[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Configuration management (was:Re: [Debconf4] Re: Fwd: Re: CDD World Domination @Debconf4)

Jonas Smedegaard wrote:

Hash: SHA1

Cosimo Alfarano wrote:

| This very issue will be discussed here at the DebConf, hopefully :)
| I hope here (in PoA) there is some guys able to explain why cfengine,
or why
| config4gnu or whatever.

I can speak about "why cfengine" if you haven't discussed it already.

maybe we should have a "managed configuration BoF" if there isn't one. Back @ home, and following the philosophy best described by Steve Traugott (http://infrastructures.org/) we are working on managing servers & workstations from a central server that holds:

 - package repository

 - svn or cvs repository for /etc which controls
   - cfengine
   - a makefile for one-time, ordered actions, isconf-style

 along the way, we've tried many things, including

- push (discarded in favour of pull models -- yet we keep some push ability for emergencies)

- managing a 'master' image, and distributing changes via rsync (phasing out because it isn't atomic, and a truncated rsync can leave a machine in a broken state such that it won't heal itself)

- after going through several transport solutions, svn or cvs over ssh is current choice (afaik), over cfenfgine's own transport. We also use https for package distribution.

- due to the pull model, we are also looking into integrating a 'report back' trigger, so the config server hears back from clients when they succeed in the operation. this will allow us to provide a 'status panel' and eventually trigger warnings if a critical update hasn't reached 100% of clients.

Steve Wray (stevew@catalyst.net.nz) back @ in NZ is really interested in this, too.


Martin Langhoff |||| http://nzl.com.ar/

Reply to: