[Spacewalk-list] Can spacewalk be used on a disconnected network?
Fabian Bosch
fabian.bosch at daasi.de
Wed Jan 24 10:41:44 UTC 2018
Dear Paul
Wafa isn't quite right. Of course, Spacewalk needs some kind of upstream
repositories to stay up-to-date. But those Repos you can mirror in a
somehow "connected" network (internal or DMZ). If you want to provide
those up-to-date repos to "disconnected" clients you can use the
Spacewalk-Proxy architecture to connect such clients (secured) to a
"connected" and up-to-date Spacewalk-server.
In this case you have full traffic-control between hidden proxy and
public Spacewalk-server which might meet your security-requirements
since you only need two ports to open for basic functionality.
regards,
Fabian
Am 24.01.2018 um 10:46 schrieb Sadri, Wafa (BITBW):
>
> Dear Paul,
>
> Spacewalk is a great tool to manage servers „offline“ and act as a
> local repository. You can deploy servers using spacewalks internal
> kickstart functionality. I have not used it myself, because I run a
> seperate kickstart server. You can also use it to deploy „security
> configurations“ via the configuration channels which your servers can
> subscribe to.
>
> However keep in mind that you should connect the spacewalk to the
> internet to be able to download the latest patches for your servers
> once in a while. I recommend to install the server while connected to
> the internet. It makes life much easier. There’s no good way to
> populate channels with rpms properly, if you’re not connected tot he
> internet.
>
> Hope this helps.
>
> regards,
>
> Wafa
>
> *Von:*spacewalk-list-bounces at redhat.com
> [mailto:spacewalk-list-bounces at redhat.com] *Im Auftrag von *Paul Greene
> *Gesendet:* Mittwoch, 24. Januar 2018 05:16
> *An:* spacewalk-list at redhat.com
> *Betreff:* [Spacewalk-list] Can spacewalk be used on a disconnected
> network?
>
> Hi All,
>
> I have a requirement to manage a bunch of CentOS servers that are all
> disconnected from the internet. These are the kinds of things I'm
> looking to accomplish:
>
> yum updates and security patches, preferably for multiple version #s
> of CentOS 6.7, 6.8, 6.9, and 7.x
>
> rapid deployment of new servers, preferably with predefined security
> configurations; currently, the systems are primarily physical,
> virtualization might come later
>
> sometimes the "rapid deployment of servers" might include blowing away
> what is currently on an existing server and reinstalling a fresh system
>
> For the building of the spacewalk server itself, how complicated is it
> to build the server itself offline - i.e. resolving all the
> dependencies and populating with all the needed rpms? (It might be
> possible to build the server connected to the internet initially, and
> then move it offline)
>
> Is spacewalk a good tool to meet these requirements?
>
> Paul
>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
--
--
Fabian Bosch, Solutions-Engineer
DAASI International GmbH
Europaplatz 3
D-72072 Tübingen
Germany
phone: +49 7071 407109-0
fax: +49 7071 407109-9
email: fabian.bosch at daasi.de
web: www.daasi.de
Sitz der Gesellschaft: Tübingen
Registergericht: Amtsgericht Stuttgart, HRB 382175
Geschäftsleitung: Peter Gietz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20180124/e75c4d9f/attachment.htm>
More information about the Spacewalk-list
mailing list