On 04/27/2016 09:21 AM, Christian Linden wrote:
> I’ve an rsync job pushing from source, it’s the complete /var/cfengine directory including the policy.
> The others can’t pull from where they are, this is why they do exist.
I think pushing the entirety of /var/cfengine is a *bad* idea.
There are logs and state files and embedded databases. Those things
should not be shared between hubs.
Distributing the policy itself makes sense.
Distributing other directories that you may have created under
/var/cfengine makes sense.
Distributing /var/cfengine/ppkeys *might* make sense, or it might not
depending on the specifics of your environment.
Distributing /var/cfengine/ppkeys/localhost* will result in the
conflation of your hub identities. Maybe that's what you want, maybe not.