cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Docs rebuild

Browse source
This commit is contained in:
Michael DeHaan 2012-05-19 20:57:34 -04:00
parent e21595fcc7
commit f7d4b418d5
5 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
bestpractices.html
View file

@ -216,7 +216,7 @@ using the group variable system.</p>
stop.yml</pre>
</div>
<p>Any directories or files not needed can be omitted. Not all modules may require <cite>vars</cite> or <cite>files</cite> sections, though most
will require <cite>handlers</cite>, <cite>tasks</cite>, and <cite>templates</cite>. To review what each of these sections do, see ref:<cite>playbooks</cite> and ref:<cite>playbooks2</cite>.</p>
will require <cite>handlers</cite>, <cite>tasks</cite>, and <cite>templates</cite>. To review what each of these sections do, see <a class="reference internal" href="playbooks.html"><em>Playbooks</em></a> and <a class="reference internal" href="playbooks2.html"><em>Advanced Playbooks</em></a>.</p>
<p>The acme/setup.yml playbook would be as simple as:</p>
<div class="highlight-python"><pre>----

4
examples.html
View file

@ -283,13 +283,13 @@ ansible webservers -m file -a "dest=/srv/foo/b.txt mode=600 owner=mdehaan group=
<div class="highlight-python"><pre>ansible webservers -m yum -a "pkg=acme state=installed"</pre>
</div>
<p>Ensure a package is installed to a specific version:</p>
<div class="highlight-python"><pre>ansible-webservers -m yum -a "pkg=acme-1.5 state=installed"</pre>
<div class="highlight-python"><pre>ansible webservers -m yum -a "pkg=acme-1.5 state=installed"</pre>
</div>
<p>Ensure a package is at the latest version:</p>
<div class="highlight-python"><pre>ansible webservers -m yum -a "pkg=acme state=latest"</pre>
</div>
<p>Ensure a package is not installed:</p>
<div class="highlight-python"><pre>ansible-webservers -m yum -a "pkg=acme state=removed"</pre>
<div class="highlight-python"><pre>ansible webservers -m yum -a "pkg=acme state=removed"</pre>
</div>
<p>Currently Ansible only has modules for managing packages with yum and apt. You can install
for other packages for now using the command module or (better!) contribute a module

2
faq.html
View file

@ -329,7 +329,7 @@ them probably isn&#8217;t appropriate, which is why ansible-pull exists.</p>
<p>This tool is designed for running out of git and cron, and can scale to any
number of hosts. Ansible-pull uses local connections versus SSH, but can be
easily bootstrapped or reconfigured just using SSH. There is more information
available about this in the ref:<cite>playbooks2</cite> section. The self-bootstrapping
available about this in the <a class="reference internal" href="playbooks2.html"><em>Advanced Playbooks</em></a> section. The self-bootstrapping
and ease of use are ansible are still retained, even when switching to the pull
model.</p>
<p>If you&#8217;d like to discuss scaling strategies further, please hop on the mailing list.</p>

4
index.html
View file

@ -220,7 +220,7 @@ of control. Further, it was designed for deploying multi-node applications from
</div>
<div class="section" id="simple-secure-by-default">
<h1>Simple &amp; Secure By Default<a class="headerlink" href="#simple-secure-by-default" title="Permalink to this headline"></a></h1>
<p>Compared with most configuration managememnt tools, Ansible is also much more secure. While most configuration management tools use a daemon, running as root with full access to the system, with its own in-house developed PKI infrastructure, Ansible just uses SSH (and supports sudo as necessary). There is no additional attack surface and OpenSSH is one of the most peer reviewed security components out there.
<p>Compared with most configuration managememnt tools, Ansible is also much more secure. While most configuration management tools use a daemon, running as root with full access to the system, with its own in-house developed PKI infrastructure, Ansible just uses SSH (and supports sudo as neccesssary). There is no additional attack surface and OpenSSH is one of the most peer reviewed security components out there.
If a central server containing your playbooks are comprimised, your nodes are not &#8211; which is NOT the case
of these other tools, which can, more or less, turn into a botnet. Our security approach is to avoid writing custom
crypto code altogether, and rely on the most secure part of the Linux/Unix subsystem that your machines are already using. There is no PKI subsystem to maintain, which can be a frequent source of problems, particularly when reinstalling or migrating
@ -452,4 +452,4 @@ Puppet Labs, and is now with <a class="reference external" href="http://rpath.co
</div>
</footer>
</body>
</html>
</html>

2
searchindex.js
View file

File diff suppressed because one or more lines are too long