Dear Paul
Wafa isn't quite right. Of course, Spacewalk needs some kind of upstream
repositories to stay up-to-date. But those Repos you can mirror in a
somehow "connected" network (internal or DMZ). If you want to provide
those up-to-date repos to "disconnected" clients you can use the
Spacewalk-Proxy architecture to connect such clients (secured) to a
"connected" and up-to-date Spacewalk-server.
In this case you have full traffic-control between hidden proxy and
public Spacewalk-server which might meet your security-requirements
since you only need two ports to open for basic functionality.
regards,
Fabian
Am 24.01.2018 um 10:46 schrieb Sadri, Wafa (BITBW):
Dear Paul,
Spacewalk is a great tool to manage servers „offline“ and act as a
local repository. You can deploy servers using spacewalks internal
kickstart functionality. I have not used it myself, because I run a
seperate kickstart server. You can also use it to deploy „security
configurations“ via the configuration channels which your servers can
subscribe to.
However keep in mind that you should connect the spacewalk to the
internet to be able to download the latest patches for your servers
once in a while. I recommend to install the server while connected to
the internet. It makes life much easier. There’s no good way to
populate channels with rpms properly, if you’re not connected tot he
internet.
Hope this helps.
regards,
Wafa
*Von:*spacewalk-list-boun...@redhat.com
[mailto:spacewalk-list-boun...@redhat.com] *Im Auftrag von *Paul Greene
*Gesendet:* Mittwoch, 24. Januar 2018 05:16
*An:* spacewalk-list@redhat.com
*Betreff:* [Spacewalk-list] Can spacewalk be used on a disconnected
network?
Hi All,
I have a requirement to manage a bunch of CentOS servers that are all
disconnected from the internet. These are the kinds of things I'm
looking to accomplish:
yum updates and security patches, preferably for multiple version #s
of CentOS 6.7, 6.8, 6.9, and 7.x
rapid deployment of new servers, preferably with predefined security
configurations; currently, the systems are primarily physical,
virtualization might come later
sometimes the "rapid deployment of servers" might include blowing away
what is currently on an existing server and reinstalling a fresh system
For the building of the spacewalk server itself, how complicated is it
to build the server itself offline - i.e. resolving all the
dependencies and populating with all the needed rpms? (It might be
possible to build the server connected to the internet initially, and
then move it offline)
Is spacewalk a good tool to meet these requirements?
Paul
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
--
--
Fabian Bosch, Solutions-Engineer
DAASI International GmbH
Europaplatz 3
D-72072 Tübingen
Germany
phone: +49 7071 407109-0
fax: +49 7071 407109-9
email: fabian.bo...@daasi.de
web: www.daasi.de
Sitz der Gesellschaft: Tübingen
Registergericht: Amtsgericht Stuttgart, HRB 382175
Geschäftsleitung: Peter Gietz
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list