RE: [gentoo-server] Managing multiple servers.

[Pandu Poluan <pandu@poluan.info>]

-original message-
Subject: Re: [gentoo-server] Managing multiple servers.
From: kashani <kashani-list@badapple.net>
Date: 2011-05-24 07:40

On 5/23/2011 3:12 PM, la Bigmac wrote:
>> Hello list,
>>
>> Seems to be a few people recently wanting to discuss Gentoo as a server
>> :-) so thought I would pose a question that has been bugging me.
>>
>> What would you guys recommend to manage multiple servers and the package
>> versions?
>>
>> While I have a central emerge server (*rsync)* and sync all of my
>> servers to it I still manually update the packages.
>>
>> Example, openssh how should I be updating openssh on all of my servers
>> other than logging onto each one in turn and running emerge openssh.
>>
>> Should I cron schedule an /emerge/ --/update world /and control the
>> repository of packages or is there a more elegant solution?
>
>I've become a huge Puppet nerd over the last year. I'm not managing 
>Gentoo on it, but it's supported and Puppet Labs does seem to fix Gentoo 
>bugs in a reasonable time.
>
>First you'll need Ruby 1.8.7 as 1.9.2 support in Ruby isn't quite there 
>yet. I'd also run unstable for Puppet and Facter. You're better off 
>jumping in at 2.6.x than 0.25.x.
>
>Puppet requires facter which is very cool in it's own right. It's local 
>discovery of the OS and those facts about your system can be used in 
>templates to make decisions. Here's an example for setting higher 
>thresholds on my large machines.
>
><% if processorcount.to_i >= 12 then -%>
>
>and here's an example of a module to make sure sudo is the latest 
>version and add a config file for my local sudoers additions.
>
>class sudo {
>   package { "sudo": ensure => latest, }
>
>   file { "/etc/sudoers.d/my_additions":
>     ensure  => present,
>     owner   => root, group => root, mode => 440,
>     require => Package["sudo"],
>     source  => "puppet:///modules/sudo/my_additions",
>   }
>}
>
>In order to make this work you'd really need to have modules for each 
>package in your world file and set ensure => latest rather than just 
>present. However it does make it easy to keep configs, users, settings, 
>which packages in sync across machines.
>
>That's Puppet in a very very tiny nutshell. They are some unique 
>challenges with using it well with Gentoo, but it would ultimately make 
>your system easier to reproduce.
>
>kashani

Interesting...

Now, I've never used Puppet before, so please forgive my apparently ignorant questions:

1. How does it handle differing USE flags? Or portage/env variables?

2. How does it update the systems it maintains? I mean, like doing compiling stuffs and such?

3. Does it use SLOTs to enable rollback, just in case?

I'm looking at 8 Gentoo servers -- soon to be 10 -- and I *will* seriously evaluate *anything* that promises to assist me with managing/maintaining them.

Anecdote time: just last week, I tried deploying a Squid proxy. I don't know what happened, but I failed doing that on two other distros; one has a buggy package, and the other just... did not work. It might be my mistake, but I was pressed for time. So I did a 'stage4' installation of Gentoo, emerged squid... and it Just Works(tm). Now I'm setting up two more proxies with Gentoo.

(You might've seen my question regarding configure flags back in [gentoo-user]. Yes, that's me building the 2nd proxy.)

Rgds,
--
Pandu E Poluan
~ IT Optimizer ~

Sent from Nokia E72-1