From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QOmdr-0003Ct-Qx for garchives@archives.gentoo.org; Tue, 24 May 2011 08:07:04 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 78C1A1C417 for ; Tue, 24 May 2011 08:07:02 +0000 (UTC) Received: from mail-vw0-f53.google.com (mail-vw0-f53.google.com [209.85.212.53]) by pigeon.gentoo.org (Postfix) with ESMTP id EAF7E1C3F6 for ; Tue, 24 May 2011 07:38:15 +0000 (UTC) Received: by vws13 with SMTP id 13so5811294vws.40 for ; Tue, 24 May 2011 00:38:15 -0700 (PDT) Received: by 10.52.183.164 with SMTP id en4mr2171114vdc.108.1306222695097; Tue, 24 May 2011 00:38:15 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@lists.gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 Received: by 10.52.158.163 with HTTP; Tue, 24 May 2011 00:37:55 -0700 (PDT) X-Originating-IP: [94.100.112.225] In-Reply-To: References: From: Ramon van Alteren Date: Tue, 24 May 2011 09:37:55 +0200 Message-ID: Subject: Re: [gentoo-server] Managing multiple servers. To: gentoo-server@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: 7c3b0c8af1d5f34e802375c29de4b421 Hey, This list seems to have woken up suddenly again, good news :) On Tue, May 24, 2011 at 00:12, la Bigmac wrote: > Seems to be a few people recently wanting to discuss Gentoo as a server := -) > so thought I would pose a question that has been bugging me. > > What would you guys recommend to manage multiple servers and the package > versions? We manage 3000+ servers and use puppet for that, but it is still painful with gentoo at times. Especially the moving portage tree forces us to keep a local frozen version that retains both the ebuilds and the distfiles. That is not so much of a problem, it is the unfreezing that is causing us grief. In addition to puppet and our own frozen portage snapshot+overlay, we use agaffneys install scripting to install servers over the net + a standard tftp + dhcp netbooting setup. > While I have a central emerge server (rsync) and sync all of my servers t= o > it I still manually update the packages. > > Example, openssh how should I be updating openssh on all of my servers ot= her > than logging onto each one in turn and running emerge openssh. Puppet takes care of that for us and this is a major relief, having useflag support in the puppet gentoo package provider would be nice, but not really necessary. I'd prefer having useflag awareness in binpkgs and the ability to produce different binpkgs for different useflag sets in portage. > Should I cron schedule an emerge --update world=C2=A0 and control the rep= ository > of packages or is there a more elegant solution? I've never dared to schedule an emerge --update world on my servers even though I control the repository, I'm just not that confident of my own abilities :) I'm / we are currently working on a new setup for our frozen snapshot + overlay + distfiles mirror. Ideally we're shooting for a setup were we continuously test the system set of packages for compilation and maybe a few functional test-cases (can I ssh into the server comes to mind :) This would allow us to stay closer to $UPSTREAM, in this case gentoo and avoid the large maintenance nightmare we have now. If possible we would possibly be looking to open up the infrastructure as open source and allow others to use it. However that is a future hope, not a promise :) Regards, Ramon van Alteren Senior System Engineer Hyves.nl