Part II. Complex Installations

Now that you have a working MCollective environment, we’re going to slow the pace down a bit and go on a nuts-and-bolts tour inside MCollective’s ecosystem.

We’ll review the architecture, backbone, transport, and security components involved in making MCollective transactions seamless. You’ll go through each tunable parameter, why we recommend the values we do, and what you can achieve by changing it.

You’ll learn how to create a network of brokers for multisite or redundancy requirements. You’ll learn how to create and use collectives to handle thousands of MCollective agents spread around the world.

You’ll learn to enable cryptography-based security plugins for MCollective that utilize various cryptographic methods to authenticate clients, from distributed salts and hashes to centrally signed and validated public/private key infrastructure. You’ll write per-client and per-command granular authorization rules, and you’ll use detailed audit logs to confirm the results.

After finishing this section, you’ll be able to fine-tune MCollective for any environment: small but globally diverse, immense in scale but localized, from tightly secured and audited to permissive and enabling. MCollective can support all of these modes, and you’ll know how to utilize all of them.