[Demi-devel] Re: Developer for demi

Andrew Pollock apollock@debian.org
Fri, 4 Jun 2004 08:27:08 +1000 

On Thu, Jun 03, 2004 at 11:03:38AM +0200, Leo Eraly wrote:
> Hi Guys,
> 
> 
> I've read the proof of concept code and i saw that 
> you use 'scp' to get the status of remote machines? Is this correct?

Yes.
 
> Before I saw this project I wanted to write my own tool.
> And i had the following ideas about it, what do you think about them
> 
[snip]
> 
> These were just some of my rough ideas that i got during a nightly-brainstorm-session(so don't shoot me). 
> What do you guys think about it?

Okay, the reason I chose SSH as the transport method was because SSH is
pretty ubiquitous on most networks, so it doesn't require any additional
ports to get poked through firewalls, and it already has the facility to do
automated authentication.

I've had a few people comment on push vs pull, and how push is flawed
because of machines being off etc.

I realise push is flawed, but the primary audience is a server environment,
which is obviously going to be always on. There's no reason why it can't be
a push/pull environment though. And there's no reason why it can't be used
for desktops either. It might just take a cron job that runs on boot to do a
poll of the central demi server.

I come from a network security background, where you design your network so
that your management segment is the most protected part of your network, and
you generally dont' allow inbound connections to it, which is why I went for
push in the first place. The demi server sits in the management segment and
talks out to clients, but the clients  never connect back in to it.

Obviously it should be configurable, so that for people that want reverse
connections to occur because it's easier, they can.

I plan on getting my act together on Demi once I've got exams out of the
way, and I'd like to put in a serious couple of weeks (or more on it) during
the holidays, so hopefully there'll be a bit of momentum into next semester
to keep things rolling.

Oh, and I absolutely wanted to have it database backended for reporting
purposes. I posted a preliminary database schema for comment a while ago.

regards

Andrew