I've used ansible with some success on AIX. Because it's relatively simply, you just need python installed (which ansible can do for you), and then it's just plain old SSH. In that way, it's pretty flexible. The downside is that you'll find a lot of the AIX eccentricities (md5sum doesn't work exactly the same from version to version,etc) and you'll need to work through that. As with everything AIX - it's a dying OS, so your options for community support will be limited. There's lots and lots of community support for the various versions of RHEL (centos,fedora,etc). You'll end up having to split a lot of your tasks for whatever OS you're looking at. For example - you might install something with yum or apt in *nix, and that would handle prereqs and you'll need to craft an installp or rpm command line for AIX.
Aside from the low technical overhead, I really enjoy the shallow learning curve that comes with Ansible. I had a simple playbook working in under an hour, which is not something I could say for puppet. As to making things pretty, there's a commercial option (Ansible Tower) that I can't speak to -- or you can just roll your own. Dumping system config info into a database isn't terribly difficult - and I've found that there's usually at least one person who is in or near management who is willing to work with you as both an adviser and as a guinea pig in exchange for putting their name on the project. II hope this helps. On 6 October 2015 at 10:14, Steve Potter <s...@unixsa.net> wrote: > Oh, great and powerful big brain, > I've recently started a new contract position where I've been asked to > help modernize the Unix engineering teams practices. This environment has > grown primarily by acquisition and is pretty much 10 years behind the > times. It's a mixed AIX (static, 150 workloads) and RedHat (strategic, > growing, about 350 workloads) environment. > > They still think of themselves as a mom and pop shop, everything is done > by hand and lots of one off scripts, even account management is handled > locally on the servers. They are making some strides from an operational > standing, they have Zabbix for their primary monitoring, Tripwire > Professional is being installed for security on regulatory systems, Splunk > had recently been purchased for centralized logging and management, and > they are deciding on an AD bridge solution (Dell or Centrify, although they > are leaning towards Dell). Management has suddenly gotten dashboard happy > and want to be able to easily see what servers are company with regulations > (SOX, PCI) best practices and/or internal standards, which have been > patched recently, etc. > > The two places they still need the most help are provisioning and > configuration management. They have no real tools or standards in place. > They've got NIM and Satellite 5 setup, but more often than not, they clone > an existing system and then reconfigure it by hand. My main focus is CM for > both, then provisioning for Linux since AIX is pretty static. I was > initially looking at using Puppet, then started looking to add either Razor > or Foreman for provisioning. At Ohio Linux Fest this weekend, I learned > that Satellite 6 is Foreman, Puppet, and Katello. > > However, as I started digging a little deeper, I realized that AIX is only > supported with Puppet Enterprise, which is not integrated and compatible > with Satellite. I could switch the design to PE, buy since they already pay > for Satellite, it seems wasteful. I know Foreman/S6 can plug in other tools > like chef or ansible, so that might be a way to go instead. > > What do others do in this kind of mixed environment? > -spp > > Sent from my iPad > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > -- ---------------------------- Regards, Michael Shulman michael.shul...@gmail.com Never attribute to malice that which can be adequately explained by stupidity.
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
