Re: Managing many Debian machines
Daniel Whelan <whelan@csit.fsu.edu> writes:
> Greetings - I am currently looking for a solution to managing and
> maintaining a large number of Debian machines. While I absolutely
> love apt-get, manually apt-getting a hundred machines to upgrade one
> piece of software is suboptimal. Is there any way to automate this
> process? One solution that has been suggested is to NFS mount some
> of the software off a server - my issue with this is that it would
> hose the package management somewhat. Does anyone have any
> experience with this?
We now have about 100 student machines networked, and a further 25 or
so staff machines, and have been using Debian since 1997.
We use nfs for home directories, and have used it for /usr/local in
the past. We prefer not to use it (apart from home dirs)
* it is rather slow over the network (still some 10Mb switches)
* for the distribution proper, there are the package management
issues you mentioned
* at least at first there were not many machines, so it "didn't seem
too bad" to install on each machine individually.
Most of our machines have to dual boot into Win2000, so some of our
choices are constrained by that.
Our general practice is:
* setup the first machine the way we want it
* use Drive Image to broadcast the image around the network. I
believe there are a number of similar products, although I don't
know of a linux one.
Drive Image can be a bit flaky (or maybe we just don't use it often
enough to understand its quirks), and we often end up re-imaging a
couple of times before it all goes right. Even so, it is much
quicker than dealing with each machine individually.
* We have to sit in front of each machine to boot it the first time
and run lilo. At this point we also have a script that re-names the
machine - you could use DHCP instead for this, but for us it would
interfere with the W2K DHCP server. Once the machine has booted with
the correct name we generate the ssh identity for each machine. (We
also change the BIOS to restrict booting from floppy, and set the
BIOS password at this point.)
* From then on we use a mixture of cfengine and rsync to deal with
day-to-day config tweaks. To deal with new package installs, We
install on one machine, dpkg --get-selections, distribute the
selections file and then have a script that does dpkg
--set-selections, followed by the right sequence of apt-get
commands. We use ssh extensively to "push" commands around the
network.
* You really want a local mirror or an http proxy cache.
This is not perfect, but it is good enough to be workable for
us.
There are a couple of projects around where people have managed to
automate the installation process to a greater or lesser extent (see
the debian-admintool mailing list), and the growing use of debconf has
improved things considerably. You may also find www.progeny.com of
interest.
--
Gilbert Laycock email: gtl1@mcs.le.ac.uk
Maths and Computer Science, http://www.mcs.le.ac.uk/~glaycock
University of Leicester phone: (+44) 116 252 3902
Reply to: