chef - [chef] RE: Re: Chef Node Access to Server via Relay Machine

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] RE: Re: Chef Node Access to Server via Relay Machine

From: Kapil Shardha < >
To: " " < >
Subject: [chef] RE: Re: Chef Node Access to Server via Relay Machine
Date: Sat, 12 Jul 2014 02:07:34 +0000
Accept-language: en-US

Thanks for the suggestion. I am aware of the proxy settings but in this case,
setting up a proxy may or may not be allowed (due to some constraints).

That is why I wanted to discuss and learn about some alternate solution.

I forgot to mention one point in my suggested approach. I will have to
consider allowing/adding routes for other  URLs if I would be using some
community cookbook where the files etc are hosted on AWS.

Thanks

-Kapil

-----Original Message-----
From: Julian C. Dunn
[mailto:

Sent: Friday, July 11, 2014 5:16 PM
To:

Subject: [chef] Re: Chef Node Access to Server via Relay Machine

Why not just set up a proxy server between the Chef server and the node under
management? Chef Client can connect to the Chef Server via a HTTP proxy.

- Julian

On Fri, Jul 11, 2014 at 4:58 PM, Kapil Shardha
< >
wrote:
> Hi,
>
>
>
> In the Chef requirement doc
> (http://docs.opscode.com/chef_system_requirements.html) , it is
> mentioned that each node and workstation must have access to the Chef
> Server via HTTPS.
>
> I have a scenario where a chef node is in an isolated network and does
> not have direct connection/ access to internet. In this scenario the
> Chef Server is hosted outside this network and is accessible over the
> internet. The same network has another machine that can connect to the
> internet. Is there a way to configure chef-client on the node to
> connect to chef-server via the machine that can access internet, as a relay
> machine?
>
>
>
> If not, I was thinking of following configuration and before I test it
> out, just want to get some input from others:
>
>
>
> 1.       Configure static mapping of Chef-server IP-URL in Hosts file (node
> is running Windows OS)
>
> 2.       On the node, create a static route for Chef-server IP with internet
> accessing machine as the Gateway.
>
>
>
> Do you see any issues with this setup?
>
>
>
> Thanks
>
>
>
> -Kapil
>
>
>
>

--
[ Julian C. Dunn
< >
          * Sorry, I'm    ]
[ WWW: http://www.aquezada.com/staff/julian    * only Web 1.0  ;]
[ gopher://sdf.org/1/users/keymaker/           * compliant!    ;]
[ PGP: 91B3 7A9D 683C 7C16 715F 442C 6065 D533 FDC2 05B9       ]

[chef] Chef Node Access to Server via Relay Machine, Kapil Shardha, 07/11/2014
- [chef] Re: Chef Node Access to Server via Relay Machine, Julian C. Dunn, 07/11/2014
  - [chef] RE: Re: Chef Node Access to Server via Relay Machine, Kapil Shardha, 07/11/2014
    - [chef] Re: RE: Re: Chef Node Access to Server via Relay Machine, Noah Kantrowitz, 07/11/2014
      - [chef] Re: Re: RE: Re: Chef Node Access to Server via Relay Machine, Tensibai Zhaoying, 07/12/2014
        
        [chef] Re: Re: Re: RE: Re: Chef Node Access to Server via Relay Machine, Noah Kantrowitz, 07/12/2014
        
        [chef] Re: Re: Re: Re: RE: Re: Chef Node Access to Server via Relay Machine, Tensibai Zhaoying, 07/12/2014
        
        [chef] Re: Re: Re: Re: Re: RE: Re: Chef Node Access to Server via Relay Machine, Noah Kantrowitz, 07/12/2014
        [chef] Re: Re: Re: Re: Re: Re: RE: Re: Chef Node Access to Server via Relay Machine, Tensibai Zhaoying, 07/13/2014
        
        [chef] Re: Re: Re: Re: Re: Re: RE: Re: Chef Node Access to Server via Relay Machine, Julian C. Dunn, 07/14/2014
        
        [chef] Re: Re: Re: RE: Re: Chef Node Access to Server via Relay Machine, Mike Thibodeau, 07/12/2014
    - [chef] Re: RE: Re: Chef Node Access to Server via Relay Machine, JOHN HASTY, 07/14/2014