Jonas Smedegaard wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cosimo Alfarano wrote:
| This very issue will be discussed here at the DebConf, hopefully :) | I hope here (in PoA) there is some guys able to explain why cfengine, or why | config4gnu or whatever.
I can speak about "why cfengine" if you haven't discussed it already.
maybe we should have a "managed configuration BoF" if there isn't one. Back @ home, and following the philosophy best described by Steve Traugott (http://infrastructures.org/) we are working on managing servers & workstations from a central server that holds:
- package repository
- svn or cvs repository for /etc which controls - cfengine - a makefile for one-time, ordered actions, isconf-style
along the way, we've tried many things, including
- push (discarded in favour of pull models -- yet we keep some push ability for emergencies)
- managing a 'master' image, and distributing changes via rsync (phasing out because it isn't atomic, and a truncated rsync can leave a machine in a broken state such that it won't heal itself)
- after going through several transport solutions, svn or cvs over ssh is current choice (afaik), over cfenfgine's own transport. We also use https for package distribution.
- due to the pull model, we are also looking into integrating a 'report back' trigger, so the config server hears back from clients when they succeed in the operation. this will allow us to provide a 'status panel' and eventually trigger warnings if a critical update hasn't reached 100% of clients.
Steve Wray ([EMAIL PROTECTED]) back @ in NZ is really interested in this, too.
cheers,
m -- -- Martin Langhoff |||| http://nzl.com.ar/
