New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Ansible doesn't need a host installed on your boxes. Just install it on your computer, indicate the boxes' IPs, and that's it.
I'm aware, thanks. I was asking about the Ansible admin node. Interested in running it on a low end ARM dedi as opposed to a VPS.
I see. I was checking the PyPi record for dependencies and saw PyYAML and pycrypto to be the only ones with C bindings (everything else are pure Python so they should work).
If they failed installing via
pip
, trysudo apt-get install python-crypto python-yaml
Am I to take it nobody has had the idea of running Ansible on such low end dedicated server - as opposed to a VPS - for the extra security...? Really?
I run my ansible scripts from my home, via ssh to a raspberry pi which is also here working as a router.
Same here, I run ansible from my workstation laptop (playbooks in git) but use it to control Debian VPSs and a RPi. Agreed that the ansible server (i.e., its private ssh key) is very important, as it has root on every box it manages.
So you run Ansible on your home system to control your Raspberry PI - you do not use the RPI to run Ansible to control other boxes...? Have I got that right? I'm looking for someone who has actually installed and runs Ansible on an RPI as the master/controller.
I agree that running Ansible on a home system/laptop is safest. However, I'm interested in a solution that will be online 24/7 supervising dozens if not 100's of remote hosts and able to react to events/downtime in real time. IMHO a home system does not qualify. I'm looking for a low end dedicated solution and thought of using a RPI (or Odroid C1+ more likely).
Go get a Scaleway server for a couple of hours and test it.
...but a $25 board running off a thumb drive does? ;-)
Point taken However, you left out a very important part of my last post: "...or Odroid C1+ more likely". It's a $37 board, running with eMMC flash storage. Here are the specs:
http://www.hardkernel.com/main/products/prdt_info.php?g_code=G143703355573
EDIT: I mentioned Rpi only because it's more popular and more likely someone here might have used it for such a project. So far, no such luck...
...which changes nothing. You're saying you want to manage a network of 100s of hosts using a $25 board running on a photo card.
How can that even sound like a good idea?
Nothing wrong with RPi/Odroid/BeagleBone/Soekris/etc. - love those little boxes. But I don't agree that my home PC is less reliable. Seems to me:
If you want to be cheap yet secure, host it at home. It's ansible - who cares if your home network is down for 15 minutes. Or two hours. The point is configuration management, not second-by-second monitoring.
If you need to have true enterprise-grade ansible, then either buy a proper dedicated server, or relax your security slightly and host at AWS/Azure/etc.
Running off an RPi or Odroid might be slightly more secure but you're not really getting #2.
Well, while I agree there are situations, where size matters, this is not one of them
>
>
Two problems with that. One: as I have already mentioned before, my use case includes minute-by-minute monitoring and Ansible reacting to events in real time. Two: for reasons I can't go into here, this has to be hosted in a datacenter scenario.
>
Point taken. Except that, as already mentioned in my OP, I'm looking for a "low end dedicated solution" and not enterprise grade.
From my experience the RPi is not reliable or performant enough to be managing 100s of hosts. A VM on my local desktop has been far more reliable and secure. Performance is only so-so
Sorry that I confused you. Yes, I login to my rpi via SSH, and use it as a master to control other hosts.
It is just python stuff, it should work just fine like any x86. And the heavy lifting happens in the remote nodes, not in the master, which just sends ssh commands there. But maybe it depends on how many hosts you need to manage at the same time.
Perfect That's exactly what I wanted to know, thank you!