JService Manager
JService Manager is an orchestration suite for remote management of services running on the JLinux platform.
From the web portal, you can configure infinite amount of servers. The servers can have identical configuration, and you can also use specific config on a server.
If a server is re-installed, the same configuration will be re-deployed automatically.
Both software packages through JLinux packages, service configuration and running services are configured. This is called a deployment.
The deployment can be added to an individual server, a group of servers (service ID, group ID) and also for an entire customer ID.
So it is also possible to add a deployment to servers that doesnt exist yet.
Security
JLinux packages are digitally signed by the software author(s). Software deployed to servers cannot be tampered with by JService Manager even if the central packaging system itself was compromised, because the central packaging system do not have access to the private key used to sign the software.
The JService manager do not have access to execute commands on remote servers. It can only tell what software packages should be installed, what services should run and what non-executable configuration they should have. It is still possible to do harm by making invalid configuration setups, but direct remote access is not possible.
The JService Manager on each server do not need inbound openings in the firewall as all communication is performed outbound to the central JService Manager system.
Enabling managed mode on a server
The JService Manager running on each server is integrated into the JService service daemon. There are sometimes reasons why you want or do not want a server to be in JService manager managed mode.
In order to enable the JService Manager on a server, the JService configfile must contain the parameter "autoupdate_service 1". If not set or set to 0, it is disabled and no services can or will be configured by JService Manager.