From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-151324-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 4BCFA1381F3
	for <garchives@archives.gentoo.org>; Wed,  2 Oct 2013 18:55:02 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id C0243E08A6;
	Wed,  2 Oct 2013 18:54:57 +0000 (UTC)
Received: from mail-qe0-f41.google.com (mail-qe0-f41.google.com [209.85.128.41])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id AF2DEE0932
	for <gentoo-user@lists.gentoo.org>; Wed,  2 Oct 2013 18:54:56 +0000 (UTC)
Received: by mail-qe0-f41.google.com with SMTP id 1so917271qee.28
        for <gentoo-user@lists.gentoo.org>; Wed, 02 Oct 2013 11:54:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=VJ9QUz/6NsjzpnC+b5dwyxKv8c5KiOe95niJY33pUgU=;
        b=lI+EXJvvUwzqLYQV8zH4KQyg+EpXpaNVkCjfl7B0DCEBdOz6LQUwa8e7AYPNRyMClJ
         XFs94xPRvcW2a5caxYqMkeqjKPb9HCBeH/9r7olK8wPO4aUyalYlwr1bgFuiPcwTLFKt
         zOY5fRH5fYYOY4YUtSWgLyVQcdSUVQEtVOypzLYjoQ8j/SYqnmkB04iQLjosYZerM4aI
         X9VEoM0f2HENq0l5SXT1LhMSIYlh5U4IblDtuvFbl9Uom0QXdUT+1MMl96IVTiu5FksM
         qIG5D5iotJXylakPixKS7PJBLaHykl3g/BNt6b8OUI9ygCXSBa8YgBDroK7s6qhpwAWx
         ju3Q==
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
X-Received: by 10.224.24.201 with SMTP id w9mr3902485qab.103.1380740095937;
 Wed, 02 Oct 2013 11:54:55 -0700 (PDT)
Received: by 10.140.25.83 with HTTP; Wed, 2 Oct 2013 11:54:55 -0700 (PDT)
In-Reply-To: <524A699E.6080006@gmail.com>
References: <CAN0CFw0w73Np4Xn83xCm1eFghQBmu2cWoTkekL33Uihzyxiy8g@mail.gmail.com>
	<524358B0.1060000@gmail.com>
	<CAN0CFw2gC__sR9Mg1Y8kue4qZxKUZTjccOVrcE0Tqd6XBjwQRw@mail.gmail.com>
	<52449C1A.5000306@gmail.com>
	<CAN0CFw1JTGPt7B5DEHsX=20jbEU9E0urL2VaveGon9jA0q1G-g@mail.gmail.com>
	<5245E03A.2020605@gmail.com>
	<CAN0CFw1O-emn6qg3fdC7iDLsfM5oTn9p_ny95HEyUO-qtFHDaQ@mail.gmail.com>
	<52489438.3090405@gmail.com>
	<CAN0CFw0hw6jNZL0S+PBLN3D9EJdz0dFmSW_Xq2Kgr_FwyEA=aQ@mail.gmail.com>
	<5249D186.8050808@gmail.com>
	<CAN0CFw0r8-4KgH0SxJwqE4gpuAm-Knuk-Tjtm3yb8H6Y6BD7tg@mail.gmail.com>
	<524A699E.6080006@gmail.com>
Date: Wed, 2 Oct 2013 18:54:55 +0000
Message-ID: <CAN0CFw1OkaN2rdigQMDi65Hsvpc1HyS5oWpQa5VZaHFnGjwcgg@mail.gmail.com>
Subject: Re: [gentoo-user] Managing multiple systems with identical hardware
From: Grant <emailgrant@gmail.com>
To: Gentoo mailing list <gentoo-user@lists.gentoo.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Archives-Salt: 400bb28e-a45c-468a-8977-83125922b552
X-Archives-Hash: c00c581bf1a8a3bd6cc875de206b7061

>>>>> I see what you desire now - essentially you want to clone your laptop
>>>>> (or big chunks of it) over to your other workstations.

I've been working on this and I think I have a good and simple plan.

My laptop roams around with me and is the "master" system.  The office
router is the "submaster" system.  All of the other office systems are
"minion" systems.  All of the systems are 100% hardware-identical
laptops.  All of the minions are 100% software-identical.

I install every package that any system needs on the master and create
an SSH keypair.  The only config files that change from their state on
the master are: /etc/conf.d/hostname, /etc/conf.d/net,
/etc/ssh/sshd_config, /etc/shorewall/*.  I write comments in those
files which serve as flags for scripted changes.

I write a script that is run from the master to the submaster, or from
the submaster to a minion.  If it's the former, rsync / is run with
exceptions (/usr/portage, /usr/local/portage, /var/log, /tmp, /home,
/root but /root/.ssh/id_rsa_script* is included), my personal user is
removed, a series of workstation users are created with useradd -m,
services are added or removed from /etc/runlevels/default, and config
files are changed according to comment flags.  If it's the latter,
rsync / is run without exceptions, services are added or removed from
/etc/runlevels/default, and config files are changed according to
comment flags.

All user info on the submaster and minions would be effectively reset
whenever the script is run and that's fine.  Root logins would have to
be allowed on the submaster and minions but only with the SSH key.
There are probably more paths to exclude when rsyncing master to
submaster.

That's it.  No matter how numerous the minions become, this should
allow me to keep everything running by administrating only my own
system, pushing that to the submaster, and having the submaster push
to the minions.  I've been going over the nitty-gritty and everything
looks good.

What do you think?  Is there anything inherently wrong with rsyncing /
onto a running system?  If there are little or no changes to make,
about how much data would actually be transferred?  Is there a better
tool for this than rsync?  I know Funtoo uses git for syncing with
their portage tree.

- Grant