* Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 18:59]: > Hi > > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>: > > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 15:51]: > > > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>: > > > > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 14:18]: > > > > > Didn't know it is exactly the same as options. I found it in > > > > > flashboot. I'll look more in to other flashboot customisations. Thanks > > > > > for pointing this out. > > > > > > > > flash boot and teh like are obsolete ways to complicate your life. > > > > > > Let me disagree with you. > > > Actually it's fantastic to have one system image which you can deploy > > > on dozen of firewalls remotely. > > > > > > Upgrade procedure from 4.1 to 4.2 ? > > > > scp bsd [EMAIL PROTECTED]:/ > > > ssh [EMAIL PROTECTED] "reboot" > > > > > > Total downtime = reboot time. > > > > in-place updates are trivial enough to be scripted if you can make a > > few assumptions for your environment. > > Really ? More trivial script than something like this ?
more trivial? who gives a f***? I said trivial enough. if you add the time it takes you to bake your kernel, I am probably already at the 5th beer after beeing done. > Imagine you have a customer. This customer has 18 carp'ed firewalls. > You have to upgrade them. Boxes are in 3 different towns each town > 100km far from you. You have only ssh access and no remote console. > > How can you remotely upgrade a box ? (without using bsd.rd) How long > will it take ? how? read the upgrade-minifaq, it is in there. i have it scripted. i manage way over a hundred openbsd machines, many remote, and the "local" ones I don't touch either (i. e. i treat them like they were remote). it takes me about 2 minutes per reasonably fast machine. > Really, in this kind of setups I don't think bsd.rd is something evil. well, I am absolutely certain it is evil in that scenario. > > my update downtime is no more than that reboot, no matter what machine, > > flash or not. > Update or upgrade ? 4.1 to 4.2 is not an update? > Remotely ? of course > > > Also, everything is on ramdisk so stupid users or power outages > > > doesn't concern you. Routers reboot and work unattended. > > boohoo. > > /tmp /var /dev in mfs w/ the last two prepopulated from flash and the > > rest mounted readonly, same thing. > Been there, done that. I've started with flashdist. Now IMVHO I use > something easier maintainable. i have nothing extra to maintain like you have. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
