[clug] old-school remote sys configuration/management options

Bob Edwards bob at cs.anu.edu.au
Thu May 7 05:49:14 UTC 2020


On 7/5/20 2:30 pm, Hugh Fisher wrote:
> On Thu, May 7, 2020 at 1:07 PM Bob Edwards via linux
> <linux at lists.samba.org> wrote:
> [ munch ]
>> Wondering if anyone else has considered this and if anyone can suggest/
>> recommend any existing frameworks or similar? I am looking for something
>> that can do some/all of:
> I recommend Ansible.

Thanks Hugh (and Chris, and others).

I should have taken an actual look at Ansible before posting.

The reason I didn't was largely influenced by:
- tracked by AusCERT as:
"ESB-2020.1595 - [Debian] ansible: Multiple vulnerabilities"

I was actually keeping my eye out for:
"ESB-2020.1607 - [Debian] salt: Multiple vulnerabilities"
but when I saw the slightly earlier Ansible one (without actually
reading it), I became further convinced that this wasn't the solution...
my bad.

Bob Edwards.

> To be clear, I'm not saying that Ansible is perfect, not saying it
> does everything,
> not saying that everyone should use it. I do think it is a good fit for what Bob
> wants to do.
> The only network link required between controller and managed hosts is ssh,
> which you have already.
> The only software that needs to be installed on the managed hosts is Python.
> Which is usually already present, and has other uses besides management,
> so again not difficult or wasteful.
> Config is expressed in YAML files, which not everyone likes. But they are
> plain text and stored in the file system, not some kind of database.
> Ansible comes with a lot of built-in config commands which work across the
> most popular distros, handling things like "on Fedora you set the timezone
> like this, on Ubuntu like that, ..." So your managed hosts don't have to be
> all the same.
> If you need to do something yourself, it's fairly easy to run your own custom
> Python, or custom Bash/whatever, scripts, within configuration.
> And you can have your progress reports from an ASCII art cow if you choose.

More information about the linux mailing list