From owner-freebsd-pkg@FreeBSD.ORG Mon Sep 23 14:59:06 2013 Return-Path: Delivered-To: freebsd-pkg@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7B96CE61 for ; Mon, 23 Sep 2013 14:59:06 +0000 (UTC) (envelope-from bsd-src@helfman.org) Received: from mail-pb0-f42.google.com (mail-pb0-f42.google.com [209.85.160.42]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 51EE4234A for ; Mon, 23 Sep 2013 14:59:06 +0000 (UTC) Received: by mail-pb0-f42.google.com with SMTP id un15so3330167pbc.1 for ; Mon, 23 Sep 2013 07:59:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=pqDLD9v/SzPOGTAHv+bdCjjs7EaBjCUQJFTZP+o5BGs=; b=AIm0PkpoPGqg7JO5cynSVi6gyNJe3/fgt3WhLiY0iy3mi8xex7uxsCtMGoGUEISlhO wUyjP8N6nC4rTVFuSiaK1uHMV61Fl3KTM85MUjFSe9HxyfAB3v4/w4l2qkVfOitQfppJ IK5alILWZe6KOfLdPy+znHnNK+SbF0AuBeqCcbSDrjqCKmL+zbhwI84EeY4eK4EbIS96 79o46aSn07o/IYlfX+pvwOX0lOyFXEuX7w/XqaJKA7rMjTfrbx7PMjiCSS5zyCF4PPRA NeuXACzfTjS54/1lzYi7g1LOMgj8ioAGwivA8a630m2vn0T04VCIlRgiUSkPTnTClOCF Nyvg== X-Gm-Message-State: ALoCoQmEmrVZCRfBzvd7YpdwjvL1Jtur3Q0GkXqsTdTXzxKN7Sv6ShW0S06neN/FhqVqaLkkNTCS MIME-Version: 1.0 X-Received: by 10.66.139.166 with SMTP id qz6mr25598545pab.88.1379948337689; Mon, 23 Sep 2013 07:58:57 -0700 (PDT) Sender: bsd-src@helfman.org Received: by 10.70.100.165 with HTTP; Mon, 23 Sep 2013 07:58:57 -0700 (PDT) In-Reply-To: References: <523B9CAF.5060002@gmail.com> Date: Mon, 23 Sep 2013 07:58:57 -0700 X-Google-Sender-Auth: CpPVSUFUl3UUNoET5YFDdoQ9VB0 Message-ID: Subject: Re: pkg integration spacewalk question From: Jason Helfman To: Jason Helfman Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-pkg@freebsd.org, Jason Unovitch X-BeenThere: freebsd-pkg@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Binary package management and package tools discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Sep 2013 14:59:06 -0000 On Thu, Sep 19, 2013 at 10:51 PM, Jason Helfman wrote: > On Thu, Sep 19, 2013 at 5:54 PM, Jason Unovitch wrote: > >> Hi Jason, >> Some of the functionality looks similar to what is in Puppet. I've been >> working on finalizing a "how to" running Puppet open source with its >> Dashboard on an Nginx/Ruby on Rails/MariaDB back-end. Unfortunately I >> haven't tried any FreeBSD clients yet and only have experience with Linux >> clients talking to the Puppet on a FreeBSD server. If the pkg integration >> works as well as integration with the Linux package mangers, declaring >> having the latest versions of packages would be enough to ensure everything >> got updated. With a private pkg repo that gets vetted and updated when >> security issues come up I could see this working rather well for ensuring >> tight configuration control. Once I get around to testing some FreeBSD >> clients I'll see how well pkg integration works out. >> >> If Puppet doesn't work for you, other options to look into are Cfengine, >> Chef, and Salt. I've just stuck with the first tool for the job that I >> tried as it worked well. I'd be more than happy to point you to the how to >> guide when I'm done as I'm planning on putting it up on the forums for >> anybody who can benefit from it. >> >> Cheers, >> Jason Unovitch >> > > Hi Jason. > > I've run puppet for years, but have never run the 'dashboard,' however I > have run it recently taking advantage of 'pkg' repositories. This is a > different request, though. This is on-demand. So I check a group of > servers. I can work with that group of servers, and proactively see how > many packages are out-of-date. I can then select those servers, and upgrade > packages of those specific systems. > > I believe part of this can be done in 'puppet,' but puppet is very good at > configuration management, and trigger based actions. I have not found any > part of puppet that shows it is a good tool for patch management, or > massive pkg deployment/upgrades. > > I may have missed where you can do this efficiently with puppet. However, > I would be happy to discover this, as well :) > > I've worked slightly with the others you had mentioned, but still am > unsure if they are as what I described what I am looking for. > > Nonetheless, I look forward to reading your forum post. > > -jgh > > With a bit more investigation, it seems that the Puppet Enterprise Edition, which is non-free, seems it would be a good fit and has what I was looking for. It would just be a matter of making sure the pkg piece works with it. I would assume it does, as I've had that working on the standard edition. Thanks for your ideas, and I appreciate your time. -jgh -- Jason Helfman | FreeBSD Committer jgh@FreeBSD.org | http://people.freebsd.org/~jgh | The Power to Serve