[hobbit] Future of Hobbit

Charles Jones jonescr at cisco.com
Fri Jan 25 21:38:11 CET 2008


Hobbit User in Richmond wrote:
> On Fri, January 25, 2008 14:43, Charles Jones wrote:
>   
>> I think Henriks stance on having the server collect data via ssh
>> connections just doesn't scale.  Sure it works fine for a few dozen
>> hosts, but let's say you have 2000 servers...now you are expecting be
>> able to make 2000 trouble-free ssh connections before the next polling
>> cycle begins. This introduces many problems:
>>     
>
> I don't recall Henrik advocating this as a Good Thing.  In fact, I
> suggested building the ssh capability into Hobbit a while back, and he
> explained why it was not the Right Thing to Do.
>   
I think I worded what I said wrong..I meant to say that Henriks stance 
"was that using ssh does not scale".  Sorry for the confusion!
>> A good solution would be an ssl-encrypted, bi-directional protocol. This
>> would allow secure transfer of client data, either push or pull, without
>> the overhead, management, and security risks of using ssh.
>>     
>
> Sounds rather like what Henrik said he'd pursue at some point in future,
> when he demurred on the ssh-integration suggestion.  In lieu of it, I
> generally have the Hobbit server push an ssh-based port forward for tcp
> 1984 to each client with such a need and let the clients happily report to
> localhost.  High port, doesn't have to be a privileged user, and you can
> limit the user via .ssh/authorized_keys.  Autossh makes it persistent. 
> You have the tunnel overhead, but not the constant setup/teardown of the
> connection.  Just another way to skin the cat, has its trade-offs too.
>   
Yeah I think he has planned to implement SSL, just hasn't gotten around 
to it, and since he is the only coder, we have to wait...or do we? If 
someone out there is good at C++, why not help Henrik out and do some of 
the coding for him?  I've had the fact that Hobbit "only has one 
coder/author" raised as a red flag when I was advocating Hobbit...people 
ask what will happen if Henrik leaves the scene for any reason.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20080125/9ad2558a/attachment.html>


More information about the Xymon mailing list