[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Administering a thousand hosts
From: |
John Borwick |
Subject: |
Re: Administering a thousand hosts |
Date: |
Tue, 16 Nov 2004 22:32:30 -0500 |
User-agent: |
Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041110 |
Jamie Wilkinson wrote:
To build new machines, check out Red Hat's kickstart. Have a cfengine
package (I recommend those from Dag Wieers repository,
http://dag.wieers.com/packages/cfengine ) installed in the %post section and
get the machine enrolled and updating from the beginning.
FWIW, we use the below in our %post to run cfengine through 'rc.local'
on first boot. -DInit sets "Init" for our site, which means to us that
it's OK to initialize all the network interfaces and do other things
that might break a production system.
I have had a bad experience running cfengine in the post directly,
because your environment is so limited. We built our own RPM that has
our site's "update.conf" and server public keys; when you install it
with up2date it pulls down cfengine, too, and is ready to contact our
main cfengine server to copy its real configuration. yum, up2date, or
even 'wget URL && rpm -ivh' would all work in its stead.
%post
# FIRST BOOT
mv /etc/rc.d/rc.local /etc/rc.d/rc.local.sav
cat <<"RC_LOCAL" > /etc/rc.d/rc.local
#!/bin/sh
/usr/sbin/up2date --solvedeps=wfu-cfengine
cfagent -Kvq -DInit
mv /etc/rc.d/rc.local.sav /etc/rc.d/rc.local
RC_LOCAL
chmod 755 /etc/rc.d/rc.local
Yours,
John
--
John Borwick
System Administrator
Wake Forest University | web http://www.wfu.edu/~borwicjh
Winston-Salem, NC, USA | GPG key ID 0x797326D5
signature.asc
Description: OpenPGP digital signature