RE: Debian in Server Farm
> > 1. What is the recommended method to synch config files on
> all "real"
> > servers (Eg. Httpd.conf, horde/imp config files etc?) -
> Have only one
> > server that admins connect to for mods, then rsync any
> changes to the
> > other servers?
>
> I asked a similar question a few months ago and someone
> suggested 'cfengine'. I started using it and, after a bit of
> learning curve, I have probably 30 machines (Debian woody)
> being managed automatically by it. It works great. I think
> the version in woody is old, so I got it from the upstream
> site. Basically you can store configuration files and other
> "actions" on a master server. Then you can cause (through cron, for
> example) each client machine to be updated with current
> config files and other "actions". These files can be scripts,
> so essentially you can do pretty much whatever you want to do.
>
> For example, I have a list of the Debian packages that should
> be present as one of the config files that gets transferred
> to each machine when cfengine runs on the master. There is
> another script that runs on each machine (also controlled by
> cfengine) that sets this new list of packages (dpkg
> --set-selections) and then runs apt-get update/upgrade, etc.
> So to add a package to my machines I just edit the one
> package file on the master and then the clients get update
> either when cfengine runs through cron (once a day for me) or
> you could run it manually at that time if you needed the
> update sooner. It works really well.
Thanks for the info - cfengine looks excellent!
>
> >
> > 2. What about logfiles - We would have all users mail etc on an NFS
> > share - Can you do the same for logfiles?(Or do you get locking
> > issues?)
> > - From a statistical aspect, it would be a pain to have to
> collaborate
> > each "real" servers logfiles, then run analysis. Also from
> a support
> > perspective - How are support personnel supposed to know
> which "real"
> > server a client would actually be connecting to in order to see if
> > they are entering a wrong username/pass etc?
>
> I don't have a lot of experience with this but I would
> configure syslogd to send logging info to a master "log
> server". I think it is clear that which host they came from
> in this configuration.
Agreed.
qmail logs will be my only issue - but I will ask on the qmail list.
Regards,
MB
Reply to: