Hello. I'm looking around for a best practice tutorial or document that describes how to configure our ansible server to deploy our applications to about 20 servers at a time. We call this group of servers a track. We have a growing number of tracks.
So I got Ansible installed but now I want to know how best to deploy keys to the 20 remote hosts. How do I automate the secure deployment of ssh keys to these hosts? I see notes about how to set up user security for remote hosts but those are, as far as I can tell, assuming initial connectivity has been established. Also, one of my work mates indicates that a secure remote host should have a user (ansible perhaps?) with restricted access that can only execute specific commands. I assume this happens by configuring the sudoers file. If we go there, it seems I need to allow specific applications like yum, python, file copies, etc for the ansible user. So it seems to be a chicken and egg problem and now we're back to lots of pre-configuring each agentless host so that I can deploy apps and configs from a central ansible server. How is everyone dispensing ssh keys and setting up ansible users so that we can have a secure and a not too tedious set up process. BTW, our setup is mainly Redhat 6.x and 7. Thanks in advance for any tips, Chris. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c035d0c8-952f-4046-8f0f-d54b0ed37310%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
