I don't think so. What you're describing is a proxy for the services
themselves, i.e. some software that forwards on DNS requests, or DHCP
requests etc.
The Smart Proxy is a proxy in a different sense - it provides remote
access to the administrative interface of these services, which Foreman
uses. In the case of DHCP, it adds an interface to add/remove host
records, but doesn't handle DHCP traffic itself.
The expected architecture is that you already have the multiple
instances deployed in your datacentre, local to the VMs. You install
the proxy to allow Foreman to reach all of those services for admin tasks.
There is DHCP relay software out there, but that's not what the Smart
Proxy is for.
···
On 28/01/13 20:55, ryan wallner wrote:
> All,
>
> I've been poking around the wiki for a few days an I have a few
> questions. What I understand in regards to ISC DHCP and foreman
> smart-proxy is that the DHCP server needs to reside on the same host as
> the smart proxy (i.e. cannot use the dhcp_server with isc
> implementation). Correct me if I am misunderstanding. What I would like
> to do is essentially use the smart-proxy as a "gateway" service for
> multiple tenants. Essentially, communication from a high level It would
> seem like:
>
> *(VM)* <--> *(Foreman Smart-proxy)* <-->*(DHCP, DNS , Puppet) *<-- these
> services are running on multiple instances
>
> Can I use smart-proxy in this way?
–
Dominic Cleal
Red Hat Engineering
Dominic,
Thank you for your response,
These were the answers I was looking for.
Say unlike the expected architecture you have the VM's firewalled off from
these services, and in my case, each rack in the datacenter needs the relay
service to allow some type of proxy to these services. Could you see the
smart-proxy extended to handle these capabilities? Or is it wiser to seek
some other DHCP relaying software.
Thanks again,
Ryan Wallner
EMC OCTO | NGDC
···
On Tuesday, January 29, 2013 3:03:15 AM UTC-5, Dominic Cleal wrote:
>
> On 28/01/13 20:55, ryan wallner wrote:
> > All,
> >
> > I've been poking around the wiki for a few days an I have a few
> > questions. What I understand in regards to ISC DHCP and foreman
> > smart-proxy is that the DHCP server needs to reside on the same host as
> > the smart proxy (i.e. cannot use the dhcp_server with isc
> > implementation). Correct me if I am misunderstanding. What I would like
> > to do is essentially use the smart-proxy as a "gateway" service for
> > multiple tenants. Essentially, communication from a high level It would
> > seem like:
> >
> > *(VM)* <--> *(Foreman Smart-proxy)* <-->*(DHCP, DNS , Puppet) *<-- these
> > services are running on multiple instances
> >
> > Can I use smart-proxy in this way?
>
> I don't think so. What you're describing is a proxy for the services
> themselves, i.e. some software that forwards on DNS requests, or DHCP
> requests etc.
>
> The Smart Proxy is a proxy in a different sense - it provides remote
> access to the administrative interface of these services, which Foreman
> uses. In the case of DHCP, it adds an interface to add/remove host
> records, but doesn't handle DHCP traffic itself.
>
> The expected architecture is that you already have the multiple
> instances deployed in your datacentre, local to the VMs. You install
> the proxy to allow Foreman to reach all of those services for admin tasks.
>
> There is DHCP relay software out there, but that's not what the Smart
> Proxy is for.
>
> --
> Dominic Cleal
> Red Hat Engineering
>
Yep, crossed posts!
A relay/helper route is a good way to go to simplify the deployment of
DHCP across many networks, as you can centralise the service. The local
helper connected to each network is able to pass the requests on. DNS
is routed, so there's not a huge advantage in the same way as DHCP,
though you can install DNS forwarders too and only allow access to the
central servers from your designated forwarders.
You'd keep the Smart Proxy installed on each DHCP and DNS host, so then
Foreman can reach them all to modify data.
I can't see the Smart Proxy ever needing to provide the services
directly, it's very much a solved problem in both software and
enterprise-grade routers.
···
--
Dominic Cleal
Red Hat Engineering
On 29/01/13 19:13, ryan wallner wrote:
Dominic,
Thank you for your response,
These were the answers I was looking for.
Say unlike the expected architecture you have the VM’s firewalled off
from these services, and in my case, each rack in the datacenter needs
the relay service to allow some type of proxy to these services. Could
you see the smart-proxy extended to handle these capabilities? Or is it
wiser to seek some other DHCP relaying software.
