It makes me think about an old term: managed nodes, where client on the node is not possible for different reasons.
The main idea is box A run chef with ohai from box B got by ssh or other mean, converge localy and do the necessary changes by the same way.
Would be useful for dmz boxes, switches, and probably others I don't think of.
Is the managed node still on the chef roadmap or is it something to be created from scratch ?
---- Noah Kantrowitz a écrit ----
> What you are describing is a proxy, so if a proxy is disallowed you can't do that either.
>
> --Noah
>
> On Jul 11, 2014, at 7:07 PM, Kapil Shardha <
">
> wrote:
>
> > Thanks for the suggestion. I am aware of the proxy settings but in this case, setting up a proxy may or may not be allowed (due to some constraints).
> >
> > That is why I wanted to discuss and learn about some alternate solution.
> >
> > I forgot to mention one point in my suggested approach. I will have to consider allowing/adding routes for other URLs if I would be using some community cookbook where the files etc are hosted on AWS.
> >
> > Thanks
> >
> > -Kapil
> >
> >
> > -----Original Message-----
> > From: Julian C. Dunn [mailto:
">
]
> > Sent: Friday, July 11, 2014 5:16 PM
> > To:
">
> > Subject: [chef] Re: Chef Node Access to Server via Relay Machine
> >
> > Why not just set up a proxy server between the Chef server and the node under management? Chef Client can connect to the Chef Server via a HTTP proxy.
> >
> > - Julian
> >
> > On Fri, Jul 11, 2014 at 4:58 PM, Kapil Shardha <
">
> wrote:
> >> Hi,
> >>
> >>
> >>
> >> In the Chef requirement doc
> >> (http://docs.opscode.com/chef_system_requirements.html) , it is
> >> mentioned that each node and workstation must have access to the Chef
> >> Server via HTTPS.
> >>
> >> I have a scenario where a chef node is in an isolated network and does
> >> not have direct connection/ access to internet. In this scenario the
> >> Chef Server is hosted outside this network and is accessible over the
> >> internet. The same network has another machine that can connect to the
> >> internet. Is there a way to configure chef-client on the node to
> >> connect to chef-server via the machine that can access internet, as a relay machine?
> >>
> >>
> >>
> >> If not, I was thinking of following configuration and before I test it
> >> out, just want to get some input from others:
> >>
> >>
> >>
> >> 1. Configure static mapping of Chef-server IP-URL in Hosts file (node
> >> is running Windows OS)
> >>
> >> 2. On the node, create a static route for Chef-server IP with internet
> >> accessing machine as the Gateway.
> >>
> >>
> >>
> >> Do you see any issues with this setup?
> >>
> >>
> >>
> >> Thanks
> >>
> >>
> >>
> >> -Kapil
> >>
> >>
> >>
> >>
> >
> >
> >
> > --
> > [ Julian C. Dunn <
">
> * Sorry, I'm ]
> > [ WWW: http://www.aquezada.com/staff/julian ; * only Web 1.0 ]
> > [ gopher://sdf.org/1/users/keymaker/ ; * compliant! ]
> > [ PGP: 91B3 7A9D 683C 7C16 715F 442C 6065 D533 FDC2 05B9 ]
Archive powered by MHonArc 2.6.16.