[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Managing many Debian machines

Daniel Whelan <whelan@csit.fsu.edu> writes:

> Greetings - I am currently looking for a solution to managing and
> maintaining a large number of Debian machines. While I absolutely
> love apt-get, manually apt-getting a hundred machines to upgrade one
> piece of software is suboptimal. Is there any way to automate this
> process? One solution that has been suggested is to NFS mount some
> of the software off a server - my issue with this is that it would
> hose the package management somewhat. Does anyone have any
> experience with this?

We now have about 100 student machines networked, and a further 25 or
so staff machines, and have been using Debian since 1997.

We use nfs for home directories, and have used it for /usr/local in
the past. We prefer not to use it (apart from home dirs) 
 * it is rather slow over the network (still some 10Mb switches)
 * for the distribution proper, there are the package management
   issues you mentioned
 * at least at first there were not many machines, so it "didn't seem
   too bad" to install on each machine individually.

Most of our machines have to dual boot into Win2000, so some of our
choices are constrained by that.

Our general practice is:
 * setup the first machine the way we want it

 * use Drive Image to broadcast the image around the network. I
   believe there are a number of similar products, although I don't
   know of a linux one.
   Drive Image can be a bit flaky (or maybe we just don't use it often
   enough to understand its quirks), and we often end up re-imaging a
   couple of times before it all goes right. Even so, it is much
   quicker than dealing with each machine individually.

 * We have to sit in front of each machine to boot it the first time
   and run lilo. At this point we also have a script that re-names the
   machine - you could use DHCP instead for this, but for us it would
   interfere with the W2K DHCP server. Once the machine has booted with
   the correct name we generate the ssh identity for each machine. (We
   also change the BIOS to restrict booting from floppy, and set the
   BIOS password at this point.)

 * From then on we use a mixture of cfengine and rsync to deal with
   day-to-day config tweaks. To deal with new package installs, We
   install on one machine, dpkg --get-selections, distribute the
   selections file and then have a script that does dpkg
   --set-selections, followed by the right sequence of apt-get
   commands. We use ssh extensively to "push" commands around the

 * You really want a local mirror or an http proxy cache.

This is not perfect, but it is good enough to be workable for

There are a couple of projects around where people have managed to
automate the installation process to a greater or lesser extent (see
the debian-admintool mailing list), and the growing use of debconf has
improved things considerably. You may also find www.progeny.com of


  Gilbert Laycock                 email:          gtl1@mcs.le.ac.uk
  Maths and Computer Science,     http://www.mcs.le.ac.uk/~glaycock
  University of Leicester         phone:         (+44) 116 252 3902

Reply to: