[chef] Ideas for using Chef across VPN


Chronological Thread 
  • From: Dmitry V'yal < >
  • To:
  • Subject: [chef] Ideas for using Chef across VPN
  • Date: Sun, 16 May 2010 15:25:04 +0400
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=gF3/Eorxx8RkDtFhKZNJSqw/A7ATq1sVMlnFxg/Kpa50VWivDmTdreNtfSCgr1OtIx sGabxG6dRcbwve38S7FOCOgK5pNkbpLEbkdkVpuqpDfKIosQY2pr6YZDMEXmDftZvc2V f2sA2UaJupA1lm5BRQhqlJZI4YtsWBpDtfIAA=

Hello chef-list,

I administer several geographically separated workstations which are hidden behind NATs. Currently we're working through OpenVPN with a server on a VPS which is used as web hosting and mail server, which I want to configure with Chef too.

I have some ideas about using chef-solo to bootstrap chef-client and OpenVPN client on the workstations but I'm interesting in comments from more experienced chef users.

Is it a feasible idea? How best to manage openvpn keys?

Another question what bothers me, is where to place the chef-server. We don't have a separate host for it and seems to me it's better not to combine server with a client doing something useful. Would it be a good solution to have it as a guest os in VirtualBox on one of workstations? Is it required that chef-server is online 24/7 or it can be activated only then something in configuration changed?

As a newbie I have many more questions, but these are most urgent. Thanks for attention.

Best wishes,
Dmitry



Archive powered by MHonArc 2.6.16.

§