Date: Thu, 5 Feb 2015 07:41:08 -0500 From: Chris Nehren <cnehren+freebsd-stable@pobox.com> To: freebsd-stable@freebsd.org Subject: Re: push a few config files to dozen or so servers Message-ID: <20150205124108.GA89820@behemoth.lan> In-Reply-To: <20150205133253.7ed286e20f30517cafc04335@fastmail.fm> References: <20150205130234.3fcbabfb@efreet.mimar.rs> <20150205133253.7ed286e20f30517cafc04335@fastmail.fm>
next in thread | previous in thread | raw e-mail | index | archive | help
--k+w/mQv8wyuph6w0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 05, 2015 at 13:32:53 +0100, Schaich, Alonso wrote: > On Thu, 5 Feb 2015 13:02:34 +0100 > Marko Cupa? <marko.cupac@mimar.rs> wrote: >=20 > > Hi, > >=20 > > thanks to virtualization, my fleet of FreeBSD hosts have grown to more > > than dozen, and it still grows. There are some files that need to be > > identical on all of them (aliases, sudoers, root crontab, pkg repo > > files etc.). > >=20 > > I was looking at puppet and cfengine but learning and implementing those > > seem like an overkill for my purpose. > >=20 > > Are there any other elegant solutions which can help me achieve my goal? >=20 > If they really need to be identical all the time, I'd put them on a > network share mounted at boot and symlink on them from etc, var/mail, > and so on. repositories can be mount points themselves, so clearly > candidates for a network share, too. Putting critical files like sudoers and other files in /etc on a network share makes me quite uncomfortable, especially in the case of means to authenticate users or escalate privileges. When (not if) the network or the file share are unavailable, it becomes far harder than it needs to be to troubleshoot the problem. Network filesystems are great, until they break, and then they're far, far worse than all the alternatives. --=20 Chris Nehren --k+w/mQv8wyuph6w0 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJbBAABCABFBQJU02TfPhSAAAAAABUAIHBrYS1hZGRyZXNzQGdudXBnLm9yZ2Nu ZWhyZW4rZnJlZWJzZC1zdGFibGVAcG9ib3guY29tAAoJEBHA+GJAM0vPCd8P/isU 3DgulsnBPx6zRbUPB8dC0XpzU+glKbyGQ57W1hti/91ooGKU1NXpO4H8jJrotdWZ jYqkXXH7yskBlGMEFnVhqzOE9mrftgQnQZ1/twtBQ441R/bIdUOMKTRUOOR4Nhbf SzCR/PlOAZw38YfKRE1VNM0FoEJUTgKt95IjScjiMMzl1bsp8Ny1ZA14xwOqFGzD UmXWAIeQizckTqJVHGpWbEtlSTed2Z6SYqV5dp2GKjmw9jHrNpTjcwrO4c6fV8j4 AEvxTzSfNXwfbmDXfFfgvierZGiU91AnUl77Fa5bfkOudwTjn0IEoJeOudIiyHUT OM7IGmSIY7BH7jntEnGtj6ClOHZp1jdYJyWa+QOvVcuJ0tSBjNicF7vdVwQ/XzOh 9w5uJQFabkvInMc3C8bfS42rMrE8hNTG+vhyVD/YX3H0HEvWX7BkTEhDnxoy3K46 91G2FIFDG62WmIVA7D5EuJqzu65PySR5STuraH7h2rAnDLbSESza4vpPTNJbw1Yy Gf27e2QCRPq71zmnEYrfQv0TEw+9Z2GR/L4XKKDuOfaWKDSia1Ufs+MYjyajXYL4 BhTkkfFp75eGFLD0hYgkpFFWDwUqac9xhl/hw3XDmVabaF8Oq+0NjDYtEoMP+vko 7w9GE/djstr/Qvi757jv2zvbRu1JqERYivmN8eob =Dh7Q -----END PGP SIGNATURE----- --k+w/mQv8wyuph6w0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150205124108.GA89820>