Push vs pull paradigm

[SFT-]

I really like the push aspect of Ansible for those times when a change needs to happen immediately.  I would like to also ensure compliance across system without having to manually push all the time.  What are others doing for this scenario?  ansible-pull looks interesting and I'll be investigating it, but it seems on the surface that you'd end up maintaining a large number of <hostname>.yml playbooks.  I could also run ansible-playbook on a cron on a "master" server.

Any thoughts on how others have approached this?  Is this why some are still using puppet or chef in addition to Ansible?

Steve

[Brian Coca]

For ansible-pull, the file can be named local.yml or localhost.yml
which does not represent the targeted hosts, that is in the - hosts:
clause of each play (which ansible-pull will limit to the current host
by matching 'localhost' or the 'fqdn'.

This allows you to have a single file and then run it against all
hosts, which will run the plays into which the host matches
name/groups as defined in inventory.

> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/a4c49e1b-49a1-4104-83f2-72129bb51786%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



--
Brian Coca

[SFT-]

That makes much more sense.  Thank you for clearing that up.  I'll do some testing and see if ansible-pull alone will meet my needs.