From owner-freebsd-stable@FreeBSD.ORG Thu Feb 5 18:14:11 2015 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8CE331B6 for ; Thu, 5 Feb 2015 18:14:11 +0000 (UTC) Received: from mx2.shrew.net (mx2.shrew.net [38.97.5.132]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 41706306 for ; Thu, 5 Feb 2015 18:14:11 +0000 (UTC) Received: from mail.shrew.net (mail.shrew.prv [10.24.10.20]) by mx2.shrew.net (8.14.7/8.14.7) with ESMTP id t15HrbUq056358 for ; Thu, 5 Feb 2015 11:53:37 -0600 (CST) (envelope-from mgrooms@shrew.net) Received: from [10.16.48.252] (67-198-50-4.static.grandenetworks.net [67.198.50.4]) by mail.shrew.net (Postfix) with ESMTPSA id B596F187E8C for ; Thu, 5 Feb 2015 11:53:26 -0600 (CST) Message-ID: <54D3AE68.6040003@shrew.net> Date: Thu, 05 Feb 2015 11:54:48 -0600 From: Matthew Grooms User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: push a few config files to dozen or so servers References: <20150205130234.3fcbabfb@efreet.mimar.rs> <54D37932.7010808@madpilot.net> <20150205154743.GO88387@mail0.byshenk.net> <3552828A-536D-41AB-B56D-F47AA4164A79@gromit.dlib.vt.edu> In-Reply-To: <3552828A-536D-41AB-B56D-F47AA4164A79@gromit.dlib.vt.edu> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (mx2.shrew.net [10.24.10.11]); Thu, 05 Feb 2015 11:53:37 -0600 (CST) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2015 18:14:11 -0000 On 2/5/2015 11:27 AM, Paul Mather wrote: > On Feb 5, 2015, at 10:47 AM, Greg Byshenk wrote: > >> On Thu, Feb 05, 2015 at 03:07:46PM +0100, Guido Falsi wrote: >>> On 02/05/15 13:20, Ronald Klop wrote: >>>> On Thu, 05 Feb 2015 13:02:34 +0100, Marko Cupa?? >>>>> thanks to virtualization, my fleet of FreeBSD hosts have grown to more >>>>> than dozen, and it still grows. There are some files that need to be >>>>> identical on all of them (aliases, sudoers, root crontab, pkg repo >>>>> files etc.). >>>>> >>>>> I was looking at puppet and cfengine but learning and implementing those >>>>> seem like an overkill for my purpose. >>>>> >>>>> Are there any other elegant solutions which can help me achieve my goal? >>>> Cron and rsync. >>>> Or create a pkg which you install on all servers. >>> He could also use an VCS system (subversion, git, fossil, whatever) and >>> some scripts. >>> >>> This adds the advantage of having history. >> If it's really limited, you should be able to wrap svn/git >> and scp/rsync in python/bash/ and have >> something that works. >> >> >>>> Just some quick ideas. In the end you just want to use something like >>>> puppet. :-) >>> I Agree, in the end that kind of solution is definitely more robust. >> But, agreeing here, as well, there are some real advantages >> in ensuring consistency, etc. with something like puppet. >> >> And a basic, minimalist puppet is pretty basic and minimal. >> Puppet can get very complex, but that comes from managing >> complex environments. > > I'm familiar with Puppet and agree with your observations above. One > thing that concerns me with Puppet, though, is that Puppet is not > considered as a Tier 1 platform by Puppet Labs and so FreeBSD support > is inconsistent. With the current emphasis on modules and the Puppet > Forge, the focus on the RedHat and Debian OS families in many modules > makes it harder for FreeBSD users to use Puppet without reinventing the > wheel. Unfortunately, with Puppet, a lot of the "magic" happens under > the covers in these modules, via Types and Providers, and if they don't > support FreeBSD then they're not much use. (This is another way of > saying, "Puppet works great when it works.":) I know this is a > manifestation of the general "Linuxism" of *nix, so I know I'm swimming > against the tide in a sense in hoping for better support. :-) > > However, I don't get a sense of the vibrancy of the community around > FreeBSD and Puppet. Is it thriving? (Because Puppet abstracts away > the OS from a sysadmin point of view, people might argue, "why run > FreeBSD if you're using Puppet?") Also, Puppet seems to have evolved > rather than being the product of a clean, simple design. (Maybe this > is endemic to any Ruby-based project.:) The orchestration (e.g., > Marionette Collective) seems a bit bolted-on to me. > > Despite all that, there is still lots and lots to recommend Puppet. > However, if there's another configuration management framework that is > more "FreeBSD-friendly," then it would be good to know of that. With > large-scale system installations becoming more and more prevalent, so > too does the importance of configuration management and orchestration > systems. I've been looking at Salt recently, which I've heard is > supposed to be quite "FreeBSD-friendly." Does anyone know of any > others that have a great FreeBSD community and support behind them? > > Cheers, > > Paul. Have a look at saltstack. It's easier to setup/deploy, does centralized config management & orchestration in one tool ( like puppet + mcollective ), scales ridiculously well and is more platform agnostic ... http://saltstack.com/community/ http://www.freshports.org/sysutils/py-salt/ -Matthew