On 28/12/2011 17:11, Nick Anderson wrote: > On 12/28/2011 10:12 AM, Michael Gliwinski wrote: > >> Wouldn't that also be a problem for single cfengine "master" server (i.e. cf- >> serverd)? > Yes it would, but the nature of cfengine makes it easy to have multiple > masters, having multiple replica version control servers usually isn't > so easy. > > Just something to be aware of, also I have no evidence but I suspect > that a single cfserverd could handle serving files for more clients than > a similar version control server. > > I like checking directly out of version control, but i just dont think > it would be appropriate for _all_ of my clients to do that. I know > others do, I think Aleksey does it that way. > I've seen an implementation where the promises were fetched from the policy server, and each nodes (policy server *included*) had several git repositories for the folders that were to be checked. A tripwire was made on the .git folders, checking each commit of the git A Nagios probe would check the git status, detecting everychange in the files The .git folders were cross-checked between each nodes
It could be a bit of an overkill, but mixing this with several policy servers, nodes that would randomly fetch promises from one of these (so that if a policy server is compromised, other might serve good data), a git that watch the /var/cfengine/inputs folder on each policy server and a nagios probe that would check the /var/cfengine/inputs/.git; a tripwire on this folder, and a comparision of the content of this folder between each node would make it harder to compromise the system However, you'll have to live with enormous amount of alert when you change your promises, probably letting you disregard most alerts and failing to see some important stuff Nicolas _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
