sure I did, my main point is that it could be integrated withing puppet without using additional tools...
On Mon, Apr 6, 2009 at 9:50 PM, Marcus Vechiato <vechi...@gmail.com> wrote: > > Ohad, > > Did you see func ? https://fedorahosted.org/func/ > > []s > > On Sat, Apr 4, 2009 at 3:45 AM, Geoff Newell <geoffnew...@gmail.com> > wrote: > > We use something similar. All our servers have the UCE agent installed. > So > > we can initiate a puppetd run via UCE when required for > > 1. Reporting > > 2. Urgent updates > > 3. Standard updates. > > And UCE is ratified by our security bods. Sure UCE is clunky but you have > to > > use the tools you've got. > > > > Geoff. > > On 3 Apr 2009, at 05:42, Ohad Levy <ohadl...@gmail.com> wrote: > > > > > > > > On Thu, Apr 2, 2009 at 11:51 AM, chakkerz <chakk...@gmail.com> wrote: > >> > >> > >> for hosts in `puppetca --list --all | grep ^+ | cut -d ' ' -f 2` > >> do > >> ssh $hosts sudo puppetd -vt > >> done > > > > > > sure, I know / do this, but I though that one of the goals of puppet is > to > > avoid ssh and a for loop.... > > but seriously, what happens if ssh doesn't work? ( I mean, usually you > need > > push when something is broken) > > > > or you need to deploy something only on a subset of machines, restart a > > service, or whatever? > > > >> > >> but a push architecture is significantly more security vulnerable... > >> on the bright side though, if your central configuration host is > >> compromised, it being able to ssh to hosts is the least of your > >> worries (why attack individual hosts if you have the master key?) > > > > why care about the master key when you can simply change the puppet > manifest > > ? ;) > >> > > > > Ohad > > > > > > > > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
