#ansible (2019-04)

ansible

Discussions related to ansible configuration management

2019-04-16

oscarsullivan_old avatar
oscarsullivan_old
09:56:33 AM

Thoughts on skipping host checking in Ansible / SSH?

Inventories have host names which are on R53. Host checking adds a chance to see the hosts have maybe ‘maliciously’ changed IP in DNS… however with IaC the IPs change regularly so how could you tell the change was malicious.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
02:26:37 PM

Yea it’s impractical to use host checking on dynamic infrastructure

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
02:26:47 PM

Best to disable it in SSH config

1

2019-04-19

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
02:55:53 AM

https://github.com/adammck/terraform-inventory

adammck/terraform-inventory

Terraform State → Ansible Dynamic Inventory. Contribute to adammck/terraform-inventory development by creating an account on GitHub.

2
EdBizarro avatar
EdBizarro
02:14:59 PM

I use this on my projects, very useful

adammck/terraform-inventory

Terraform State → Ansible Dynamic Inventory. Contribute to adammck/terraform-inventory development by creating an account on GitHub.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
02:56:00 AM

@oscarsullivan_old stumbled across this by accident

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
02:58:12 AM

https://github.com/radekg/terraform-provisioner-ansible

radekg/terraform-provisioner-ansible

Marrying Ansible with Terraform 0.11+. Contribute to radekg/terraform-provisioner-ansible development by creating an account on GitHub.

2019-04-23

    keyboard_arrow_up