Hi Lezz, Another approach is to maintain your own repos by freezing them over time, e.g. monthly pull the latest packages for your repos and put them as your frozen repo, provide these frozen repos through puppet and once you have validated all the updates in the frozen repos you can relase those to all your servers.
Roll back is harder to maintain so you better make sure the updates in the frozen repo works before pushing into production. You don't have to list each package in puppet but only those that you use/need and you can set them to be "latest" this way the control relies on your repository. Thanks. On Wed, Sep 22, 2010 at 7:26 AM, Rob McBroom <mailingli...@skurfer.com>wrote: > On Sep 22, 2010, at 8:06 AM, Leslie Giles wrote: > > We have an engineering environment of around 200 Centos servers, plus a > production environment of roughly the same size. Currently, when we roll out > a new server, we do a 'yum update' so the new server has the latest > packages; however this means that just about every server has a different > set of package versions - a system rolled out today will have different > versions from one rolled out last month, and that will have different > versions from one rolled out last year. > > This has bitten me in the past, where a feature developed on a recent > system failed to run on an older server, so I'm looking for a solution. I am > in the middle of rolling out Puppet, and we have private mirrors of the yum > repos, so a solution could build on these. > > > My understanding is that RHEL (and CentOS by extension) won't add or remove > any features within a major release. I have a similar situation with ~100 > RHEL5 systems all at different versions of various RPMs and I've never had a > problem with anything I'm doing in Puppet. > > The only thing that's ever caused problems for me was when Puppet and/or > Augeas were updated in EPEL and a new system got the newer version before > the rest of the environment was really set up for it. If you've got all > these packages in a local repo (which is what I *should* be doing), you > won't have to worry about that. > > -- > Rob McBroom > <http://www.skurfer.com/> > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- Tony http://blog.tonyskapunk.net -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
