RE: [gentoo-user] managing servers
> I have most of this done already... I guess what I am really looking for > is package management / security updates and building new machines. I'm sure I'm not dealing with the sizes you are, but I'm running gentoo on a number of my systems at home. To that end I've got a 'gentoo server' that's responsible for a) being the local gentoo rsync mirror (to serve portage updates to the internal client systems w/o hitting the network for each) and b) building packages into binary format (as the client systems are similar architecture, one system builds binaries and the binaries are emerged on the client systems). In this way you'll have a single system doing all of the work of maintaining synchronization with Gentoo and the client systems benefiting from that work. Since my client systems tend to have spare cycles, I've enabled distcc on the internal network so the actual build process is distributed, reducing the actual impact to the server and reducing the package build times. It's actually pretty sweet ;-) -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] managing servers
On Mon, 2005-03-07 at 14:15 -0700, Dan Parrish wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Sean Cook wrote: > | I am looking for a good starting point to learning how to manage groups > | of machines. We have around a dozen or so machines most of them running > | Fedora Core 2. Because of stability issues that I have run into I am > | trying to come up with a migration plan to gentoo. My fear is that > | administration of these machine will quickly get out of hand. > | > | I have heard of ways to more easily manage large numbers of machines and > | am looking for a nudge in the right direction. > | > | thank you. > | > | Regards, > | > | Sean > | > | -- > | gentoo-user@gentoo.org mailing list > | > > Some tips for saving yourself time doing repetitive things: > > 1. Build a centralized loghost. This is pretty easy to do with > syslog-ng. Having all the pertinent logs for all your hosts available > on one machine will save you bunches of time down the road from not > having to log into each machine individually just to check up on it. > > 2. Install logwatch or some other logfile-parsing program. If you miss > something throughout the day, at least logwatch will email you each > night to alert you to some issues and such. > > 3. You also might want to look into setting up hostkey-auth-based > logins between the machines...I'd use one machine as your trusted host, > and set the other machines to only allow ssh from that one machine. > You'll limit the number of open ssh ports on your network to the outside > world, but you also have that single point of failure that can ruin a > weekend if it goes down. Hostkey-auth is more secure than password-auth > in ssh, but if your one trusted host gets exploited, then it's easier > for them to get into your other machines...It's got some plus and some > minus, but I think it's worth it. > > There's my 2cents for now. Good luck. :-) > - -Dan I have most of this done already... I guess what I am really looking for is package management / security updates and building new machines. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] managing servers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sean Cook wrote: | I am looking for a good starting point to learning how to manage groups | of machines. We have around a dozen or so machines most of them running | Fedora Core 2. Because of stability issues that I have run into I am | trying to come up with a migration plan to gentoo. My fear is that | administration of these machine will quickly get out of hand. | | I have heard of ways to more easily manage large numbers of machines and | am looking for a nudge in the right direction. | | thank you. | | Regards, | | Sean | | -- | gentoo-user@gentoo.org mailing list | Some tips for saving yourself time doing repetitive things: 1. Build a centralized loghost. This is pretty easy to do with syslog-ng. Having all the pertinent logs for all your hosts available on one machine will save you bunches of time down the road from not having to log into each machine individually just to check up on it. 2. Install logwatch or some other logfile-parsing program. If you miss something throughout the day, at least logwatch will email you each night to alert you to some issues and such. 3. You also might want to look into setting up hostkey-auth-based logins between the machines...I'd use one machine as your trusted host, and set the other machines to only allow ssh from that one machine. You'll limit the number of open ssh ports on your network to the outside world, but you also have that single point of failure that can ruin a weekend if it goes down. Hostkey-auth is more secure than password-auth in ssh, but if your one trusted host gets exploited, then it's easier for them to get into your other machines...It's got some plus and some minus, but I think it's worth it. There's my 2cents for now. Good luck. :-) - -Dan -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCLMSOnURHNoE9YE4RAocOAJ48DmP+f7fN6iYwcFr7Oj7QUPDHvQCgxw46 J/vNj/VS74lAnyzVWA/I9PI= =srk+ -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] managing servers
On Mon, 2005-03-07 at 14:24 -0500, Sean Cook wrote: > I am looking for a good starting point to learning how to manage groups > of machines. We have around a dozen or so machines most of them running > Fedora Core 2. Because of stability issues that I have run into I am > trying to come up with a migration plan to gentoo. My fear is that > administration of these machine will quickly get out of hand. > > I have heard of ways to more easily manage large numbers of machines and > am looking for a nudge in the right direction. Have a look at OpenAFS; use networking booting using PXE and use the local disk as a cache. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] managing servers
Sean Cook ha scritto: I am looking for a good starting point to learning how to manage groups of machines. We have around a dozen or so machines most of them running Fedora Core 2. Because of stability issues that I have run into I am trying to come up with a migration plan to gentoo. My fear is that administration of these machine will quickly get out of hand. I have heard of ways to more easily manage large numbers of machines and am looking for a nudge in the right direction. thank you. Regards, Sean I can't give you any pointers, but few hints: - Set your CHOST, CFLAGS, CXXFLAGS to match your older box (obviously don't apply if you have different ARCHs). - Set up a centralized rsync mirror, then point all your client using SYNC="rsync://your.internal.server/gentoo-portage" in /etc/make.conf - idem for /usr/portage/distfiles , share it via nfs or similar - you may want or not set up distcc (distribuited compiling), it make things faster, but require maintenaince. - when you finish your first installattion, create a stage4, maybe in the forum it has already discussed, make it with love, make much faster install new box regards -- gentoo-user@gentoo.org mailing list