-original message-
Subject: Re: [gentoo-server] Managing multiple servers.
From: kashani <[email protected]>
Date: 2011-05-24 07:40
On 5/23/2011 3:12 PM, la Bigmac wrote:
>> Hello list,
>>
>> Seems to be a few people recently wanting to discuss Gentoo as a server
>> :-) so thought I would pose a question that has been bugging me.
>>
>> What would you guys recommend to manage multiple servers and the package
>> versions?
>>
>> While I have a central emerge server (*rsync)* and sync all of my
>> servers to it I still manually update the packages.
>>
>> Example, openssh how should I be updating openssh on all of my servers
>> other than logging onto each one in turn and running emerge openssh.
>>
>> Should I cron schedule an /emerge/ --/update world /and control the
>> repository of packages or is there a more elegant solution?
>
>I've become a huge Puppet nerd over the last year. I'm not managing
>Gentoo on it, but it's supported and Puppet Labs does seem to fix Gentoo
>bugs in a reasonable time.
>
>First you'll need Ruby 1.8.7 as 1.9.2 support in Ruby isn't quite there
>yet. I'd also run unstable for Puppet and Facter. You're better off
>jumping in at 2.6.x than 0.25.x.
>
>Puppet requires facter which is very cool in it's own right. It's local
>discovery of the OS and those facts about your system can be used in
>templates to make decisions. Here's an example for setting higher
>thresholds on my large machines.
>
><% if processorcount.to_i >= 12 then -%>
>
>and here's an example of a module to make sure sudo is the latest
>version and add a config file for my local sudoers additions.
>
>class sudo {
> package { "sudo": ensure => latest, }
>
> file { "/etc/sudoers.d/my_additions":
> ensure => present,
> owner => root, group => root, mode => 440,
> require => Package["sudo"],
> source => "puppet:///modules/sudo/my_additions",
> }
>}
>
>In order to make this work you'd really need to have modules for each
>package in your world file and set ensure => latest rather than just
>present. However it does make it easy to keep configs, users, settings,
>which packages in sync across machines.
>
>That's Puppet in a very very tiny nutshell. They are some unique
>challenges with using it well with Gentoo, but it would ultimately make
>your system easier to reproduce.
>
>kashani
Interesting...
Now, I've never used Puppet before, so please forgive my apparently ignorant
questions:
1. How does it handle differing USE flags? Or portage/env variables?
2. How does it update the systems it maintains? I mean, like doing compiling
stuffs and such?
3. Does it use SLOTs to enable rollback, just in case?
I'm looking at 8 Gentoo servers -- soon to be 10 -- and I *will* seriously
evaluate *anything* that promises to assist me with managing/maintaining them.
Anecdote time: just last week, I tried deploying a Squid proxy. I don't know
what happened, but I failed doing that on two other distros; one has a buggy
package, and the other just... did not work. It might be my mistake, but I was
pressed for time. So I did a 'stage4' installation of Gentoo, emerged squid...
and it Just Works(tm). Now I'm setting up two more proxies with Gentoo.
(You might've seen my question regarding configure flags back in [gentoo-user].
Yes, that's me building the 2nd proxy.)
Rgds,
--
Pandu E Poluan
~ IT Optimizer ~
Sent from Nokia E72-1
