[nycbug-talk] jails: puppet vs. cfengine
spork at bway.net
Sun Sep 12 22:14:30 EDT 2010
On Sat, 11 Sep 2010, Francisco Reyes wrote:
> Edward Capriolo writes:
>> Interesting topic. To be clear, you do not want to run puppet/cfengine
>> inside the jail? That is probably the preferred way.
> Waiting on Charles to clarify... but I would think that running it from the
> jail is the right way, specially since he mentioned portability as a concern.
> That way if a jail is moved it will get the puppet/cfengine bits moved with
I've sort of mashed two questions into one. For files inside the jail,
running cfengine/puppet inside it makes sense. But the other part of the
question is on the host hosting the jails, can either of these tools
handle configuring the jail and see it as something of an "entity" that
can be moved amongst hosts. There is some overlap where it would be
helpful if the two environments could be tied together - for example
changing the IP of the jail involves changes on the host (interface,
firewall) as well as the jail (any config files that reference that IP).
I might be overestimating what these tools can do, I was running with the
assumption that either of them can do things like tie together interface
aliases and instances of that IP occurring in config files...
More information about the talk