Date: Wed, 26 Jan 2000 11:36:13 +0100 (MET) From: Martin Machacek <mm@i.cz> To: freebsd-net@freebsd.org Subject: RE: distributing software updates to boxes on a network Message-ID: <XFMail.000126113613.mm@i.cz> In-Reply-To: <71DA16F18D32D2119A1D0000F8FE9A9402B5A3D2@mbtlipnt01.btlabs.bt.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26-Jan-00 graeme.n.brown@bt.com wrote:
> In the past I have tried doing this
>
> (i) via NFS where master version of S/W is held on an NFS server with
> individulal routers mounting exported directory for the s/w and thus
> all routers can execute same uptodate version of code
>
> OR
>
> (ii) via each router running a PERL script which does an ftp download
> of the s/w from an ftp server and then compiles/runs new version of
> code.
OR
have a master that keeps binaries and configuration for all routers/servers and
uses rsync (preferrably over ssh) to distribute them to target machine. This
scheme of course assumes that target machines have local harddisks. The big
advantage of this scheme is security. Target machines have to trust the master
but the master need not to trust anybody. Every action (with regards to changing
binaries and/or configuration on target machines) is invoked from the master.
Of course the master machine must be properly secured. I'm using this scheme to
manage over 40 servers (DNS/mail servers and firewalls) for one of our
customers. An extra goodie of this setup is that I can reinstall any machine
remotely. I only need somebody to exchange crashed disk for new one and insert
a boot floppy with minimal system (derived from picobsd). I'm working on using
netboot instead of the floppy. So far I'm very happy with this setup.
As usual YMMV :-)
Martin
---
[PGP KeyID F3F409C4]
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.000126113613.mm>