« Previous 1 2 3
DebOps delivers easy Ansible automation for Debian-based systems
Pre-Assembled
Secure Repository
The developers maintain the DebOps tools, as well as the corresponding playbooks, on GitHub [8]. The DebOps team initially consisted of just a handful of people, and because they all had some kind of relation to Debian, they were quite open to collaboration with other developers.
The developers were well aware of the need for security: If you want to check your own code into the GitHub directories, you first need to sign it using GPG. Only appropriately signed code can move into the GitHub directory. The project developers closely monitor the GPG keyring in which the keys are listed.
Basically, the creators have copied the workflow that Debian uses for its own packages: With Debian, only developers whose GPG key is included in the Debian keyring are allowed to upload new packages to the official Debian archive. To join up as a Debian developer or as a package maintainer, you need to add your own GPG key to the corresponding keyring.
The reliability of DebOps is thus similar to that of Debian: An attacker who gains access to the GPG key of an approved developer could theoretically cause a large amount of damage on the target systems, but if you rely on Debian or Ubuntu anyway, DebOps does not increase the risk.
Conclusions
DebOps takes a clever approach: After you install a system with the DebOps tools, you can quickly configure it to host a database, web server, or monitoring server. The prefabricated Ansible roles are extremely useful because they save you from the need to invest a large amount of time in writing your own roles.
The fact that DebOps is not totally intuitive spoils some of the fun. Another issue is, if you have never dealt with Ansible, you will need to plow through many pages of documentation to understand DebOps. DebOps provides good start-up support, but it ultimately does not avoid the need for administrators to establish their own Ansible expertise.
If you are looking for fast automation for Debian or Ubuntu, give the DebOps automation system a try.
Infos
- LPI: http://www.lpi.org/devops
- DebOps: https://debops.org
- Getting Started guide: https://docs.debops.org/en/latest/debops-playbooks/docs/guides/getting-started.html
- Ansible packages: http://docs.ansible.com/ansible/intro_installation.html
- pip: https://pypi.python.org/pypi/pip
- ferm: http://ferm.foo-projects.org
- debops-padlock documentation: https://docs.debops.org/en/latest/debops-tools/docs/scripts/debops-padlock.html
- DebOps on GitHub: https://github.com/debops/debops/
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)