Thomas Delaet wrote:
I couldn't agree more. However, another (more lightweight) approach to
getting more data is to get more validation tools in production
environments. They are less intrusive and the languages these tools
use can be seen as a set of constraints on the domain model of
configuration management. These constraints can be used in tools for
automatic generation of infrastructure policies.
Depending on your definition of validation (whether you mean "is my
configuration valid?" or "are my hosts in sync with their
configurations?"), both Puppet and Bcfg2 (and cfengine, to some extent),
and most likely any of the other tools, can be used for validation. I
actually did a project for a client a few years ago who specifically
never wanted the machines changed; they only wanted reports on invalid
configurations.
I know Bcfg2 has great reporting tools for out-of-compliance states, I
believe it has good tools for interactively fixing those problems, and
Narayan spends some effort making it clear that it's good for validation
(whereas that's not something I really focus on with Puppet right now).
I think the tools are decent, but not many people are using them.
--
The surest sign that intelligent life exists elsewhere in the universe
is that it has never tried to contact us.
--Calvin and Hobbes (Bill Watterson)
---------------------------------------------------------------------
Luke Kanies | http://reductivelabs.com | http://madstop.com
_______________________________________________
lssconf-discuss mailing list
lssconf-discuss@inf.ed.ac.uk
http://lists.inf.ed.ac.uk/mailman/listinfo/lssconf-discuss
