Hey, This list seems to have woken up suddenly again, good news :)
On Tue, May 24, 2011 at 00:12, la Bigmac <[email protected]> wrote: > Seems to be a few people recently wanting to discuss Gentoo as a server :-) > so thought I would pose a question that has been bugging me. > > What would you guys recommend to manage multiple servers and the package > versions? We manage 3000+ servers and use puppet for that, but it is still painful with gentoo at times. Especially the moving portage tree forces us to keep a local frozen version that retains both the ebuilds and the distfiles. That is not so much of a problem, it is the unfreezing that is causing us grief. In addition to puppet and our own frozen portage snapshot+overlay, we use agaffneys install scripting to install servers over the net + a standard tftp + dhcp netbooting setup. > While I have a central emerge server (rsync) and sync all of my servers to > it I still manually update the packages. > > Example, openssh how should I be updating openssh on all of my servers other > than logging onto each one in turn and running emerge openssh. Puppet takes care of that for us and this is a major relief, having useflag support in the puppet gentoo package provider would be nice, but not really necessary. I'd prefer having useflag awareness in binpkgs and the ability to produce different binpkgs for different useflag sets in portage. > Should I cron schedule an emerge --update world and control the repository > of packages or is there a more elegant solution? I've never dared to schedule an emerge --update world on my servers even though I control the repository, I'm just not that confident of my own abilities :) I'm / we are currently working on a new setup for our frozen snapshot + overlay + distfiles mirror. Ideally we're shooting for a setup were we continuously test the system set of packages for compilation and maybe a few functional test-cases (can I ssh into the server comes to mind :) This would allow us to stay closer to $UPSTREAM, in this case gentoo and avoid the large maintenance nightmare we have now. If possible we would possibly be looking to open up the infrastructure as open source and allow others to use it. However that is a future hope, not a promise :) Regards, Ramon van Alteren Senior System Engineer Hyves.nl
