help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bootstrapping


From: John Sechrest
Subject: Re: Bootstrapping
Date: Wed, 18 Feb 2004 13:43:40 -0800


"Luke A. Kanies" <address@hidden> writes:


 % That's basically what I'm doing right now.  I keep the hosts in LDAP, and
 % I generate an import file every time cfagent runs (yes, it's generated
 % idempotently).

 How do you generate it? An external script? 

 % This is functional, and I didn't mean to imply that there aren't methods
 % of solving these problems.  The problem with my setup is that there is a
 % manual step (add the host to ldap), and then two automatic steps that can
 % take up to 15 minutes each.  This delay isn't a technical problem, it's a
 % human problem; people begin thinking of the LDAP repository as the place
 % from where cfservd is getting its access list, so they expect immediate
 % results.

 Ahhh. Click. If it is in LDAP , then it should be immediate...
 

 % Now that Marc has accepted a patch to support returning lists from
 % ExecResult, I will be able to have cfservd get the list directly from LDAP
 % (rather than having to import it), but I'll still have to HUP cfservd to
 % force it to reload the list.

 Ok. I see. What would it take for cfservd to use a dynamic structure?
 


 % Basically, this is a classic case of a leaky abstraction.  I've built my
 % environment so that it behaves as though cfservd is directly getting
 % information from LDAP, but the truth is leaking through in the delays and
 % HUPping, and that leakiness confuses my users.  Really, really confuses
 % them.  That, and it's often inconvenient.

 In what cicumstances do your users notice things about system
 configurations?

 All the vital things like passwords are in ldap... Right?

 So what do they notice being slow?



-----
John Sechrest          .         Helping people use
                        .           computers and the Internet
                          .            more effectively
                             .                      
                                 .       Internet: address@hidden
                                      .   
                                              . http://www.peak.org/~sechrest




reply via email to

[Prev in Thread] Current Thread [Next in Thread]