• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    has anyone ever used fog from the external WWW

    Scheduled Pinned Locked Moved
    General
    3
    4
    600
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      p4cm4n
      last edited by

      has anyone used fog from an external internet standpoint? IE Fog being an outside facing machine?

      I was thinking about using it to deploy to client sites, and also standalone clients -

      so for example i have a satellite office without VPN that the fog client will connect to my external IP address, with the appropriate port mappings so that i can push snapins for example to machines scattered in different places.

      does anyone know what ports I’d need to do this? i saw the list in the wiki, am i correct in all of those? and if so, is there any way to specify different ports to the client?

      Wayne WorkmanW 1 Reply Last reply Reply Quote 0
      • george1421G
        george1421 Moderator
        last edited by

        This setup is not advised at all. FOG is not (currently) configured for public network security. Placing your fog server directly on the internet would surely cause the fog server to be compromised in a very short period of time.

        You have several challenges here even if you put a storage node at the remote site.

        1. The storage node needs to connect to the FOG server, to use its database. This communication is done over port 3306.
        2. During pxe booting, the target computer has to communicate with the main fog server to find the location of its storage node. This communication is done over http.
        3. The fog client’s check in to the fog master server to see if there are any jobs to do. This is done over http.
        4. Imaging is done over NFS protocol v3 which is inherently insecure.

        Thinking about it, you might be better off to deploy a small fog server (like on an intel nuc) to each remote location. Then you could interface with the remote fog server over http/https from your main HQ.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

        P 1 Reply Last reply Reply Quote 1
        • Wayne WorkmanW
          Wayne Workman @p4cm4n
          last edited by

          @p4cm4n said in has anyone ever used fog from the external WWW:

          satellite office without VPN that the fog client will connect to my external IP address

          That’s generally advised against for the reasons @george1421 has already listed. It’s difficult to completely secure all aspects of FOG given the current code base and the technologies it uses.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
          Daily Clean Installation Results:
          https://fogtesting.fogproject.us/
          FOG Reporting:
          https://fog-external-reporting-results.fogproject.us/

          1 Reply Last reply Reply Quote 0
          • P
            p4cm4n @george1421
            last edited by

            @george1421 @Wayne-Workman
            thanks guys, originally the idea was more so that i could have a stable image with an IP for the fog server that could interface with a machine deployed now, to a server used in the future. But yes, ultimately I’m trying for a seperate box/vm to run fog for those reasons at each site. I’m just coming into a situation though and there is already excessive amounts of dedicated boxes that run pseudo important tasks, but maybe consolidating those will give me some hardware to run fog on anyways. more of a project is all.

            thanks though!

            1 Reply Last reply Reply Quote 0
            • 1 / 1
            • First post
              Last post

            133

            Online

            12.0k

            Users

            17.3k

            Topics

            155.1k

            Posts
            Copyright © 2012-2024 FOG Project