Issue #2045 has been updated by Bjoern Lippert.
Hello, like Godefroid said... For security reasons a server pushing scenario is necessary and has to work, when puppetmaster is hosted in a "more trusted" zone than the clients. A usual configuration of firewalls is to allow establishing a connection from truted to untrusted networks. How does "puppet kick" work? It establishs a connection from master to agent to request the agent to update. Does the agent uses the same connection or does it create a new connection for update? Please push this feature. ---------------------------------------- Feature #2045: 'Push' functionality in puppetmaster to clients https://projects.puppetlabs.com/issues/2045#change-64670 Author: Paul Wayper Status: Accepted Priority: Normal Assignee: Category: network Target version: Affected Puppet version: 0.24.7 Keywords: push firewall network Branch: In addition to the client puppetd connecting to the puppetmaster and pulling configuration from it, the puppetmaster should also be able to configure clients in 'push' mode where it initiates the connection to the remote client. This feature solves the problem where the puppetmaster, on the inside of a restrictive firewall, is managing clients that are in the DMZ of or outside the firewall. In this configuration, the remote puppet client is not able to start a connection to the puppetmaster, but the puppetmaster is capable of starting a connection to the client. It is preferable in most situations to keep the firewall as closed as possible, and in some network configurations there may be multiple firewalls, load balancers and other devices not in the puppet sysadmin's control that make it difficult to start a connection from the external machine in to the puppetmaster. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
