On Fri, 20 Aug 2004, Elmar Haneke wrote:
ssh only. period. nothing gets in or out except on 22.
You can forward the database-access through an SSH-tunnel.
can you do this using passphrases in a manner that works across reboots w/o embedding passphrases? i can't figure out how to - at some point (ssh-agent, or whatever) you'll need to type a passphrase. this means the systems cannot reboot on a weekend and come up without assistance... i'd be happy to learn that i was wrong.
additionally this system must be 24/7 and setting up HA setups for postgresql is tricky (i've done it twice before).
Perhaps you should look at FirebirdSQL it is suitable for 24/7 without tricks.
i'll look.
so it's already a single point of failure - i simply don't want to ADD a point of failure.
You still have two points of failiure: a failiure of the NFS-Server itself and an stale-NFS-lock that might also tear down the system while the NFS-Server itself is still ok.
true - but one is already unavoidable. all the ha db systems i have setup would introduce a much hight change of failure than these. my system is resistent to stale nfs lock failures already.
cheers.
-a
--
===============================================================================
| EMAIL :: Ara [dot] T [dot] Howard [at] noaa [dot] gov
| PHONE :: 303.497.6469
| A flower falls, even though we love it;
| and a weed grows, even though we do not love it. | --Dogen
===============================================================================
