orcharhino Proxies: What is it and why do I need it?
orcharhino proxies are network nodes that take over certain tasks for the orcharhino in other networks. In the simplest case, hosts receive their content directly from the orcharhino and use it as a DNS and DHCP server.
orcharhino proxies practically act as a branch office of an orcharhinoin another network. An orcharhino proxy is required if hosts that cannot be reached from the orcharhino‘s network are to be managed, provisioned, patched or configured.
Usage scenarios
There are two different modes of operation of orcharhino proxies: An orcharhino proxy with Pulp, where the orcharhino proxy mirrors the content of the orcharhino, and an orcharhino proxy with Squid, where the orcharhino proxy acts as a caching and forwarding proxy.
Detailed descriptions of the two operating modes can be found in our documentation.
Two basic usage scenarios can be derived from the orcharhino proxy with Pulp and the orcharhino proxy with Squid:
- An orcharhino proxy with pulp can be used to save bandwidth between two data centers. Only the orcharhino proxy receives content (software packages, errata or puppet modules) from the orcharhino, stores it and then forwards it to a number of hosts. This means that each host does not have to individually request packages from orcharhino at different locations.
This is accompanied by performance gains: Hosts can be provisioned more quickly due to the geographical proximity of the orcharhino proxy to the host. This is particularly important when latency between locations, clouds and/or data centers plays a central role. For example, it is conceivable that the orcharhino in a data center in Frankfurt am Main could provision hosts in a data center in Cologne. By using an orcharhino proxy at the second location in Cologne, the network load can be reduced and expensive Internet traffic avoided by the orcharhino proxy taking over the provisioning of the hosts in its own network. Ultimately, this reduces costs. Faster deployments mean that infrastructures are completed more efficiently and can therefore be used more quickly.
- With an orcharhino proxy with Squid (and optionally Pulp), individual hosts in isolated networks do not have to be activated individually. This has the advantage of a clean separation and thus massively simplifies firewall rules. Only the relevant ports for communication between the orcharhino and the orcharhino proxy need to be activated. The orcharhino proxy then takes over the communication and supply of content to the hosts from the orcharhino. This is accompanied by a security gain through network compartmentalization. At the same time, the orcharhino proxy scenario with Squid can also save disk space, as packets only have to be stored on the orcharhino, but not on the orcharhino proxy itself. This is interesting, for example, if there are several networks in the same data center.
An orcharhino proxy can also be used to connect existing infrastructure components to the orcharhino. This includes Puppetmaster as well as DNS and DHCP servers, for example.
Overall, the adequate use of an orcharhino proxy has many advantages. Overall, these can be divided into three categories: Performance gains, security gains and cost savings. Through a clever architecture including trade-off between bandwidth and storage space, real benefits can be achieved from technical necessities. Your ATIX Consultant is happy to advise you. We would be happy to discuss this with you in a personal meeting.
Further information can be found in our documentation in the orcharhino Proxy Installation Guide.