Hello, I don't qualify for the > 30 machines (as requested in the initial post), but I'm running some root servers at the Hetzner datacenter - enough to have at least some things automated. For installation, I use the image and install script provided by Hetzner (this script does automatic network configuration, partitioning etc.) This script is the fastest way I know to get a running base system, but that's not too hard because it has a very specific usecase. Afterwards, I copy a set of scripts on the fresh server and run them. Those scripts install packages I usually need, patch config files, create mysql users with random passwords, write those passwords to config files etc. Some manual work is left, but most things are covered by my scripts. Am Mittwoch, 11. Juli 2012 schrieb vetter@physik.uni-wuerzburg.de:
To change the configuration on all machines, we usually copy the configuration file(s) to all machines and restart the service. We have scripts using SSH with authorized_keys for that. Problem is, if a machine is not online, it does not get the change and one must remember to change it, when the machine comes back. If there is a better solution, please let me know.
I'm using pull instead of push ;-) This means: I have a repo (good old CVS, git will also work) with one directory per "job". Each directory contains a Makefile - and this Makefile contains the commands to execute. Needless to say this is very flexible - you can do anything in a Makefile, and you can include additional files (for example config files) in the directory that the Makefile can copy somewhere. The advantage of a Makefile over a plain script is that make will abort if one command failed - usually that's better than producing lots of follow-up failures ;-) All files in each directory are md5sum'ed and the md5sum file is GPG- signed with my private key to ensure nobody can inject random stuff. I commit all this (Makefile, additional files, md5sum and GPG signature of md5sum) to CVS. All servers run a cronjob that updates from the CVS, chechs for new jobs and run make in every new or updated directory (jobs successfully done get a "done" file touch'ed in the directory. If this file does not exist or is older than the Makefile, a job directory is considered "new". And finally, I receive a mail whenever a job was run - successfully or not. If someone is interested in the scripts I use for this CVS-based automation, I can publish them. Be warned that the only documentation is in my /dev/brain ;-) BTW: Even with this automation in place, I do more critical things like kernel updates manually. There are too many things that could go wrong (I had a broken menu.lst more than once ;-) and I prefer to see such issues before calling "init 6" ;-) Regards, Christian Boltz --
And not only I but many others owe Larry "a few beers" - but you'll be lucky to get a glass of water :-) . Good. If everyone who owed Greg a few beers for his contributions paid up, he'd be a perma-blittered wreck. [> Basil Chupin and Mike Galbraith in opensuse-factory]
-- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org To contact the owner, email: opensuse-project+owner@opensuse.org