[nycbug-talk] USENIX Guru Session on SysAdministration
Rick Aliwalas
rick
Thu Jul 1 23:48:22 EDT 2004
On Thu, 1 Jul 2004, Okan Demirmen wrote:
> On Thu 2004.07.01 at 22:36 -0400, Rick Aliwalas wrote:
>
> yea, CVS is great for this type of stuff. but remember that CVS has
> a few cluges, such as try bring in an existing /etc directory under
> CVS control on a running box. if you control the build process,
> then yes, populating those CVS control files by default works in,
> say, jumpstart/jass or any of the other build environment. otherwise,
> it can be a pain.
>
> i've implemented solutions around CVS, such as using CVS on a central
> server then rdist(8)/rsync the config files (push vs pull) - this
> method seems to be how cfengine started out. if one manages a
> significant number of machines, one expects automate from somewhere
> else - and a controlled environment is assumed ;)
>
> it's funny how things come full circle. "back in the day" we used
> to have full systems that did all this, from automated builds,
> monitoring, change control, blah blah blah, but somehow the "desktop
> way" became prevelant and the de-centralization began...and now we
> want it back - and other things come full circle in this industry
> - just watch data center hardware... i most certainly can not say
> i have the authority to say this, but i believe the cheapo x86
> hardware is partly to blame.
I agree. It's also a different game now. No one has a flat network
anymore. Most places have numerous network segments with many devices
in between. Getting updates to machines behind multiple firewalls
in different geographic regions with zero downtime windows. The
infrastructure is just more complicated now...
> at one point, i took OpenBSD's daily/weekly/monthly/security scripts
> and made them work on all our sunos/solaris/linux/*BSD/(and yes,
> windows to a small extent) environments and that helped....more
> work was required to make it great, but i've since moved out of the
> isp business.
Funny - we did something similar. We took the FreeBSD daily script
and modified them for Solaris.
-rick
More information about the talk
mailing list