[CentOS] Disappearing Network Manager config scripts
Les Mikesell
lesmikesell at gmail.com
Wed Apr 30 17:46:32 UTC 2014
On Wed, Apr 30, 2014 at 12:17 PM, Lamar Owen <lowen at pari.edu> wrote:
>
>> You forgot to mention interoperable along with effective and complete.
>
> No, I didn't forget it.
>
>>> Dynamic DNS and/or mDNS with associated addresses deals with the need
>>> for a static IP;
>> Is that secure?
>
> Dynamic DNS can be, yes. It depends upon the way the zone file is
> updated and whether it's Internet-exposed on not.
So how can it be dynamic, but controlled at the same time?
> But you've been around long enough to know that security and convenience
> are inversely proportional.
Sort-of. You just have to work out convenient operations over secure channels.
>> Is [the SRV DNS record] a standard that is universal?
>
> RFC 2782. Becoming more common, and very common for VoIP networks using
> SIP.
I'll take that as a 'no' for the general case.
>> You just pushed the management somewhere else - you didn't eliminate it.
>
> Why yes, yes I did push the management elsewhere. If you have a hundred
> thousand cloud nodes, where would you rather manage them; at the
> individual node level, or in a centralized manner?
I'd like to mange things the same way, regardless of the count.
> Go to a cloud panel,
> select 'deploy development PostgreSQL server' and a bit later connect to
> it and get to work.
How is that easier than saying 'ssh nodename yum -y install
postgresql-server'/ Something I already know how to do and how to
make happen any number of ties - and something that works on real
hardware and in spite of the differences in VM cloud tools.
> (Yes, I know you need AAA and all kinds of other
> things, but for the application developer who needs a clean sandbox to
> test something, being able to roll a clean temp server out without admin
> intervention could be very useful).
At the expense of being black magic that won't work outside of that
environment. I don't like magic. I don't like things that lock you
in to only one vendor/tool/OS.
>> Your argument makes sense for devices that don't provide a reasonable
>> interface for their own configuration. But how does that apply to a
>> server with a full Linux distribution?
>
> Embedded devices, with what I would consider to be full Linux
> distributions on them, with nothing more than a network device to manage
> them already exist. Network device meaning Wi Fi, too. NAS appliances
> are but one application; the WD MyBook Live, for instance, has a
> complete non-GUI Debian on it, and there are repos for various packages
> (for grins and giggles I installed IRAF on one, and ran it with ssh X
> forwarding to my laptop). Is a NAS appliance not a server?
Actually, I'd like to see a single device do all of that gunk plus
have an HDMI out to act as a media player so a typical home would only
need one extra 'thing' besides the computer/tablet/phone. But it
doesn't matter - you still have to configure it somehow. Do you want
things to guess at your firewall rules?
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list