We use rPath for this: http://www.rpath.com
As with Satellite, not free. But an exceptionally powerful tool that lets you build and manage an entire set of appliances (OS + application) and supports nifty things like rollback, migration, and development staging. Paul Krizak 7171 Southwest Pkwy MS B200.3A MTS Systems Engineer Austin, TX 78735 Advanced Micro Devices Desk: (512) 602-8775 Linux/Unix Systems Engineering Cell: (512) 791-0686 Global IT Infrastructure Fax: (512) 602-0468 On 09/21/2011 05:09 PM, Tom Tucker wrote: > My company uses the RedHat Satellite server line to achieve this > functionality. Obviously this tool comes at cost, maybe you could > leverage the SpaceWalk app to provide similar capabilities. We > essentially freeze the latest RHEL x.y version to three different > software channels. The channels we create consist of AppX-Dev, AppX-QA > and AppX-Prod. These frozen channels are updated in a dev, qa and prod > order to support ample testing in each environment. Any new updates to > the core RHEL x.y channel have no impact to our frozen software channels. > > > > On Wed, Sep 21, 2011 at 3:58 PM, Aleksey Tsalolikhin > <atsaloli.t...@gmail.com <mailto:atsaloli.t...@gmail.com>> wrote: > > Situation: public Linux package repositories (for example CentOS) are > constantly getting updated by the distro project (e.g. the CentOS > developers). New versions are added, old versions removed. > > How do you "freeze" a set of packages so that when you run "yum > update" on a Prod server it'll get the same package set as your Test > server did 3 weeks ago? > > Let's say your operating policy is "no patch updates without testing > first in the test environment". Let's say it takes you 3 weeks to > test. Now the source repo has changed (new packages added, old > removed). > > How do you manage that? > > I talked to a colleague who mirrors Ubuntu repo, and he rsyncs off the > local mirror nightly, taking a snapshot of all the packages; and when > we wants to "go back in time" 3 weeks, he just points his end nodes at > the "3 weeks ago" copy. He's got this integrated into his CM setup > (not CFEngine) so he can just say "I want these servers up to date on > patches, and I want them to use repository of date X". > > Does anybody have another solution for this? > > (And another challenge is that the Linux distro project repos > sometimes remove old packages, so going back in time 1 year can be > impossible unless you maintain a local mirror and cache.) > > It'd be cumbersome to keep track of individual package versions, so I > like his method of keeping track of the entire repo by date. > > Does anybody have any other clever solutions for this, or CFEngine > policies or experience to share? > > Yours, > -at > _______________________________________________ > Help-cfengine mailing list > Help-cfengine@cfengine.org <mailto:Help-cfengine@cfengine.org> > https://cfengine.org/mailman/listinfo/help-cfengine > > _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
