ansible-for-devops | Ansible for DevOps examples | DevOps library
kandi X-RAY | ansible-for-devops Summary
kandi X-RAY | ansible-for-devops Summary
This repository contains Ansible examples developed to support different sections of Ansible for DevOps, a book on Ansible by Jeff Geerling. Most of the examples are full-fledged VM examples, which use Vagrant, VirtualBox, and Ansible to boot and configure VMs on your local workstation. Not all playbooks follow all of Ansible's best practices, as they illustrate particular Ansible features in an instructive manner. For more interesting examples of what you can do with Ansible, please see the Ansible Vagrant Examples repository, and browse through some of geerlingguy's roles on Ansible Galaxy.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Returns the inventory of the environment .
- Initialize the inventory .
- Read the CLI arguments .
- Return an empty inventory .
ansible-for-devops Key Features
ansible-for-devops Examples and Code Snippets
Community Discussions
Trending Discussions on ansible-for-devops
QUESTION
I'm using Nginx as a reverse proxy on an EC2 in the private subnet. In the public subnet, I created an ALB and also created an ACM for domain proxy.mydomain.test
.
The LB's target group is using 443 port with HTTPS protocol. The LB's listener is also using the 443 port and HTTPS protocol, even ELBSecurityPolicy-2016-08
ssl policy and ACM's certificate arn. It's action is using forward
.
The LB's listener rule's action is also forward
with host_header
condition. Its value is the full domain proxy.mydomain.test
.
The Nginx proxy server's duty is to point to the ELB endpoint in the internal subnet which serving an another service. So it maybe should use proxy_pass, then I think the /var/www/html isn't necessary.
So about the Nginx in the EC2, is it necesary to create a self signed cert?
And, in the server listen config of Nginx, use 80 or 443 to catch the inbound?
...ANSWER
Answered 2021-Sep-25 at 07:39This is up to your architecture.
- If your
NGINX proxy
is the public endpoint, it must have SSL certificate. - If your
Load Balancer
is the public endpoint, it must have SSL certificate.
At this case, your Load Balancer
is internal config which only allows internal VPC access so HTTP traffic (over port 80) is enough. But for best practices, you can enhance security at any layers and make them HTTPS which is encouraged.
For security reasons, for the public endpoint, we usually configure to redirect traffic from port 80 to port 443.
Reference: https://linuxize.com/post/redirect-http-to-https-in-nginx/
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install ansible-for-devops
You can use ansible-for-devops like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page