SUMMARY: repository for scripts for multiple machines, and multiple users
From: Roetman, Paul (Paul.Roetman_at_dpiterminals.com)
Date: 11/29/05
- Previous message: Dave Martini: "SUMMARY: Initialized my first ldap but can't login"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 29 Nov 2005 16:36:43 -0500 To: <sunmanagers@sunmanagers.org>
Looks like I have a bit of reading to do....before deciding on which
tools to use...
Many thanks to: Anthony D'Atri, Harry Hoffman, Fabio@crearium.com,
Helmut Kreft, jv711@yahoo.com, Paul Greidanus, Dan Lowe, Robert Binz,
Joe Fletcher, Brandon Haberfeld, Stan Pietkiewicz, Lou Germain, David
Foster, Damian Wiest, Rich Teer
Quick summary (in no particular order)
Freeware: subversion, cfengine, rdist, rsync, NFS
Software: Teleogics "Synergy", BMC ControlM, Tivoli Workload Scheduler
Web Sites
subversion: http://www.subversion.org, http://subversion.tigris.org/
cfengine: http://www.cfengine.org/
rdist: www.magnicomp.com
Synergy: www.telelogic.com
Other interesting reading
http://www.onlamp.com/pub/a/onlamp/2005/01/06/svn_homedir.html
One of the great features of cfengine is to store the permissions and
ownership of each file - so if a directory was scrubbed, it could be
easily rebuilt.
Another handy little feature in all of this would be fingerprinting each
file.....and storing the results in subversion.
Cheers
Paul
-----Original Message-----
From: sunmanagers-bounces@sunmanagers.org
[mailto:sunmanagers-bounces@sunmanagers.org] On Behalf Of Roetman, Paul
Sent: Monday, 28 November 2005 10:30 AM
To: sunmanagers@sunmanagers.org
Subject: repository for scripts for multiple machines, and multiple
users
Hi
I have been messing about with shell scripts to maintain a common base
of code for a bunch of different servers, and have never been really
happy with the results. Is there any good software (freeware) out there
that can maintain this?
The core requirements are
1. code master lives on one machine
2. code is stored in CVS (or something similar)
3. can be pushed or pulled from a remote machine as a cron job, or
manually
4. if there is an update in the code master, this will be propagated
to all servers
5. code can be owned by any user, for example some scripts will be
owned by root, other scripts will be owned by oracle
6. Any other suggestions?
.... will summarize
Cheers
Paul
_______________________________________________
Complete replies
============================================
Rdist 6 from www.magnicomp.com. Use openssh as the transport.
============================================
check out cfengine
============================================
subversion can do all that, the rest is knowledge in sysadmon
============================================
What would do your job would be a decent package manager combined with
regular updates from a central server. Such a solution (e.g. RPM+Yum) is
by no means easy to implement but definitely pays in the long run.
A simple solution could use Subversion (http://www.subversion.org):
> The core requirements are
> 1. code master lives on one machine
> 2. code is stored in CVS (or something similar)
Easily achieved with Subversion. Use the Apache modules and you get
strong authentication and privacy.
> 3. can be pushed or pulled from a remote machine as a cron job, or
> manually
Highly granular access control is possible with Subversion. Readonly
access to projects/parts of projects can be implemented. Cronjob/manual
pull will be possible after initial login.
> 4. if there is an update in the code master, this will be propagated
> to all servers
A push scheme could be implemented but might not be worth the trouble.
A cron job might suffice.
> 5. code can be owned by any user, for example some scripts will be
> owned by root, other scripts will be owned by oracle
Subversion handles permissions, binary files and even symlinks without
any problem. Though you would have to roll your own scripts to
distribute files to locations outside the local copy of the subversion
repository and change ownerships/permissions. The script could reside
inside the subversion repository. Thereby changes in code and
installation procedure could easily be distributed to all machines.
Be aware that access to the subversion repository becomes synonymous
with root access on all machines. Take care to secure the repository and
closely monitor changes.
============================================
Subversion has surpassed the functionality of CVS and SCCS, and is used
and loved by many.
checkouts, or propagation/resyncs are one-liners that can be run via
cron. push/pull updates, create another brach for that one-off AIX or
Linux home dir+script collection...
It also has a pretty http browser interface.
Here is one fool who has kept his home directory under (sub)version
control for the past 5 years:
http://www.onlamp.com/pub/a/onlamp/2005/01/06/svn_homedir.html
============================================
I think Subversion should be able to deal with most of this. you can
have it preserve permissions and ownership, it revision controlls
everything, master lives either on one machine with a SVN server, or on
NFS. Cron is easy, just run a svn update.
#4 is a problem.. I don't know how you'd be able to work with having the
commit trigger pushes. Actually, any pushes are a challenge, but you
could have SSH keys setup so that a master server can ssh to the client,
and run the svn update.. or just have it scheduled for every 10 minutes
to check the server and update if necessary.
============================================
I would suggest Subversion
http://subversion.tigris.org/
============================================
Sounds like you are looking for a freeware equivalent to BMC ControlM or
Tivoli Workload Scheduler.
Can't suggest a direct equiv right at this minute but SourceForge may be
a place to start.
============================================
Wow - your requirements sound exactly like what we did for Investec Bank
6 years ago - We implemented a huge unix script library set that is
source controlled and deployed between a Dev and Prod envrionment across
11 servers linked with NFS and direct physical fibre subnets. The
source control package we used and still do - is Teleogic's "Synergy" -
www.telelogic.com - copmletely Unix based although it can run on
Windows. Remote servers read the code live over NFS which I have found
to be extremely reliable and safe. Synergy also allows deployment via
project instances of it's own according without NFS through it's remote
clients so that a remote server can see and deploy the code libraries
without a user actually logging in.
Using a mixture of the /etc/profile file to read a common unix procedure
set for every user that logs in - we have build a fantastic homogenous
framework of script libraries that are uniform between all our servers
and are stricly controlled across the tiers.
I strongly recommend Synergy - it's an awesome package that is
extraordinarly flexible and fully capable of command line interaction
for scripting. The backend of Synergy is the same rcs_archiver as CVS -
just object orientated.
============================================
I've seen a freeware package called cfengine used to do similar
things......
============================================
Seems like a combination of CVS on the server and rsync to do the
distribution would work.
============================================
Are you using Solaris packages? Even if you are, I'd recommend looking
at cfengine.org. It's a freely available (GPL)configuration management
system.
An agent runs on each client machine which checks back periodically with
a master server and ensures that everything on the system matches what's
in the specification for that class of machine; eg. processes that
should be running are running (or are started), those that shouldn't
aren't (or get killed), software packages can be added/removed in order
to match the spec, configuration files can be modified, etc. A close
friend of mine is managing a large, heterogeneous telephony network with
the use of autotools
+ pkgsrc (NetBSD's package system) + cfengine.
============================================
Why don't you just use NFS? Export the directory from the master, and
all others can mount it.
============================================
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Previous message: Dave Martini: "SUMMARY: Initialized my first ldap but can't login"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
