Hello.

I'm looking around for a best practice tutorial or document that describes 
how to configure our ansible server to deploy our applications to about 20 
servers at a time.  We call this group of servers a track.  We have a 
growing number of tracks.

So I got Ansible installed but now I want to know how best to deploy keys 
to the 20 remote hosts.  How do I automate the secure deployment of ssh 
keys to these hosts?

I see notes about how to set up user security for remote hosts but those 
are, as far as I can tell, assuming initial connectivity has been 
established.

Also, one of my work mates indicates that a secure remote host should have 
a user (ansible perhaps?) with restricted access that can only execute 
specific commands.  I assume this happens by configuring the sudoers file. 
 If we go there, it seems I need to allow specific applications like yum, 
python, file copies, etc for the ansible user.

So it seems to be a chicken and egg problem and now we're back to lots of 
pre-configuring each agentless host so that I can deploy apps and configs 
from a central ansible server.


How is everyone dispensing ssh keys and setting up ansible users so that we 
can have a secure and a not too tedious set up process.

BTW, our setup is mainly Redhat 6.x and 7.

Thanks in advance for any tips,
Chris.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c035d0c8-952f-4046-8f0f-d54b0ed37310%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to