orcharhino proxies are network nodes which perform certain tasks for the orcharhino in other networks. In the simplest case hosts get their content directly from orcharhino and use it as DNS and DHCP server.

orcharhino proxy practically act as a branch office of an orcharhino‘s in another network. An orcharhino proxy is necessary to manage, provision, patch or configure hosts which are not reachable from the orcharhinos network.

---

Usage scenarios

There are two different modes of operation of orcharhino proxies: An orcharhino proxy with pulp, where the orcharhino proxy mirrors the content of the orcharhinos and an orcharhino proxy with squid, where the orcharhino proxy acts as caching and forwarding proxy.

Detailed descriptions of the two modes of operation can be found in our documentation.

From the orcharhino proxy with pulp and the orcharhino proxy with Squid two basic usage scenarios can be derived:

1. An orcharhino proxy with pulp can be used to save bandwidth between two data centers. Only the orcharhino proxy receives content (software packages, errata or puppet modules) from orcharhino, stores it and then forwards it to a variety of hosts. This way not every host has to request packages from orcharhino at different locations.

This is accompanied by performance gains: The provisioning of hosts can be done faster due to the geographical proximity of the orcharhino proxy to the host. This is especially important when latency between sites, clouds, and/or data centers plays a central role. It is conceivable, for example, that the orcharhino in a data center in Frankfurt am Main provides hosts in a data center in Cologne. By using an orcharhino proxy at the second location in Cologne the network load can be reduced and expensive internet traffic can be avoided by using the orcharhino to supply the hosts in the own network. Ultimately, costs can be reduced. Faster deployments mean that infrastructures are completed more efficiently and can therefore be deployed more quickly.

2. By using an orcharhino proxy with Squid (and optionally Pulp), individual hosts in isolated networks do not need to be activated individually. This has the advantage of a clean separation and thus massively simplifies firewall rules. So only relevant ports for the communication between the orcharhino and the orcharhino proxy have to be enabled. The orcharhino proxy takes over the communication and supply of the hosts from the orcharhino with content. This is accompanied by a security gain through network foreclosure. At the same time you can save storage space in the orcharhino proxy scenario with Squid because packages only have to be kept on the orcharhino, but not on the orcharhino proxy itself. This is interesting, for example, if several networks are located in the same data center.

An orcharhino proxy can also be used to connect existing infrastructure components to the orcharhino. This includes Puppetmaster as well as DNS and DHCP servers.

Overall, the adequate use of an orcharhino proxy brings many advantages. These can be divided into three categories: Performance gains, security gains and cost savings. Through a clever architecture including trade-off between bandwidth and storage space, real benefits can be achieved from technical necessities. Your ATIX Consultant is happy to advise you. We would be happy to explain this to you in a personal meeting.

You can find more information in our documentation in the orcharhino proxy Installation Guide.