Re: deprecating /usr as a standalone filesystem?
On 2009-05-06, Russ Allbery <firstname.lastname@example.org> wrote:
> Giacomo Catenazzi <email@example.com> writes:
>> - On large parallel systems, people use something more than a base debian
>> console installation.
>> Usually on net you have a complete copy for root, var etc
>> (in case of compromised computers. Very handy instead of reinstalling the
>> So it is easier also to have a rsync script (without some dirs)
>> And on infrequent security update where data format change,
>> let sysadmin implement a tool to update such numberous systems.
>> But such case is seldom.
>> I really think that *most* debian machines are done in this way
>> (because such systemns have huge number of debian machine, and
>> debian is a very good distribution for such setups)
> I think it's pretty unlikely that *most* Debian machines are done that
> way. There are a lot better tools for keeping large numbers of systems
> in sync these days than simple cloning from golden images, and a lot of
> drawbacks to the golden image approach.
We do the same with ~12 clients. One master image that's declared
stable by rsyncing it using hardlinks on the server and from there
rsynced to the clients which reboot automatically if there are pending
updates. After the rsyncing it does local profile-based "patching".
I wonder about the drawbacks of this because it works really nice for
us. (Of course there's the downtime problem, but that's no problem
for us, as those are clients not servers.)
Sadly rsync still does too much I/O on the servers in our setup, but
if that gets a problem we'll probably go with aufs and have an image on
the client which remainds static there.
> Also, reinstalling systems is completely trivial if you have a decent
> FAI infrastructure. It takes us about ten minutes to rebuild a server
> and reinstall all application software, and that's mostly waiting for
> the system BIOS boot-up checks and the small amount of manual keying
> we've not bothered to automate yet.
But why bother to do a complete reinstall everytime something changed
if you could just sync the delta. (And yes, I'm roughly aware that
there are something like softupdates in FAI too, but still.)
 Actually there's one test image and the stable images are hardlinked
within themselves, so that changes in the test image do not propagate
to the stable images.