On Wed, Nov 14, 2007 at 07:45:06PM +1100, Mikel Lindsaar wrote:
> 1) Create images or post install diffs so that if I need to add a
> blade to expand, I put it in, connect via the console, install via
> PXE and then download the diff - I know you can do this wth the
> post install scrips in OpenBSD's install script, but any real
> world use of this, things to avoid or good things to do?
cfengine[0] (which we use at work to manage ~500 Linux machines) or
radmind (which I use at home to manage my OpenBSD servers,
workstations and laptops).
There are at least two schools of thought on how one should manage >
1 machine. cfengine is the most popular convergent tool, where you
specify an ideal state using a declarative language and the clients
iterate towards that state. radmind is the most useful congruent
tool, where you specify (or directly imply) the exact sequence of
operations that each client must perform to reach an ideal state.
I've used both approaches for years, and I greatly prefer radmind
both for its simple design and the implicit guarantees of
congruence. See below for references on each:
http://www.cfengine.org/papers.html
http://www.infrastructures.org/papers/turing/turing.html
> 2) Keeping 10 - 20 copies of OpenBSD up to the latest patch levels
> without having to do more than trial on one (for each type) and
> then for the rest type something as trivial as "/bin/sh -x
> update.sh" rotating through the servers and testing as you go? I
> can see myself spending two days a month otherwise doing upgrades
> on all the servers.
Same as above.
> 3) Guides on how to manage the logs of this many servers. Any
> experiences with splunk on this sort of environment, other
> options?
Log centrally using syslog; syslog-ng is a well-used central log
server.
[0] http://www.cfengine.org/
[1] http://rsug.itd.umich.edu/software/radmind/
--
o--------------------------{ Will Maier }--------------------------o
| web:.......http://www.lfod.us/ | [EMAIL PROTECTED] |
*------------------[ BSD Unix: Live Free or Die ]------------------*
