help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: running cfengine across firewall


From: Tim Nelson
Subject: Re: running cfengine across firewall
Date: Tue, 1 Feb 2005 10:57:05 +1100 (EST)

On Mon, 31 Jan 2005, Tim Nelson wrote:

On Sun, 30 Jan 2005, Russell Adams wrote:

Perhaps we should compare notes. ;]

Then again, I should clarify. I only use rsync/ssh to transfer data
back from my hosts, not to copy to them.

Updates via rsync/ssh is a push type of solution, which I experimented
with only briefly. I preferred pull vs push, and worked out another
method using signed, per-host tarballs on a webserver.

I agree that pull is better, but I didn't want to open my firewall :). So I used push in this one case.

Just to clear things up, I had two cfengine servers. Internal pushed to external, and internal clients pulled from internal server, and external clients pulled from external server (via cfengine, which I trust almost as much as ssh). But I wasn't getting data back (that could've been done by a pull from the server), I was distributing configs.

        HTH,

--
Tim Nelson
Server Administrator
WebAlive Technologies Global
Level 1 Innovation Building, Digital Harbour
1010 LaTrobe Street
Docklands, Melbourne, Vic, 3008
Phone: +61 3 9934 0812
Fax: +61 3 9934 0899
E-mail: tim.nelson@webalive.biz
http://www.webalive.biz/

"Your Business, Your Web, Your Control"



reply via email to

[Prev in Thread] Current Thread [Next in Thread]