3eca1b5b77
This is backport combining the documentation changes applied master according to the queens blueprint "docs-improvements": * [Docs] Flatten out monitoring (cherry picked from commitebdd5759b1
) * [Docs] Move upgrade guides into ops (cherry picked from commit56194bcb5a
) * [Docs] Merge advanced configuration into reference (cherry picked from commitba7e064ef9
) * [Docs] Uniform landing text (cherry picked from commit134ec81016
) * [Docs] Move AIO to first scenario (cherry picked from commitdc8d6256ce
) * [Docs] Include test scenario as a new user story (cherry picked from commit3d76d5e2e2
) * [Docs] Fix references (cherry picked from commit1d47028911
) * [Docs] Move more examples to user guide (cherry picked from commit73c45a8108
) * [Docs] Move Ceph example to user guides (cherry picked from commitd27e329a5a
) * [Docs] Move network architecture into reference (cherry picked from commit99ca16e85e
) * [Docs] Centralize Inventory documentation (cherry picked from commiteb89fa513a
) * [Docs] Move limited connectivity to user guide (cherry picked from commitb6eb92beca
) * [Docs] Migrate security into user guide (cherry picked from commitf1a7525570
) * [Docs] Guide users more (cherry picked from commit99f4f17751
) * [Docs] Add explicit warnings on common mistake (cherry picked from commit41bd98385b
) Change-Id: I4b39f2a9f33eff7d0433a98a085cf4fd05cef75e
1020 B
1020 B
Apply ansible-hardening
The ansible-hardening
role is applicable to physical
hosts within an OpenStack-Ansible deployment that are operating as any
type of node, infrastructure or compute. By default, the role is
enabled. You can disable it by changing the value of the
apply_security_hardening
variable in the
user_variables.yml
file to false
:
apply_security_hardening: false
You can apply security hardening configurations to an existing environment or audit an environment by using a playbook supplied with OpenStack-Ansible:
# Apply security hardening configurations
openstack-ansible security-hardening.yml
# Perform a quick audit by using Ansible's check mode
openstack-ansible --check security-hardening.yml
For more information about the security configurations, see the security hardening role documentation.