[Gluster-infra] Putting the netbsd builders in the ansible pool ?

Michael Scherer mscherer at redhat.com
Thu Jun 9 07:14:00 UTC 2016

Le jeudi 09 juin 2016 à 02:09 +0200, Emmanuel Dreyfus a écrit :
> Michael Scherer <mscherer at redhat.com> wrote:
> > I connected to it from rackspace and stopped rpcbind in a hurry after
> > being paged, but I would like to make sure that the netbsd builders are
> > a bit more hardened (even if they are already well hardened from what I
> > did see, even if there is no firewall), as it seems most of them are
> > also running rpcbind (and sockstat show they are not listening only on
> > localhost).
> I created minimal filtering rules in /etc/ipf.conf and restarted
> rpcbind. I did the same for  others NetBSD vm.

ok, great. I did it too for the freebsd builder. 

> > Emmanuel, would you be ok if we start to manage them with ansible like
> > we do for the Centos ones ? 
> I have no problem with it, but I must confess a complete lack of
> experience with this tool.

That's mostly deploy script with ssh. 
The only issue I face is that you flagged most of /usr as unchangeable,
and I do not know how cleanly it would be to remove the flags before
applying changes and apply that again with the current layout of our
ansible roles. But I will figure something out.

Michael Scherer
Sysadmin, Community Infrastructure and Platform, OSAS

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://www.gluster.org/pipermail/gluster-infra/attachments/20160609/6efd737d/attachment.sig>

More information about the Gluster-infra mailing list