From Fedora Project Wiki
m (1 revision(s)) |
(→bcfg2: authentication is now either global or per-client, password or PKI/cert based...) |
||
| Line 35: | Line 35: | ||
* Uses SSL to encrypt XML-RPC communication | * Uses SSL to encrypt XML-RPC communication | ||
* Configuation files are in XML | * Configuation files are in XML | ||
* Supports global or per-host UUIDs, passwords, and certs/keys to authenticate clients. | |||
* Bug fixes and new features committed upstream in less than a week, usually hours. | |||
== Con == | == Con == | ||
* Not currently in Extras [https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=220284] | * Not currently in Extras [https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=220284] | ||
* Currently uses a license similar to BSD with the attribiution clause, although there is support upstream for | * Currently uses a license similar to BSD with the attribiution clause, although there is support upstream for switching to a different license. | ||
= puppet = | = puppet = | ||
Latest revision as of 20:38, 26 September 2008
glump
Pro
- Uses apache/mod_python so we have full range of authentication/access including
- Does one thing: serves up customized configuration files
- Implemented in python
- Upstream maintainer is closely associated with Fedora (SethVidal)
Con
- Would have to write custom scripts to perform many of the tasks that the other solutions offer
cfengine
Pro
- Already packaged in Extras
Con
- Cryptic configuration language
bcfg2
Pro
- Implemented in Python
- Uses SSL to encrypt XML-RPC communication
- Configuation files are in XML
- Supports global or per-host UUIDs, passwords, and certs/keys to authenticate clients.
- Bug fixes and new features committed upstream in less than a week, usually hours.
Con
- Not currently in Extras [4]
- Currently uses a license similar to BSD with the attribiution clause, although there is support upstream for switching to a different license.
puppet
Pro
- Uses SSL to encrypt communication
- Uses X.509 certificates to authenticate clients
- Already packaged in Extras
Con
- Implemented in Ruby (which makes it difficult for Fedora infrastructure people to hack on it since few know Ruby)
- Must learn new domain-specific language to configure.