Project

General

Profile

Actions

User story #1174

closed

It is impossible to use Rudder in an environment without a complete DNS infrastructure

Added by François ARMAND over 13 years ago. Updated almost 8 years ago.

Status:
Rejected
Priority:
1 (highest)
Category:
Web - Config management
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:

Description

The title is provocative, but the problem is as follows:

A Rudder server is configured with a hostname = to "$(hostname --fqdn)", which is H-RUDDER.
The update IP of the promises for this server is 192.168.42.42.

We run rudder-init with the following answers:
  • Allowed networks: 192.168.0.0/16

Then:

  1. /etc/hosts must contain:
    -----
    192.168.42.42 H-RUDDER
    -----
  1. For every node added to the server (first inventory accepted), we need to add the right IP for the node hostname we see, in /etc/hosts.
  1. If the node changes its IP address (DHCP?), it can no longer update properly

Also, why not #1, it can be part of a normal configuration, but #2 and #3 are really bothering constraints. I understant the reason (cf-serverd access ACLs are done with hostnames, it is an IP trying to connect, we need to link them), but it means we can't configure Rudder properly.

If I did install Rudder wrong, I accept to run the procedure again.

If there are simple workarounds, we should document them.

On the long term, we need to thing about a solution that would take in account IP and hostnames for update authorizations (but I have no idea that do not end in security issues)

Actions

Also available in: Atom PDF