diff --git a/uncloud_django_based/uncloud/doc/README-how-to-configure-remote-uncloud-clients.org b/uncloud_django_based/uncloud/doc/README-how-to-configure-remote-uncloud-clients.org
index 4b2b361..b685a9b 100644
--- a/uncloud_django_based/uncloud/doc/README-how-to-configure-remote-uncloud-clients.org
+++ b/uncloud_django_based/uncloud/doc/README-how-to-configure-remote-uncloud-clients.org
@@ -1,5 +1,19 @@
 * What is a remote uncloud client?
 ** Systems that configure themselves for the use with uncloud
-** Examples are VMHosts, VPN Servers, etc.
+** Examples are VMHosts, VPN Servers, cdist control server, etc.
 * Which access do these clients need?
 ** They need read / write access to the database
+* Possible methods
+** Overview
+|                          | pros                                                      | cons                                 |
+| SSL based                | Once setup, can access all django parts natively, locally | X.509 infrastructure                 |
+| SSH -L tunnel            | All nodes can use [::1]:5432                              | SSH setup can be fragile             |
+| ssh djangohost manage.py | All DB ops locally                                        | Code is only executed on django host |
+| https + token            | Rest alike / consistent access                            | Code is only executed on django host |
+** remote vs. local Django code execution
+   - If manage.py is executed locally (= on the client), it can
+     check/modify local configs
+   - However local execution requires a pyvenv + packages + db access
+   - Remote execution (= on the primary django host) can acess the db
+     via unix socket
+   - However remote execution cannot check local state