[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Chroot Debian

on Fri, Oct 01, 2004 at 04:45:21PM -0700, Dean Montgomery (agape_logos@hotmail.com) wrote:
> We are currently managing around 50 Terminal Servers, each terminal server 
> is running RedHat.  The terminal servers have been heavily customized and 
> hacked.  Each of the 50 Terminal Servers can have anywhere from 30 to 60 
> thin clients attached.
> We decided to install Debian in a chroot environment on each of these 
> servers in order to minimize disruptions.  We chose debian because it is 
> relatively easy to keep up-to-date.
> What will be the easiest way to keep all 50 Debian Chroot environments 
> up-to-date?

Are you doing chroot _installs_, or actually running the systems live in
chroot mode?  There's  a difference.

Chroot is useful for some stuff because it lets you keep multiple
environments around.  However, the systems are _not_ autonomous, and
share resources, particularly relating to networking process space, and
the like.  It's possible in circumstances to break out of chroot jails.

While I find chroot _installs_ of Debian, as a way of getting the distro
onto a computer, useful, I wouldn't run a production system as a whole
in chroot mode.  Specific services (e.g.:  bind), sure, but that's a
specialized subcase.

Chroots can also be useful for build environments in which resources,
libraries, directory trees, and the rest, need to be arranged a certain
way.  But the system as a whole really isn't used outside of build and
test requirements.

A better solution, if you plan on keeping RH on the systems, would be to
run the Debian installs via UML (user-mode linux), or similar.
> Should we create a base image then copy that image to the remote servers?

A lot of folks "build" new Debian boxes by tarring across an existing
build and tweaking a few files (fstab, hostname, networking).

> Is there a way to set a cron job to auto-update the chroot environments?

    apt-get update && aptitude -dy dist-upgrade

...will update and download packages.  Still better to manually commit
the updates than to run them automatically.

> Is there a way to have one "aptitude" type interface that will interact 
> with all 50 servers simultaniously?

If you've named your hosts appropriately, you can approximate this by
several means.  SSH can do some neat stuff:

    for host in $( seq 50 ); do ssh server-${host} 'run commands'; done

...for example.

Another option would be to create a set of minimal boot environments, or
use something like the LTSP, where you can centrally manage a single
server, and not deal with the desktops at all.

> In other words what will be the easiest and most efficient way to maintain 
> these Debian chroot environments.   I wiould like to try to avoid manually 
> logging in and running aptitude 50 times at each school inorder to 
> install/upgrade packages.

If you schedule things, even desktop-specific updates can be done.
There are tools to assist in this though I'm not personally familiar
with them.  FAI is the grand-daddy, not sure of the others.


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Bush:  All we have to sell is fear itself.

Attachment: signature.asc
Description: Digital signature

Reply to: