Re: [ovirt-devel] Firewalld migration.

--4pdsjT4L2os85dEm9kquOeQ6Ptg5l9wSs Content-Type: multipart/mixed; boundary="vlCuSqbaLt9KI0wGL5rPUod0kVrUpQ1xE"; protected-headers="v1" From: Sven Kieske <s.kieske(a)mittwald.de&gt; To: devel(a)ovirt.org Message-ID: <9f5a0933-a32b-be8f-e33b-5e11571f70b7(a)mittwald.de&gt; Subject: Re: [ovirt-devel] Firewalld migration. References: <CA+mNUtDjTH31=qb-FyTUjO0LdMW9y0kSmqizG2Pq=HnBukns1g(a)mail.gmail.com&gt; <CAJ_kCt5kvevgcrcBGi_RqMPgkS1TC-9C2v_1qBtyQZpGuiPAhQ(a)mail.gmail.com&gt; <CA+mNUtDLz9_D4r5L_BU_oRcyhhrc2DL=1h5WPCbWqUbLRL8xfA(a)mail.gmail.com&gt; <CAJ_kCt7qjwLy+T90X_wHscqTAh-z0=t+YHCJGm0ssk=i3bC4AQ(a)mail.gmail.com&gt; <CAHRwYXtr7TJZ1-CACgdJ1H2ANO=6oMujar7C3rsfNYnvQWiGmA(a)mail.gmail.com&gt; <CA+mNUtDUb8RdbGgmZj0w0SXvav4+RGX_Qys5EhN-Ff=0kLS-=g(a)mail.gmail.com&gt; <CAHRwYXuMxbHNYMcfBLDG0sVR1rpcsij4TG0p_3CjreGMXuGwqw(a)mail.gmail.com&gt; <CA+mNUtBLPGdqR4M=yrh772F=UXj9bK+1hGfeGxunfMHnq3PecA(a)mail.gmail.com&gt; <CAHRwYXv+wJwhHzMfVN3sgJ=VeDHOgL48tKYjSe6rhF4EyTQGEg(a)mail.gmail.com&gt; <CA+mNUtA=xD=7x+CVme2pRpf07-Ta=K9M6b3SooMiiTBDMkL2ag(a)mail.gmail.com&gt; <CAF0zDV6K4E+eBf6hzLXh5GUXO9H8F3cJkzDWx5879A3mHp64OA(a)mail.gmail.com&gt; <CALmkdFRtrtCLj4g_=S_6yjz6Vegx4Y--yw2eGuo1net5AhsSeg(a)mail.gmail.com&gt; <CAF0zDV6v1DYCmdniaVzbhOZy1bnzh0fNnTFHCkd1vAn_jwnyTg(a)mail.gmail.com&gt; <CAJgorsauFKOpF2iCuxTXhaPAQM5AY9_T_bR+APV75iRO81PPrg(a)mail.gmail.com&gt; <CAF0zDV6f38_7EwRE6nNb1WXHrAk7OEZv=wA3btvrdrBtQx3FCg(a)mail.gmail.com&gt; In-Reply-To: <CAF0zDV6f38_7EwRE6nNb1WXHrAk7OEZv=wA3btvrdrBtQx3FCg(a)mail.gmail.com&gt; --vlCuSqbaLt9KI0wGL5rPUod0kVrUpQ1xE Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 28/03/17 17:58, Martin Sivak wrote: +1 but some drawback (actual ansible user here): you in fact need _some_ libs on the managed hosts for certain ansible features to work (e.g. if you want to respect selinux settings on the host), so you would also need to provide these or list them as prerequisites. I understand ovirt can't just provide config mgmt solutions for every tool out there (puppet, chef, ansible, saltstack, etc.). the best approach would be, if it is pluggable, like foreman did this with it's smart proxys and plugins: https://theforeman.org/plugins/ so you could provide a plugin infrastructure and maybe write the ansible integration yourself and the community can add their own plugins like puppet or chef modules at will. If they mature enough you could even ship those (optional). I really think there would be some value in this, because many small deployments use tools like puppet or ansible, while these do not scale well for large environments, where you tend to have things like salt or chef. PS: if you want to annoy some users you could even declare a hard dependency on foreman and use foreman for the host deployment (a tool that's actually written for exact this scope), others might find this higher integration nice. I'm not sure if I would like it or not. --=20 Mit freundlichen Gr=FC=DFen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH & Co. KG K=F6nigsberger Stra=DFe 6 32339 Espelkamp T: +495772 293100 F: +495772 293333 https://www.mittwald.de Gesch=E4ftsf=FChrer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhause= n Komplement=E4rin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynha= usen --vlCuSqbaLt9KI0wGL5rPUod0kVrUpQ1xE-- --4pdsjT4L2os85dEm9kquOeQ6Ptg5l9wSs Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" --4pdsjT4L2os85dEm9kquOeQ6Ptg5l9wSs--