Thanks again,
Ryan Wallner
EMC OCTO | NGDC
On Tuesday, January 29, 2013 3:03:15 AM UTC-5, Dominic Cleal wrote:
On 28/01/13 20:55, ryan wallner wrote:
> All,
>
> I've been poking around the wiki for a few days an I have a few
> questions. What I understand in regards to ISC DHCP and foreman
> smart-proxy is that the DHCP server needs to reside on the same
host as
> the smart proxy (i.e. cannot use the dhcp_server with isc
> implementation). Correct me if I am misunderstanding. What I would
like
> to do is essentially use the smart-proxy as a "gateway" service for
> multiple tenants. Essentially, communication from a high level It
would
> seem like:
>
> *(VM)* <--> *(Foreman Smart-proxy)* <-->*(DHCP, DNS , Puppet) *<--
these
> services are running on multiple instances
>
> Can I use smart-proxy in this way?
I don't think so. What you're describing is a proxy for the services
themselves, i.e. some software that forwards on DNS requests, or DHCP
requests etc.
The Smart Proxy is a proxy in a different sense - it provides remote
access to the administrative interface of these services, which Foreman
uses. In the case of DHCP, it adds an interface to add/remove host
records, but doesn't handle DHCP traffic itself.
The expected architecture is that you already have the multiple
instances deployed in your datacentre, local to the VMs. You install
the proxy to allow Foreman to reach all of those services for admin
tasks.
There is DHCP relay software out there, but that's not what the Smart
Proxy is for.
--
Dominic Cleal
Red Hat Engineering
–
You received this message because you are subscribed to the Google
Groups “foreman-dev” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-dev+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Thanks Dominic,
cleared up most of questions. Will be in touch.
Ryan Wallner
···
On Tuesday, January 29, 2013 2:32:29 PM UTC-5, Dominic Cleal wrote:
>
> Yep, crossed posts!
>
> A relay/helper route is a good way to go to simplify the deployment of
> DHCP across many networks, as you can centralise the service. The local
> helper connected to each network is able to pass the requests on. DNS
> is routed, so there's not a huge advantage in the same way as DHCP,
> though you can install DNS forwarders too and only allow access to the
> central servers from your designated forwarders.
>
> You'd keep the Smart Proxy installed on each DHCP and DNS host, so then
> Foreman can reach them all to modify data.
>
> I can't see the Smart Proxy ever needing to provide the services
> directly, it's very much a solved problem in both software and
> enterprise-grade routers.
>
> --
> Dominic Cleal
> Red Hat Engineering
>
> On 29/01/13 19:13, ryan wallner wrote:
> > Dominic,
> >
> > Thank you for your response,
> >
> > These were the answers I was looking for.
> >
> > Say unlike the expected architecture you have the VM's firewalled off
> > from these services, and in my case, each rack in the datacenter needs
> > the relay service to allow some type of proxy to these services. Could
> > you see the smart-proxy extended to handle these capabilities? Or is it
> > wiser to seek some other DHCP relaying software.
> >
> > Thanks again,
> >
> > Ryan Wallner
> > EMC OCTO | NGDC
> >
> > On Tuesday, January 29, 2013 3:03:15 AM UTC-5, Dominic Cleal wrote:
> >
> > On 28/01/13 20:55, ryan wallner wrote:
> > > All,
> > >
> > > I've been poking around the wiki for a few days an I have a few
> > > questions. What I understand in regards to ISC DHCP and foreman
> > > smart-proxy is that the DHCP server needs to reside on the same
> > host as
> > > the smart proxy (i.e. cannot use the dhcp_server with isc
> > > implementation). Correct me if I am misunderstanding. What I would
> > like
> > > to do is essentially use the smart-proxy as a "gateway" service
> for
> > > multiple tenants. Essentially, communication from a high level It
> > would
> > > seem like:
> > >
> > > *(VM)* <--> *(Foreman Smart-proxy)* <-->*(DHCP, DNS , Puppet) *<--
> > these
> > > services are running on multiple instances
> > >
> > > Can I use smart-proxy in this way?
> >
> > I don't think so. What you're describing is a proxy for the
> services
> > themselves, i.e. some software that forwards on DNS requests, or
> DHCP
> > requests etc.
> >
> > The Smart Proxy is a proxy in a different sense - it provides remote
> > access to the administrative interface of these services, which
> Foreman
> > uses. In the case of DHCP, it adds an interface to add/remove host
> > records, but doesn't handle DHCP traffic itself.
> >
> > The expected architecture is that you already have the multiple
> > instances deployed in your datacentre, local to the VMs. You
> install
> > the proxy to allow Foreman to reach all of those services for admin
> > tasks.
> >
> > There is DHCP relay software out there, but that's not what the
> Smart
> > Proxy is for.
> >
> > --
> > Dominic Cleal
> > Red Hat Engineering
> >
> > --
> > You received this message because you are subscribed to the Google
> > Groups "foreman-dev" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> > an email to foreman-dev...@googlegroups.com .
> > For more options, visit https://groups.google.com/groups/opt_out.
> >
> >
>
>
