On Wed, Apr 30, 2014 at 10:15:43AM +0100, Karl E. Jorgensen wrote: > Hi > > Consider this scenario: > > - 1000+ servers (lenny, squeeze and wheezy) at varying degrees of > up-to-datedness with respect to security updates and general bug > fixes. > > - Demand for getting servers up-to-date. (They heard of heartbleed, > but chose to ignore all my previous notifications of security > problems. Go figure) > > - Risk-adverse non-technical upper management (spreadsheet mania) > > - Every update must be vetted and tested out first on development > servers, then QA servers, staging servers and live servers. No > exceptions. > > My current line manager knows only RedHat, and thus wants > "spacewalk". (Because this is he used before. In a "proper > enterprise". And Thus proper enterprises use spacewalk). > > Spacewalk looks sort of nice, but not quite the Debian way of > doing things. > > And I cannot imagine that I am the first person with this problem... > > How have others solved this? > > My main concern here is the security updates and point releases: I'm > pushing for getting all the servers upgraded to wheezy anyway, and as > part of the upgrade they'll pick up any pending (at that point in > time) security updates. > > -- > Karl E. Jorgensen > >
There are a number of configuration management packages available. A nice comparison is available on wikipedia: http://en.wikipedia.org/wiki/Comparison_of_open_source_configuration_management_software May I suggest Puppet. I think it is mature and has a active community around it. -H -- Henning Follmann | [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
