Ansible

Perf
Gathering facts is expensive
If you can skip this step, do so
I have a couple plays that looks at memory
Think about tuning the number of forks
5 is the default
Too many doesn't work (kinda heavy weight)
25-50 is probably good for a dedicated ansible server
5-25 for a dev machine
Use scp (default is sftp)
Increase ControlPersist (default 60s)

Sample ansible.cfg
[default]
gathering = smart
gather_subset = min
fact_caching = jsonfile
fact_caching_connection = ~/.ansible/cache
fact_caching_timeout = 3600
forks=50

[ssh_connection]
pipelining = True
scp_if_ssh = True
ssh_args = -C -o ControlMaster=auto -o ControlPersist=15m
Python3 is better than python2

Cloudflare

I’m looking into Cf for work. Beefing up our app’s edge in a bunch of ways is high up on our list of things to do this quarter: eg a web application firewall would be very nice, a cdn too for statics that we can purge (our frontend will soon be getting an upgrade to a fancy modern javascript framework – vuejs – which will make a purge button less important but for now we need one :)), ddos mitigation, etc. Yes. This will be most excellent to get started with.

Notes

Security

Feature nameDescription
Rate limiting
Monitoring
Cost
Threat protection
Web application firewall
SSL / TLS
DDoS protection

Performance

Feature nameDescription
Cdn
Load balancing
CachingHow is this different from the Cdn?
Resource optimizationsImage optimization
Mobile optimization

I’ll do a bit of digging into each of those Cf platform capabilities next. It seems bloody incredible!