[chef] Re: Re: Ideas for using Chef across VPN

[Dmitry V'yal < >]

On 05/16/2010 05:33 PM, dreamcat four wrote:
> It seems a good point to start from.
>
> Its certainly possible to run a chef-server on some workstation which
> has good connectivity and is always on. It is important that the
> computer has enough spare memory for chef-server stack. I figure thats
> about 1-2 ruby processes (for merb), plus java and solr. Something
> like 200-400Mb RAM. Hosting inside a Virtual Machine will add a bit
> more RAM to those basic requirements.
>
> Of course the search index will be offline whenever chef-server is
> offline. If the search index matters, it depends for what reasons the
> search index is being used by the client nodes. That can come later
> on, and it doesnt really matter to begin with.

Can you please give an example of what it may be useful for? I'm still 
struggling with all the concepts and don't have a finished picture in my 
head.

> For the VPN, that seems better and more flexible than SSH tunnel. Some
> VPN providers like LogMeIn Hamachi are free to try out for
> non-commercial use, and will provide you a virtual VPN gateway server
> for your VPN hub. You are going to need to write some cookbook to
> setup the VPN software locally on your nodes. It should be well worth
> the time / effort. Such a recipe can be included for the chef-solo
> bootstrap run.

My plan was to bootstrap openvpn server along with the chef-client on 
the VPS and openvpn clients on the other hosts. After that I would be 
able to do the remaining configuration through chef-server.

> Be sure to go to chef irc channels for help / advice.

I'm already there. It's a very nice place with many helpful people I 
must say. The only problem is what probably most of them are inactive 
around midday gmt+4 then I'm cooking )