Gathering facts is expensive
If you can skip this step, do so
I have a couple plays that looks at memory
Think about tuning the number of forks
5 is the default
Too many doesn't work (kinda heavy weight)
25-50 is probably good for a dedicated ansible server
5-25 for a dev machine
Use scp (default is sftp)
Increase ControlPersist (default 60s)

Sample ansible.cfg
gathering = smart
gather_subset = min
fact_caching = jsonfile
fact_caching_connection = ~/.ansible/cache
fact_caching_timeout = 3600

pipelining = True
scp_if_ssh = True
ssh_args = -C -o ControlMaster=auto -o ControlPersist=15m
Python3 is better than python2

Use ansible to update centos packages

List updates
> ansible -i "hosts / inventory file," all -m yum -a "list=updates"

Apply updates
> ansible -i "host / inventory file," all -m yum -a "name='*' state=latest"


I’m looking into Cf for work. Beefing up our app’s edge in a bunch of ways is high up on our list of things to do this quarter: eg a web application firewall would be very nice, a cdn too for statics that we can purge (our frontend will soon be getting an upgrade to a fancy modern javascript framework – vuejs – which will make a purge button less important but for now we need one :)), ddos mitigation, etc. Yes. This will be most excellent to get started with.



Feature nameDescription
Rate limiting
Threat protection
Web application firewall
DDoS protection


Feature nameDescription
Load balancing
CachingHow is this different from the Cdn?
Resource optimizationsImage optimization
Mobile optimization

I’ll do a bit of digging into each of those Cf platform capabilities next. It seems bloody incredible!