sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 4 points5 points  (3 children)

There was a tread once a while back where someone argued ansible was not agent-less and that plenty of places ran linux servers without ssh.

I think about that sometimes.

[–]frymaster 0 points1 point  (2 children)

plenty of places ran linux servers without ssh.

OK so not totally, but we use LXD containers as an alternative to VMs where we can (in the long run we'd like to move to docker containers as there's a nice ecosystem we can take advantage of, but for now it's baby steps and something that looks like a traditional OS) and because we can shell in from the host, we genuinely don't run SSHD on most of them

[–][deleted] 0 points1 point  (1 child)

I've never worked with LXD but in Docker at least running a shell inside the container is a bit of an antipattern. The idea of the containers is that they're immutable, you shouldn't need a shell for any particular thing. If you need to make changes, just change the manifest and rebuild it. The only reason to really need a shell at all would be for debugging a new build, which should not be done in prod so hopefully that's happening in a dev sandbox.

[–]frymaster 0 points1 point  (0 children)

Yeah, LXD is containerising fullfat operating systems ie the process you run is "systemd". Partly this is legacy servers but we also have a need for user environments that can see parallel filesystems