Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

satellite-clone should completely prevent a cloned Satellite from talking to its Capsules #347

Open
sideangleside opened this issue Nov 15, 2018 · 0 comments
Open

satellite-clone should completely prevent a cloned Satellite from talking to its Capsules #347

sideangleside opened this issue Nov 15, 2018 · 0 comments

Comments

@sideangleside
Copy link
Member

When cloning a Satellite, I know we tell the users to ensure that the cloned Satellite will be on an isolated network (see [1]), but understanding that folks do NOT always read the docs, would it make sure to, as part of cloning

  • enumerate all the capsules (via hammer capsule list or similar).
  • add all of the above to /etc/hosts routing their address to 127.0.0.2 or similar.

This would 'idiot-proof'™ the clone a bit more and be more explicit about preventing cross-talk. Additionally, routing the capsules to a loopback address assures that the other features (like remote exec) cannot be accidentally used.

[1] - https://access.redhat.com/documentation/en-us/red_hat_satellite/6.4/html-single/upgrading_and_updating_red_hat_satellite/#sec-Cloning_Prerequisites
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sideangleside