> [...], but I DO like that it eases and therefore promotes IaC, > programmatic configuration.
That's exactly what I don't like about it. It leads, fairly directly, to admins who don't really understand their systems. This is fine (well, -ish) as long as all goes well, but it falls over catastrophically when things break. Fujinaka-san concretized it well: > WHICH ONE OF THESE *%*( FILES IS THE ONE I NEED TO EDIT TO GET SSH > WORKING AGAIN? ALL OF THEM? $*%)()!!! This, of course, is not an issue if the admin really understands the setup - but it will, sooner or later, become an issue if not. Of course, any setup can ultimately be understood. But the more complexity there is, the harder that is to do; and the more automation is provided by someone else, the more it encourages administration without understanding - in extreme cases it actively obstructs administration *with* understanding. (While I haven't seen it often, I have seen people asking about underlying mechanisms answered with, basically, "just use the automated tool". While there is a place for automation, using it as a substitute for understanding is, in my opinion, a disaster in the making.) /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
