Review for new rbac_playbook
Kevin Fenzi
kevin at scrye.com
Wed Jun 11 22:27:15 UTC 2014
On Mon, 9 Jun 2014 10:13:00 -0600
Tim Flink <tflink at redhat.com> wrote:
> I've generally been using port 222 for real ssh on those hosts. We
> could set the port in the inventory file. While that would work for
> many cases, I've always used the -e directly for 2 reasons:
>
> 1) My understanding is that ansible convention discourages putting
> stuff like that in the inventory files
Well, it's a bit ugly, but should work I would think.
> 2) Hosts are listening for ssh on port 22 when initially deployed.
> Initial deployments would require changing the inventory
> information to use port 22 for initial deployment and then changing
> it back to the alternate port after running the playbook/role which
> sets up the alternate port for ssh.
True... a bit messy.
> If that's the way that we want to go, we'll have some extra commits to
> the ansible repo but it'll work.
Yeah, I think a bit of messyness in the repo is better than having to
bother with -P in rbac-playbook... just to make it simplier.
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20140611/67d96bc1/attachment.sig>
More information about the infrastructure
mailing list