[Gluster-infra] Putting the netbsd builders in the ansible pool ?
Michael Scherer
mscherer at redhat.com
Thu Jun 9 07:14:00 UTC 2016
Le jeudi 09 juin 2016 à 02:09 +0200, Emmanuel Dreyfus a écrit :
> Michael Scherer <mscherer at redhat.com> wrote:
>
> > I connected to it from rackspace and stopped rpcbind in a hurry after
> > being paged, but I would like to make sure that the netbsd builders are
> > a bit more hardened (even if they are already well hardened from what I
> > did see, even if there is no firewall), as it seems most of them are
> > also running rpcbind (and sockstat show they are not listening only on
> > localhost).
>
> I created minimal filtering rules in /etc/ipf.conf and restarted
> rpcbind. I did the same for others NetBSD vm.
ok, great. I did it too for the freebsd builder.
> > Emmanuel, would you be ok if we start to manage them with ansible like
> > we do for the Centos ones ?
>
> I have no problem with it, but I must confess a complete lack of
> experience with this tool.
That's mostly deploy script with ssh.
The only issue I face is that you flagged most of /usr as unchangeable,
and I do not know how cleanly it would be to remove the flags before
applying changes and apply that again with the current layout of our
ansible roles. But I will figure something out.
--
Michael Scherer
Sysadmin, Community Infrastructure and Platform, OSAS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://www.gluster.org/pipermail/gluster-infra/attachments/20160609/6efd737d/attachment.sig>
More information about the Gluster-infra
mailing list