Hello. I'm looking around for a best practice tutorial or document that describes how to configure our ansible server to deploy our applications to about 20 servers at a time. We call this group of servers a track. We have a growing number of tracks.
So I got Ansible installed but now I want to know how best to deploy keys to the 20 remote hosts. How do I automate the secure deployment of ssh keys to these hosts? I see notes about how to set up user security for remote hosts but those are, as far as I can tell, assuming initial connectivity has been established. Also, one of my work mates indicates that a secure remote host should have a user (ansible perhaps?) with restricted access that can only execute specific commands. I assume this happens by configuring the sudoers file. If we go there, it seems I need to allow specific applications like yum, python, file copies, etc for the ansible user. So it seems to be a chicken and egg problem and now we're back to lots of pre-configuring each agentless host so that I can deploy apps and configs from a central ansible server. How is everyone dispensing ssh keys and setting up ansible users so that we can have a secure and a not too tedious set up process. BTW, our setup is mainly Redhat 6.x and 7. Thanks in advance for any tips, Chris. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c035d0c8-952f-4046-8f0f-d54b0ed37310%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
