<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Dear Paul</p>
<p>Wafa isn't quite right. Of course, Spacewalk needs some kind of
upstream repositories to stay up-to-date. But those Repos you can
mirror in a somehow "connected" network (internal or DMZ). If you
want to provide those up-to-date repos to "disconnected" clients
you can use the Spacewalk-Proxy architecture to connect such
clients (secured) to a "connected" and up-to-date
Spacewalk-server.<br>
In this case you have full traffic-control between hidden proxy
and public Spacewalk-server which might meet your
security-requirements since you only need two ports to open for
basic functionality.<br>
<br>
<br>
regards,<br>
</p>
<p>Fabian<br>
</p>
<br>
<div class="moz-cite-prefix">Am 24.01.2018 um 10:46 schrieb Sadri,
Wafa (BITBW):<br>
</div>
<blockquote type="cite"
cite="mid:1EA9A5DB17C4FE4DAA21D99C337409040EE7DCC6@BWLSM15.ZD.BWL.NET">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.E-MailFormatvorlage18
{mso-style-type:personal-reply;
font-family:"Arial",sans-serif;
color:black;
font-weight:normal;
font-style:normal;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:EN-US">Dear
Paul,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:EN-US">Spacewalk
is a great tool to manage servers „offline“ and act as a
local repository. You can deploy servers using spacewalks
internal kickstart functionality. I have not used it myself,
because I run a seperate kickstart server. You can also use
it to deploy „security configurations“ via the configuration
channels which your servers can subscribe to.
<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:EN-US">However
keep in mind that you should connect the spacewalk to the
internet to be able to download the latest patches for your
servers once in a while. I recommend to install the server
while connected to the internet. It makes life much easier.
There’s no good way to populate channels with rpms properly,
if you’re not connected tot he internet.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:EN-US">Hope
this helps.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-fareast-language:JA">regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-fareast-language:JA">Wafa</span><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-fareast-language:JA"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Von:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">
<a class="moz-txt-link-abbreviated" href="mailto:spacewalk-list-bounces@redhat.com">spacewalk-list-bounces@redhat.com</a>
[<a class="moz-txt-link-freetext" href="mailto:spacewalk-list-bounces@redhat.com">mailto:spacewalk-list-bounces@redhat.com</a>]
<b>Im Auftrag von </b>Paul Greene<br>
<b>Gesendet:</b> Mittwoch, 24. Januar 2018 05:16<br>
<b>An:</b> <a class="moz-txt-link-abbreviated" href="mailto:spacewalk-list@redhat.com">spacewalk-list@redhat.com</a><br>
<b>Betreff:</b> [Spacewalk-list] Can spacewalk be used on a
disconnected network?<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Hi
All,<o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">I
have a requirement to manage a bunch of CentOS
servers that are all disconnected from the internet.
These are the kinds of things I'm looking to
accomplish:<o:p></o:p></p>
</div>
<p class="MsoNormal">yum updates and security patches,
preferably for multiple version #s of CentOS 6.7, 6.8,
6.9, and 7.x<o:p></o:p></p>
</div>
<p class="MsoNormal">rapid deployment of new servers,
preferably with predefined security configurations;
currently, the systems are primarily physical,
virtualization might come later<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">sometimes the "rapid deployment of
servers" might include blowing away what is currently on
an existing server and reinstalling a fresh system<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">For the building of the spacewalk
server itself, how complicated is it to build the server
itself offline - i.e. resolving all the dependencies and
populating with all the needed rpms? (It might be
possible to build the server connected to the internet
initially, and then move it offline)<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Is
spacewalk a good tool to meet these requirements?
<o:p></o:p></p>
</div>
<p class="MsoNormal">Paul<o:p></o:p></p>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Spacewalk-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Spacewalk-list@redhat.com">Spacewalk-list@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/spacewalk-list">https://www.redhat.com/mailman/listinfo/spacewalk-list</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
--
Fabian Bosch, Solutions-Engineer
DAASI International GmbH
Europaplatz 3
D-72072 Tübingen
Germany
phone: +49 7071 407109-0
fax: +49 7071 407109-9
email: <a class="moz-txt-link-abbreviated" href="mailto:fabian.bosch@daasi.de">fabian.bosch@daasi.de</a>
web: <a class="moz-txt-link-abbreviated" href="http://www.daasi.de">www.daasi.de</a>
Sitz der Gesellschaft: Tübingen
Registergericht: Amtsgericht Stuttgart, HRB 382175
Geschäftsleitung: Peter Gietz</pre>
</body>
</html>