Hi all, I have two questions related to Ansible (I just learn a bit about it): How do you compare a status of a deployed system with the "latest standard" and upgrade when needed? E.g. you have a line added for Ciphers in ssh.config and have to make sure all already deployed systems have this check applied. Even if there are local changes in this config (let's say, for the sake of demonstration, every VM has the IP Address somewhere mentioned in this config) so it is more than just a simple diff between standard and config on a deployed system. In "my former life" I used a very much Ansible-like approach for FreeBSD systems (templates, well-defined package lists, configuration scripts for deployed packages, and access via ssh) But it all was done via shell scripts. I used svn to update configurations(svn mainly because it is part of the FreeBSD base system). If there were no local changes, the config would be a symlink to the svn version, otherwise I would have a script which would write the local config from a template (which may have a ${IP} in it, e.g.) The check would be done via svn revision number. Puppet has the ability to detect necessary changes but it is running a local agent. I cannot find the "Ansible way" of doing this. [But, actually, I tend more and more to "throw away" containers when upgrading. Installing a new version side by side and then replace the old with the new container.] Second, has Ansible a way of replacing ssh by something else (e.g. to access a FreeBSD jail from the host system via jexec)? Regards Peter