From owner-freebsd-stable@FreeBSD.ORG Thu Feb 5 17:34:03 2015 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1D05C53C for ; Thu, 5 Feb 2015 17:34:03 +0000 (UTC) Received: from gromit.dlib.vt.edu (gromit.dlib.vt.edu [128.173.126.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gromit.dlib.vt.edu", Issuer "Chumby Certificate Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id CA7FED6B for ; Thu, 5 Feb 2015 17:34:02 +0000 (UTC) Received: from pmather.lib.vt.edu (pmather.lib.vt.edu [128.173.126.193]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by gromit.dlib.vt.edu (Postfix) with ESMTPSA id EB2CA6C5; Thu, 5 Feb 2015 12:27:39 -0500 (EST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: push a few config files to dozen or so servers From: Paul Mather In-Reply-To: <20150205154743.GO88387@mail0.byshenk.net> Date: Thu, 5 Feb 2015 12:27:39 -0500 Content-Transfer-Encoding: 7bit Message-Id: <3552828A-536D-41AB-B56D-F47AA4164A79@gromit.dlib.vt.edu> References: <20150205130234.3fcbabfb@efreet.mimar.rs> <54D37932.7010808@madpilot.net> <20150205154743.GO88387@mail0.byshenk.net> To: Greg Byshenk X-Mailer: Apple Mail (2.1878.6) Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2015 17:34:03 -0000 On Feb 5, 2015, at 10:47 AM, Greg Byshenk wrote: > On Thu, Feb 05, 2015 at 03:07:46PM +0100, Guido Falsi wrote: >> On 02/05/15 13:20, Ronald Klop wrote: >>> On Thu, 05 Feb 2015 13:02:34 +0100, Marko Cupa?? > >>>> thanks to virtualization, my fleet of FreeBSD hosts have grown to more >>>> than dozen, and it still grows. There are some files that need to be >>>> identical on all of them (aliases, sudoers, root crontab, pkg repo >>>> files etc.). >>>> >>>> I was looking at puppet and cfengine but learning and implementing those >>>> seem like an overkill for my purpose. >>>> >>>> Are there any other elegant solutions which can help me achieve my goal? >>> >>> Cron and rsync. >>> Or create a pkg which you install on all servers. >> >> He could also use an VCS system (subversion, git, fossil, whatever) and >> some scripts. >> >> This adds the advantage of having history. > > If it's really limited, you should be able to wrap svn/git > and scp/rsync in python/bash/ and have > something that works. > > >>> Just some quick ideas. In the end you just want to use something like >>> puppet. :-) >> >> I Agree, in the end that kind of solution is definitely more robust. > > But, agreeing here, as well, there are some real advantages > in ensuring consistency, etc. with something like puppet. > > And a basic, minimalist puppet is pretty basic and minimal. > Puppet can get very complex, but that comes from managing > complex environments. I'm familiar with Puppet and agree with your observations above. One thing that concerns me with Puppet, though, is that Puppet is not considered as a Tier 1 platform by Puppet Labs and so FreeBSD support is inconsistent. With the current emphasis on modules and the Puppet Forge, the focus on the RedHat and Debian OS families in many modules makes it harder for FreeBSD users to use Puppet without reinventing the wheel. Unfortunately, with Puppet, a lot of the "magic" happens under the covers in these modules, via Types and Providers, and if they don't support FreeBSD then they're not much use. (This is another way of saying, "Puppet works great when it works.":) I know this is a manifestation of the general "Linuxism" of *nix, so I know I'm swimming against the tide in a sense in hoping for better support. :-) However, I don't get a sense of the vibrancy of the community around FreeBSD and Puppet. Is it thriving? (Because Puppet abstracts away the OS from a sysadmin point of view, people might argue, "why run FreeBSD if you're using Puppet?") Also, Puppet seems to have evolved rather than being the product of a clean, simple design. (Maybe this is endemic to any Ruby-based project.:) The orchestration (e.g., Marionette Collective) seems a bit bolted-on to me. Despite all that, there is still lots and lots to recommend Puppet. However, if there's another configuration management framework that is more "FreeBSD-friendly," then it would be good to know of that. With large-scale system installations becoming more and more prevalent, so too does the importance of configuration management and orchestration systems. I've been looking at Salt recently, which I've heard is supposed to be quite "FreeBSD-friendly." Does anyone know of any others that have a great FreeBSD community and support behind them? Cheers, Paul.