From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-user+bounces-152468-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
by finch.gentoo.org (Postfix) with ESMTP id 3357A13827E
for <garchives@archives.gentoo.org>; Thu, 12 Dec 2013 23:54:11 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 2501AE099B;
Thu, 12 Dec 2013 23:54:05 +0000 (UTC)
Received: from mail-qc0-f171.google.com (mail-qc0-f171.google.com [209.85.216.171])
(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id 1E1BFE086D
for <gentoo-user@lists.gentoo.org>; Thu, 12 Dec 2013 23:54:04 +0000 (UTC)
Received: by mail-qc0-f171.google.com with SMTP id c9so937736qcz.16
for <gentoo-user@lists.gentoo.org>; Thu, 12 Dec 2013 15:54:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type;
bh=da2OMblyV+ivt8myjz5r+C6bOORxUirqG8cKSbBftQ4=;
b=FxqNhri76D8XOvun9l/7jEoIiG8MiZOKeeqpOP0QN3rTBG0Y+JZX7dlwKrLAZYU4DR
TJVlSaarzSpD414gXzdxqBdMA/ZTJUoMPq3ye2ZtuXKOLNTj/NfYSRXxjeXqcLVyGgKD
Bf88ubTiuDsaQZ9JVbj2n2hGm0RxeRHXALVc9Ewr6YYfl9GyBcYsEkChPq1jXYdDQdwP
HNUAf/zPb7xyJcR1pBFNzLL/LNVdTqexqARb7bfJq36N8MkZKencCWZdw4Wo4u2Gij8m
upQMjq61nEWUkIqs9HQflJ904ScKtFAfk6vImAv8e3nPUztRJXmtO2/UTe8yPlg8Dvao
kYcg==
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
X-Received: by 10.224.8.132 with SMTP id h4mr10928980qah.103.1386892443425;
Thu, 12 Dec 2013 15:54:03 -0800 (PST)
Received: by 10.140.100.162 with HTTP; Thu, 12 Dec 2013 15:54:03 -0800 (PST)
In-Reply-To: <CAN0CFw1OkaN2rdigQMDi65Hsvpc1HyS5oWpQa5VZaHFnGjwcgg@mail.gmail.com>
References: <CAN0CFw0w73Np4Xn83xCm1eFghQBmu2cWoTkekL33Uihzyxiy8g@mail.gmail.com>
<524358B0.1060000@gmail.com>
<CAN0CFw2gC__sR9Mg1Y8kue4qZxKUZTjccOVrcE0Tqd6XBjwQRw@mail.gmail.com>
<52449C1A.5000306@gmail.com>
<CAN0CFw1JTGPt7B5DEHsX=20jbEU9E0urL2VaveGon9jA0q1G-g@mail.gmail.com>
<5245E03A.2020605@gmail.com>
<CAN0CFw1O-emn6qg3fdC7iDLsfM5oTn9p_ny95HEyUO-qtFHDaQ@mail.gmail.com>
<52489438.3090405@gmail.com>
<CAN0CFw0hw6jNZL0S+PBLN3D9EJdz0dFmSW_Xq2Kgr_FwyEA=aQ@mail.gmail.com>
<5249D186.8050808@gmail.com>
<CAN0CFw0r8-4KgH0SxJwqE4gpuAm-Knuk-Tjtm3yb8H6Y6BD7tg@mail.gmail.com>
<524A699E.6080006@gmail.com>
<CAN0CFw1OkaN2rdigQMDi65Hsvpc1HyS5oWpQa5VZaHFnGjwcgg@mail.gmail.com>
Date: Thu, 12 Dec 2013 15:54:03 -0800
Message-ID: <CAN0CFw36hP1TW8toZV-81f=8bRO7LTLyW-gbNddjUaQkJ8S=MA@mail.gmail.com>
Subject: Re: [gentoo-user] Managing multiple systems with identical hardware
From: Grant <emailgrant@gmail.com>
To: Gentoo mailing list <gentoo-user@lists.gentoo.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Archives-Salt: 4a86b98a-682c-4020-a449-02c0e52ef81e
X-Archives-Hash: 8ca88c07681d2fecd06268e36f5c6e24
I'm about to embark on this (perilous?) journey and I'm wondering if
anyone would make a comment on any of the questions in the last
paragraph below. This is basically my plan for setting up a bunch of
systems (laptops) in an office which are hardware-identical to my own
laptop and creating a framework to manage them all with a bare minimum
of time and effort.
Thanks,
Grant
>>>>>> I see what you desire now - essentially you want to clone your laptop
>>>>>> (or big chunks of it) over to your other workstations.
>
> I've been working on this and I think I have a good and simple plan.
>
> My laptop roams around with me and is the "master" system. The office
> router is the "submaster" system. All of the other office systems are
> "minion" systems. All of the systems are 100% hardware-identical
> laptops. All of the minions are 100% software-identical.
>
> I install every package that any system needs on the master and create
> an SSH keypair. The only config files that change from their state on
> the master are: /etc/conf.d/hostname, /etc/conf.d/net,
> /etc/ssh/sshd_config, /etc/shorewall/*. I write comments in those
> files which serve as flags for scripted changes.
>
> I write a script that is run from the master to the submaster, or from
> the submaster to a minion. If it's the former, rsync / is run with
> exceptions (/usr/portage, /usr/local/portage, /var/log, /tmp, /home,
> /root but /root/.ssh/id_rsa_script* is included), my personal user is
> removed, a series of workstation users are created with useradd -m,
> services are added or removed from /etc/runlevels/default, and config
> files are changed according to comment flags. If it's the latter,
> rsync / is run without exceptions, services are added or removed from
> /etc/runlevels/default, and config files are changed according to
> comment flags.
>
> All user info on the submaster and minions would be effectively reset
> whenever the script is run and that's fine. Root logins would have to
> be allowed on the submaster and minions but only with the SSH key.
> There are probably more paths to exclude when rsyncing master to
> submaster.
>
> That's it. No matter how numerous the minions become, this should
> allow me to keep everything running by administrating only my own
> system, pushing that to the submaster, and having the submaster push
> to the minions. I've been going over the nitty-gritty and everything
> looks good.
>
> What do you think? Is there anything inherently wrong with rsyncing /
> onto a running system? If there are little or no changes to make,
> about how much data would actually be transferred? Is there a better
> tool for this than rsync? I know Funtoo uses git for syncing with
> their portage tree.
>
> - Grant