On Friday, July 26, 2013, Charles Sprickman wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">On Jul 25, 2013, at 7:03 PM, Bob Ippolito wrote:<br>
<div><br><blockquote type="cite"><div dir="ltr">I started playing around with Ansible yesterday. I like it so far (compared to prior experience with Puppet). Haven't tried to do BSD-centric things with it, but seems easy enough to extend if you need to. I looked at SaltStack as well, but the fact that they decided to build a broken cryptosystem themselves worries me. I have heard good things about it otherwise.</div>
</blockquote><div><br></div><div>Can you elaborate on that last part?</div><div><br></div><div>Is it this issue?</div><div><br></div><div><a href="https://github.com/saltstack/salt/issues/2239" target="_blank">https://github.com/saltstack/salt/issues/2239</a></div>
<div><br></div><div>In my use case, that's not a likely threat, but for those using it to manage multiple locations over a public network or to manage things in "the cloud" I imagine it's more problematic.</div>
<div><br></div><div>Charles</div></div></div></blockquote><div><br></div><div>It's an example of bad decision making to try and build your own crypto system without the right expertise. Even with the right expertise, it's probably still a poor decision.</div>
<div><br></div><div>You're right that it's not <span></span>a "likely threat" to get attacked even if there's no transport security at all, but that's not a good excuse these days. </div><div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><br><blockquote type="cite">
<div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jul 25, 2013 at 3:55 PM, Bill Totman <span dir="ltr"><<a href="javascript:_e({}, 'cvml', 'billtotman@billtotman.com');" target="_blank">billtotman@billtotman.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div>On 7/25/13 6:49 PM, "Pete Wright" <<a href="javascript:_e({}, 'cvml', 'pete@nomadlogic.org');" target="_blank">pete@nomadlogic.org</a>> wrote:<br>
<br>
<br>
>On 07/25/13 15:43, Charles Sprickman wrote:<br>
>> While looking through the wikipedia list of configuration management<br>
>>software[1], I noticed a few new entrants that appear to have some<br>
>>momentum, Ansible[2] and SaltStack[3]. Both appear to have a fair<br>
>>amount of support for the *BSDs. Both are python based.<br>
>><br>
>> For example, looking at SaltStack's list of modules[4], I see support<br>
>>for lots of FreeBSD features: using pkgng (like full support - upgrading<br>
>>a package, fetching current package options, making a backup of an<br>
>>installed package), poudriere (trigger a bulk build, list/create jails<br>
>>and ports trees), and jails.<br>
>><br>
>> Anyone here use either of these? Ideally I'd like something a bit<br>
>>lighter, but SaltStack is intriguing so far. I also need to see what<br>
>>Puppet currently looks like, but the few BSD-centric reviews I've seen<br>
>>of SaltStack and Ansible both note that support for at least FreeBSD is<br>
>>better than in Puppet-land and that both projects are happy to take<br>
>>patches.<br>
>><br>
><br>
>I am a pretty big fan of Ansible - and the primary dev behind it was<br>
>also they guy responsible for cobbler and func (and worked at puppetlabs<br>
>in a key position for a while as well).<br>
><br>
>i've been a long time user of cobbler and func in small and *very* large<br>
>environments and have been quite happy with the quality of code and its<br>
>extensibility. ansible seems to have the same DNA and community that<br>
>was built around cobbler, so i strongly suggest giving it a serious look.<br>
><br>
>-p<br>
><br>
><br>
>--<br>
>Pete Wright<br>
><a href="javascript:_e({}, 'cvml', 'pete@nomadlogic.org');" target="_blank">pete@nomadlogic.org</a><br>
>twitter => @nomadlogicLA<br>
><br>
>_______________________________________________<br>
>talk mailing list<br>
><a href="javascript:_e({}, 'cvml', 'talk@lists.nycbug.org');" target="_blank">talk@lists.nycbug.org</a><br>
><a href="http://lists.nycbug.org/mailman/listinfo/talk" target="_blank">http://lists.nycbug.org/mailman/listinfo/talk</a><br>
<br>
<br>
</div></div>The May NYC*BUG was about Ansible (it was very good by way):<br>
<br>
<a href="http://www.nycbug.org/?action=home&id=10335" target="_blank">http://www.nycbug.org/?action=home&id=10335</a><br>
<span><font color="#888888"><br>
<br>
<br>
-bt<br>
</font></span><div><div><br>
<br>
_______________________________________________<br>
talk mailing list<br>
<a href="javascript:_e({}, 'cvml', 'talk@lists.nycbug.org');" target="_blank">talk@lists.nycbug.org</a><br>
<a href="http://lists.nycbug.org/mailman/listinfo/talk" target="_blank">http://lists.nycbug.org/mailman/listinfo/talk</a><br>
</div></div></blockquote></div><br></div>
_______________________________________________<br>talk mailing list<br><a href="javascript:_e({}, 'cvml', 'talk@lists.nycbug.org');" target="_blank">talk@lists.nycbug.org</a><br><a href="http://lists.nycbug.org/mailman/listinfo/talk" target="_blank">http://lists.nycbug.org/mailman/listinfo/talk</a><br>
</blockquote></div><br></div></blockquote>