Core 4 Remote Workers

Daniel Wittenberg daniel.wittenberg.r0ko at statefarm.com
Tue Feb 5 19:02:22 CET 2013

Previous message: Core 4 Remote Workers
Next message: Core 4 Remote Workers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Feb 5, 2013, at 11:13 AM, Andreas Ericsson wrote:

> On 02/05/2013 06:04 PM, Daniel Wittenberg wrote:
>> 
>> So it almost seems like you could have a remote worker installed on
>> each host, and just have it check that one host…other than you'd have
>> a ton of remote workers, what would be the downside of doing that?
> 
> None, apart from the fact that in that case you'd probably rather have
> each worker containing its own scheduler and submitting its results
> once every minute or so. Preferrably via udp to avoid having to
> maintain a bazillion network sockets. We'll hit the open filelimit
> really quickly otherwise, and the various input polling interfaces
> tend to fall apart or grind to a halt when handling more than X
> sockets (where X is usually a number between 1024 and 32768).
> 
>> Removes the need for nrpe or other options for remote checking…
>> 
> 
> It does indeed. It also removes the need for a powerful monitoring
> server. With "onsite" workers and a special-purpose snmp worker
> (or two. Or three), you could monitor hundreds of thousands of
> hosts from a laptop.

Yeah, that was my thought, and also make the config a little simpler and easily dynamic for cloud solutions.  What would be really cool is if you could just have a worker report in for what he wanted to monitor and if core doesn't have it just add a new host based on a template :)  So when new cloud systems come online they could automatically get registered…back to the dynamic adding I guess…

I would also imagine anyone with a larger scale setup has already raised the ulimit settings, that's usually one of the first things I do, but might still hit some system limits depending on the size, but would be interesting to see how far you could scale that type of setup.

We'd have to make sure we could also handle having a worker check in for a node that core might not know about just yet, so in case the server stand-up happens faster than the config updates.  Just making sure it doesn't blow up or something when that worker checks in.

Dan
------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013 
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb

Previous message: Core 4 Remote Workers
Next message: Core 4 Remote Workers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Developers mailing list