[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: running cfengine across firewall
|
From: |
Christian Pearce |
|
Subject: |
Re: running cfengine across firewall |
|
Date: |
Mon, 31 Jan 2005 08:34:53 -0500 |
Our product uses both approaches. If we need to get data from a client
back to a centralized server we use rsync of ssh.
If we need to get configs and binaries through a firewall we rsync push
them to a proxy node. This box can then handle all the traffic both
cfengine and rsync from the client inside that firewall. Then a
centralized server will copy all the data the clients pushed to the
proxy node.
It works out quite well.
On Sun, 2005-01-30 at 21:04, Russell Adams wrote:
> Perhaps we should compare notes. ;]
>
> Then again, I should clarify. I only use rsync/ssh to transfer data
> back from my hosts, not to copy to them.
>
> Updates via rsync/ssh is a push type of solution, which I experimented
> with only briefly. I preferred pull vs push, and worked out another
> method using signed, per-host tarballs on a webserver.
>
> Russell
>
> On Mon, Jan 31, 2005 at 12:02:47PM +1100, Tim Nelson wrote:
> > On Sat, 29 Jan 2005, Russell Adams wrote:
> >
> > >Hence I use rsync/ssh over an existing protocol. ;]
> >
> > That's what I was doing too. I generated different config files
> > for the internal and external networks (so that if anyone got into an
> > external machine, they wouldn't be able to see my internal config), and
> > then pushed the external version via scp.
> >
> > :)
> >
> > --
> > Tim Nelson
> > Server Administrator
> > WebAlive Technologies Global
> > Level 1 Innovation Building, Digital Harbour
> > 1010 LaTrobe Street
> > Docklands, Melbourne,
> > Vic, 3008
> > Phone: +61 3 9934 0812
> > Fax: +61 3 9934 0899
> > E-mail: tim.nelson@webalive.biz
> > http://www.webalive.biz/
> >
> > "Your Business, Your Web, Your Control"
> >
> -----------------------------
> Russell Adams
> RLAdams@AdamsInfoServ.com
> http://www.adamsinfoserv.com/
>
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://lists.gnu.org/mailman/listinfo/help-cfengine
--
Christian Pearce
http://www.commnav.com
http://www.perfectorder.com
- Re: running cfengine across firewall, (continued)
- Re: running cfengine across firewall, Russell Adams, 2005/01/30
- Re: running cfengine across firewall, Tim Nelson, 2005/01/31
- Re: running cfengine across firewall, Mark . Burgess, 2005/01/31
- Re: running cfengine across firewall, Russell Adams, 2005/01/31
- Re: running cfengine across firewall, Mark . Burgess, 2005/01/31
- cfengine - file copy, Sebastian Bickel, 2005/01/31
- Re: running cfengine across firewall, Christian Pearce, 2005/01/31
- Re: running cfengine across firewall, Mark McCullough, 2005/01/31
- Re: running cfengine across firewall, Tim Nelson, 2005/01/31
- Re: running cfengine across firewall, Tim Nelson, 2005/01/31
- Re: running cfengine across firewall,
Christian Pearce <=