[olug] System management tools

Sean Kelly smkelly at zombie.org
Sat Nov 27 02:44:03 UTC 2004


On Fri, Nov 26, 2004 at 07:57:42PM -0600, Daniel Pfile wrote:
> Hard job. No easy solutions. That's why you have a job.

Yes. However, sometimes having to log into 24+ machines that all run HP-UX
11i just to turn off a nameserver is a bit silly. I am not looking for a
way to automate my job, as I suspect you realize. I'm looking for a tool to
bring sanity and standardization to a currently chaotic and haphazard
environment where each machine is manually tweaked and massaged.


> This is what we were starting to do at work at the start of the new 
> contract (75 server windows shop, but the principles apply) before I 
> moved over to doing oracle development a few weeks ago. Keep in mind we 
> were using hp insight manager to identify what the real configuration 
> of the system is. You may want to look into what's available on linux 
> for that.

Currently we have far more PA-RISCs running HP-UX 11/11i than Linux.
However, that is slowly changing and I expect it to change mroe as time
passes. There might be an influx of Opterons in the future.

> The second part is a baseline. Identify what each server should be and 
> replicate it as close as possible. "This is an MTA, it runs OS ver Y, 
> MTA ver X with XX patch levels."

This is the hardest part, I reckon. We currently don't have this. As I said
above, each machine is babied and configured to meet the specifications of
whtaever it is doing. We have several Oracle machines, and some of them
aren't even configured the same. This will have to be addressed, and this
will not be a fun part of the project.

> For changing the systems, cfengine is good, CVS is also good. Try to 
> keep your config files in version control. You can identify exactly 
> what change was made when. Good stuff. Learn to script. Script 

I would assert that one should ALWAYS keep configuration files in versoin
control. This is especially true for centralized configuration files such
as the ones used by/with cfengine. There is no reason not to use version
control here, since all the files are in one place and it is very easy.

While I am a big fan of CVS and have used it quite heavily with The FreeBSD
Project and my personal work, I have lately started to prefer Subversion
due to its ability to track renaming and so forth. I have a few projects
using it now instead of CVS.

Anyway, the point of my initial inquiry was to ask if anybody out there is
using cfengine or anything like it. I am quite familiar with all of the
other points you covered, and agree that they are very important for system
administration work.

You made mention of cfengine, so is it safe to assume that you or your
company is using it? Did you look into anything else? My goal is to find
the best cfengine-like tool out there that works with:
 * Solaris (8, 9, 10)
 * Linux (RHEL AS 3, RHEL ES 3, various other distributions)
 * HP-UX (10.20, 11.0, 11.11)
 * FreeBSD (4.x, 5.x)

-- 
Sean Kelly         | PGP KeyID: D2E5E296
smkelly at zombie.org | http://www.zombie.org



More information about the OLUG mailing list