On 04/09/2020 20:10, SmootherFrOgZ wrote:
Agreed.
I've deployed this @work and it indeed is a useful network
inventory/management tools specifically for our hybrid infrastructure. I
mostly use the API feature to deal w/ it.
But this is to kept private to the world. I mean if you want to use it,
use it at its full potential, like you would need to rely on it for
every single features it provides, otherwise, it would make no sense and
cost you maintenance and SKUs.
So who would have access to it? I suppose the fi-apprentice team will be
left out until we "graduated" to a "trusted" team.
Also, there's no other auth method than LDAP (no Kerberos) and afaik,
you will have to impl on yourself the SAML plugin and make it work 🤷.
There have been a topic about it on their GitHub page a year ago.
Thanks for pointing this up.
If we use this tool as a "source of truth" (desired state vs
operational
state), the change flow should be:
1. Update the NetBox data to reflect the change
2. Change the Ansible code to make it so
When reviewing the Ansible code (roles/playbooks), if a discrepancy
between the Ansible tasks and the NetBox data is found, NetBox
should be
used as the correct one (because it's the intended config.) and the
Ansible tasks corrected.
We started writing an ansible plugin which can help dealing with thay
w/o having to worry about diff as your playbooks or tasks will gather
directly the info from netbox data. This means, you're onboarding a
dynamic inventory to you ansible config.
That sounds great!
I was thinking about this:
https://docs.ansible.com/ansible/latest/plugins/inventory/netbox.html
Are you using that or a custom inventory plugin?
_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx