatl.arrow.com
rdp://mikejmp.ibm.aessatl.arrow.com (Microsoft Remote Desktop)
Active Directory SSO with domain credentials

Documentation Generated

Implementation plan (760 lines) - Complete deployment procedure
User connection guide (275 lines) - How to access the jump host
Deployment scripts (1,015 lines) - All YAML and PowerShell scripts
DNS automation guide (571 lines) - External DNS integration options
The Story (498 lines) - Business narrative for presentations
Executive summary - Talking points for stakeholders

Technologies Used

Red Hat OpenShift Virtualization - Enterprise Kubernetes for VMs
MetalLB - LoadBalancer for bare-metal Kubernetes
Microsoft DNS - On-premises DNS integration
Microsoft Active Directory - Enterprise authentication
IBM QRadar - Security Information and Event Management
RHEL 9.x - Enterprise Linux operating system
xRDP - Remote Desktop Protocol server

Business Impact

Time Savings: Traditional approach would take 1-2 weeks (40 hours). AI-assisted approach completed planning and documentation in 30 minutes - a 95% time reduction.

Cost Savings: Estimated $3,800 saved per deployment. For 100 deployments per year, that's $380,000 in labor cost savings.

Quality Improvement: Comprehensive documentation, best practices built-in, and reproducible process for future deployments.

Learn More

This use case represents one example of Bob's infrastructure automation capabilities. For more information about the complete project, including source code and documentation, visit the project repository.

🚀 Infrastructure Automation Use Case

📊 Visual Infographic Available