post #1 of 1
Thread Starter 
I'm scoping out a personal project involving a number of low end Linux VPSs, and one of the items to be addressed is configuration management. I've been looking at the likes of Chef and Puppet; it would appear that these have servers/agents on the servers that need to be managed.

Obviously this isn't an issue on a local LAN (which is the scenario such software was designed for) but how would they perform over the public Internet? For security reasons, I wouldn't want them to leave an open server port for a configuration agent accessible over the Internet.

I wondering then if it would be better for each server to maintain a VPN connection back to a central VPN server, and use the TAP interface so it would therefore be accessible over a network range such as 10.2.x.x?

Or can the likes of Chef and Puppet work over SSH?
Ryzen
(12 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 7 1700 Gigabyte GA-AB350M Gaming 3 Palit GT-430 Corsair Vengeance LPX CMK16GX4M2B3000C15 
Hard DriveCoolingOSMonitor
Samsung 850 EVO AMD Wraith Spire Linux Mint 18.x Dell UltraSharp U2414H 
KeyboardPowerCaseMouse
Apple Basic Keyboard Thermaltake ToughPower 850W Lian-Li PC-A04B Logitech Trackman Wheel 
  hide details  
Reply
Ryzen
(12 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen 7 1700 Gigabyte GA-AB350M Gaming 3 Palit GT-430 Corsair Vengeance LPX CMK16GX4M2B3000C15 
Hard DriveCoolingOSMonitor
Samsung 850 EVO AMD Wraith Spire Linux Mint 18.x Dell UltraSharp U2414H 
KeyboardPowerCaseMouse
Apple Basic Keyboard Thermaltake ToughPower 850W Lian-Li PC-A04B Logitech Trackman Wheel 
  hide details  
Reply