- From: Noah Kantrowitz <
>
- To:
- Subject: [chef] Re: Chef and information security between nodes
- Date: Wed, 25 Apr 2012 12:14:02 -0700
On Apr 24, 2012, at 2:38 AM,
<
>
<
>
wrote:
>
Hello,
>
>
Thank you very much for your first answers !
>
>
A first feedback about them:
>
- we don't want to use chef-solo because we will loose the ability to search
>
information based on attributes ( for example, all machines with debian OS)
>
- we don't want to have several Chef servers because we have plan to
>
integrate
>
Chef with external applications and so we would have to go through several
>
Chef
>
servers in order to get information about our whole infrastructure
>
- it is planned that one of our manager will ask for a quote for the
>
"private
>
Chef" offering, but we guess that it will be close of Puppet Enterprise
>
prices,
>
so too expensive
>
>
Actually what we need is pretty close of the ACL system of Hosted Chef /
>
Private Chef, that's why we thought about customizing the code of the Chef
>
Server API for our needs.
The ACL system is very non-trivial to retrofit into the FOSS code (which is
why we haven't open-sourced it yet) and even that wouldn't filter the search
index. Basically you would have to rewrite multi-tennancy from scratch, which
would get you very little vs just using multiple orgs.
--Noah
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Archive powered by MHonArc 2.6.16.