Hi John, On 10/21/2011 12:13 AM Jon Davis wrote: > I have a numer of hosts in different locations I want to manage with > puppet. Can I set up my Puppet server to be publicly accessible, or is > this a horribly bad idea likely to end with a destroyed server?
what about establishing a VPN connection between your remote gateways instead of making your puppetmaster available to the outside world? As long as you don't need native throughput you should be fine using IPSEC. <paranoid> This way you would also take care of DDoS attacks while preventing any sort of profiling based on made connections to the puppetmaster. So basically nobody would know about the total number of hosts which might be keeping in sync with your site manifest ;) </paranoid> - Jan
signature.asc
Description: OpenPGP digital signature
