From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PswPF-0001zA-DF for garchives@archives.gentoo.org; Fri, 25 Feb 2011 12:04:21 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E63B5E05A4 for ; Fri, 25 Feb 2011 12:04:20 +0000 (UTC) Received: from mail1.nippynetworks.com (mail1.nippynetworks.com [91.220.24.129]) by pigeon.gentoo.org (Postfix) with ESMTP id 04574E05A4 for ; Fri, 25 Feb 2011 11:37:37 +0000 (UTC) Received: from localhost (mail1.nippynetworks.com [127.0.0.1]) by mail1.nippynetworks.com (Postfix) with ESMTP id 70712340305; Fri, 25 Feb 2011 11:37:37 +0000 (GMT) X-Virus-Scanned: amavisd-new at nippynetworks.com Received: from mail1.nippynetworks.com ([127.0.0.1]) by localhost (mail1.nippynetworks.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id pQUm9i9dWAZU; Fri, 25 Feb 2011 11:37:37 +0000 (GMT) Received: from Ed-Wildgooses-MacBook-Pro.local (office.nippynetworks.com [212.69.49.94]) (Authenticated sender: edward@wildgooses.com) by mail1.nippynetworks.com (Postfix) with ESMTPSA id 1F5E9340233; Fri, 25 Feb 2011 11:37:37 +0000 (GMT) Message-ID: <4D679480.2000508@wildgooses.com> Date: Fri, 25 Feb 2011 11:37:36 +0000 From: Ed W User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: Matthew Marlowe CC: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] avoiding urgent stabilizations References: <4D501BA4.6040802@gentoo.org> <20110221001106.GB22774@nibiru.local> <4D678390.7050109@wildgooses.com> <201102250308.21246.matt@deploylinux.net> In-Reply-To: <201102250308.21246.matt@deploylinux.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: 7150997fb4d6bcca59efd721bd08ee56 Hi > I'm starting to put together a portage/stable server configuration for a large > number of gentoo VM's that will eventually be hosted on a VMware ESX 4.1U1 > cluster - with the goal of limiting major changes to once/year and otherwise > only applying security/minimum necessary updates. I doubt it will be easy but > I'm doing my best at it :) This sounds very interesting. I haven't yet plugged through your blog, but just to chime in: I maintain a, likely much smaller, number of VMs using linux vservers. The approach here is to almost cut each machine down to a chroot that runs only one (or thereabouts) interesting service. To do this I have found customised portage profiles to be the under-plugged secret since they allow you to basically push a set of packages which should be installed and control "per type of vm" use flags and package keywords (eg I have www-nginx, www-apache, mail, proxy, mysql, ftp, etc profiles). Additionally I have a small overlay of local ebuilds that sit in the same tree Up until now I haven't really made any effort to sync this whole tree across multiple physical machines and it's a bit of an ad-hoc process. Using something like git would probably be perfect The still missing step is configuration management across the machine types, eg I want to upgrade all my "Apache-WWW" class machines and merge in all changes in /etc in a certain way... At the moment I just run dispatch-conf across all machines, but it can be quite boring merging 20 instances of sshd.conf... Seems like Puppet/Chef could be a solution here, but the step up and investment to make it work seems pretty large? It does appear like managing large numbers of virtual machines is one are that gentoo could score very well? Interested to see any chatter on how others solve this problem, or any general advocacy? Probably we should start a new thread though... Regards Ed W