It is a stupid idea that #Ansible will invalidate group names with dashes in the future.
It is a stupid idea that #Ansible will invalidate group names with dashes in the future.
Can you link to your #Ansible system update/patching playbooks for Debian systems?
Do you have strategies for rolling back if something goes wrong? I'd love to see how you do it.
Ich muss das heute Abend mal im stillen Kämmerlein testen.
#ansible @openproject Upgrade auf Debian ;)
Mal sehen ob das funktioniert, wäre ja nett
Fehlt nur noch der automatische Snapshot mit VMware ESX vorab
Aber wie ich mich kenne kriselt das mit den vars für das Datenbankbackup aus der installer.dat
Der Rest sollte funktionierten, da ich mit apt-mark schon mit anderen Paketen gearbeitet habe
Farewell, #YaST.
"YaST in maintenance mode […] replaced by #Agama, #Cockpit and #Ansible"
aus "Systems Management with SLES 16": https://www.suse.com/c/systems-management-with-suse-linux-enterprise-server-16/
Side note: YaST sowie die Popularität von #SUSE Linux im deutschsprachigen Raum Ende der 90er waren der Grund, warum ich meine ersten Linux-Gehversuche mit eben dieser Distribution gemacht habe.
#Yast war dann aber auch einer der Gründe, warum ich sie nach wenigen Monaten hinter mit gelassen habe, denn irgendwie harmonierten wir zwei nicht.
I think I'm done piecing together the most important bits of my #kubernetes cluster and created a set of #ansible roles. Now it's time to actually provision the cluster in staging and see how it runs on the real hardware. But I kind of feel blocked. I'm done with a big chunk of work, and now I'm hesitant to take the next step. Is that the #itc #engineer version of #writersblock ? #k8s #automation #infrastructureascode #ias
Hallo Fediverse,
ich bin gerade auf der Suche nach einem neuen #Freelance-Projekt im #DevOps-Bereich.
Wenn ihr also Beratung und erfahrene Hände bei Themen wie Infrastruktur, #Cloud, Automatisierung, #IaC, #GitOps, #Kubernetes, #Terraform, #Ansible, Monitoring mit #Prometheus, etc. sucht und euer Unternehmen nicht gerade damit beschäftigt ist, den Planeten anzuzünden, dann lasst uns doch gerne mal sprechen.
Menschen die `.json.j2` als Template in Ansible verwenden, so als ob es `to_nice_json` nicht geben würde.
Free and Open Source Infra and Software #Hackathon
Wir laden euch zum gemeinsamen Arbeiten an #FOSS in den @cccffm vom 17.–19. Januar 2025 ein.
Pretix: https://pretix.ffffm.net/ffffmev/hackathon202401/
Raum zum Entwickeln und Austauschen bezüglich Freier und Offener #Infrastruktur und Software.
Zum Beispiel Entwicklung an #OpenWrt, der Umbau von #Saltstack oder #Puppet auf #NixOS oder #Ansible, genauso aber auch Dokumentationserweiterung oder das Erstellen von Anleitungen fürs Routing im Internet
#NerdOps after having my infra on #Ansible since prior to 1.0, I am finally getting around to making it a little more ... idiomatic, rather than some arcane dialect.
The hardest bit has been refactoring stuff so that the nice hash merging that was possible in the past (making it work very much like hiera from #puppet) now requires an extraordinary amount of contortionism to achieve the same simplicity.
All of my core modules have relied on this, and its weird refactoring this out.
For example, I have a role for each app (postgresql, couchdb, dnsdist, ci, etc).
Each app lives in its own jail, has an external zfs dataset, and also requires the jail host to provide the empty jail to be filled.
Previously I would stuff each jail into a hash, and then loop over the hash to create them after all definitions are imported. This isn't possible anymore, so I have a bunch of silly duplication because of this.
To answer @pearl's original question:
Maybe @geerlingguy is having a closer look at #CI / #CD-ing #SDN distros.
Wait, why is #Ansible running my vault_password_file script that I've configured in ansible.cfg on every call of ansible-playbook, even if the playbook and the inventory doesn't contain anything encrypted at all?
Because I would've expected it to only run the script when it actually comes across a Vault-encrypted variable or something.
Okay, dynamically adding one (or zero) of the local-only hosts to the right group(s) seems to work!
Thanks to @resmo for pointing me in the right direction
I think this isn't _that_ uncommon of a pattern, but I don't really know how to implement it with #Ansible:
I have multiple machines I only access locally, like my laptop, my workstation, or some airgapped machine. They don't have sshd running.
I keep my whole Ansible config (playbooks, roles, inventory) in Git.
How would I run a playbook from Git against all hosts (SSH and local), but skip all the "local-only" machines that don't match the one I'm actually sitting at?
Manually set -l?
#ansiblebook #Ansible Up and Running 3rd was translated to #korean
Hey #Ansible and/or #Jinja crowd: Any idea how I can, reasonably easily, transform the 'records_in' data into 'records_out'?
What I basically need is to merge these records by _two_ keys: prefix and type. If it was only one key, this would probably be a candidate for the mergeby filter (https://docs.ansible.com/ansible/latest/collections/community/general/lists_mergeby_filter.html), but no, it should only merge items where both of these keys are identical.
Note that I'm converting 'value' into a list on the fly here, too, where necessary. That's only nice-to-have.
Funny that I was asking that question exactly one year ago. Back then, I decided to keep using #Salt.
Now, things have changed. Salt being a Broadcom/VMware product feels different now that several distributions have stopped packaging Salt because it's not compatible with the Python version they ship. Salt on the other hand has started bundling a version of Python in their distribution.
I don't like installing a VMware blob on all of my machines.
Starting to think I should've gone #Ansible.
And there she is: v4.3.1 is live
The rollout went nicely and quickly.
Ansible is "geil"
#BSI WID-SEC-2024-3404: [NEU] [UNGEPATCHT] [mittel] #Ansible-Core: Schwachstelle ermöglicht Codeausführung
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Ansible, Red Hat Ansible Automation Platform und Red Hat Enterprise Linux ausnutzen, um beliebigen Code auszuführen oder um Sicherheitsmaßnahmen zu umgehen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3404