On Wed, Apr 30, 2014 at 12:17 PM, Lamar Owen <lowen at pari.edu> wrote: > >> You forgot to mention interoperable along with effective and complete. > > No, I didn't forget it. > >>> Dynamic DNS and/or mDNS with associated addresses deals with the need >>> for a static IP; >> Is that secure? > > Dynamic DNS can be, yes. It depends upon the way the zone file is > updated and whether it's Internet-exposed on not. So how can it be dynamic, but controlled at the same time? > But you've been around long enough to know that security and convenience > are inversely proportional. Sort-of. You just have to work out convenient operations over secure channels. >> Is [the SRV DNS record] a standard that is universal? > > RFC 2782. Becoming more common, and very common for VoIP networks using > SIP. I'll take that as a 'no' for the general case. >> You just pushed the management somewhere else - you didn't eliminate it. > > Why yes, yes I did push the management elsewhere. If you have a hundred > thousand cloud nodes, where would you rather manage them; at the > individual node level, or in a centralized manner? I'd like to mange things the same way, regardless of the count. > Go to a cloud panel, > select 'deploy development PostgreSQL server' and a bit later connect to > it and get to work. How is that easier than saying 'ssh nodename yum -y install postgresql-server'/ Something I already know how to do and how to make happen any number of ties - and something that works on real hardware and in spite of the differences in VM cloud tools. > (Yes, I know you need AAA and all kinds of other > things, but for the application developer who needs a clean sandbox to > test something, being able to roll a clean temp server out without admin > intervention could be very useful). At the expense of being black magic that won't work outside of that environment. I don't like magic. I don't like things that lock you in to only one vendor/tool/OS. >> Your argument makes sense for devices that don't provide a reasonable >> interface for their own configuration. But how does that apply to a >> server with a full Linux distribution? > > Embedded devices, with what I would consider to be full Linux > distributions on them, with nothing more than a network device to manage > them already exist. Network device meaning Wi Fi, too. NAS appliances > are but one application; the WD MyBook Live, for instance, has a > complete non-GUI Debian on it, and there are repos for various packages > (for grins and giggles I installed IRAF on one, and ran it with ssh X > forwarding to my laptop). Is a NAS appliance not a server? Actually, I'd like to see a single device do all of that gunk plus have an HDMI out to act as a media player so a typical home would only need one extra 'thing' besides the computer/tablet/phone. But it doesn't matter - you still have to configure it somehow. Do you want things to guess at your firewall rules? -- Les Mikesell lesmikesell at gmail.com