We also investigating the best setup. On the moment we have a sort of call home system the remote is a linux applianceand the control node is in docker. The remote appliance makes a ssh tunnel to the main and we use the controle node trought that tunnel. On the firewall's the ip's are added to the rules.
Op woensdag 10 november 2021 om 20:06:46 UTC+1 schreef jcp...@johnpetro.com: > Good Afternoon, > My team is in the process of doing a review of our current environment. > The question came up, that since the ansible control node has the "keys to > the kingdom" that it should not live on public IP space. So I thought I > might ask, what are you folks doing in terms of where your control node > sits. Are you exposed to the internet, are you on either private IP space > ( ie. 10 net or 192.168 space ), or are you behind a firewall, or some > other kinds of network security type devices/technologies. > > --John > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/88bc1ce6-c191-42fa-bbcb-4a466297c135n%40googlegroups.com.
