On Tue, Sep 24, 2024 at 7:24 PM John Thurston <john.thurs...@alaska.gov> wrote:
> I'm looking for your ideas. What works? What doesn't work? > > Are you leveraging your existing configuration management tools (e.g. > Puppet, Ansible, Chef)? > For OARC's name servers (significantly simpler than yours, but once you're talking config management that doesn't matter much) I'm using Salt to push configurations. Like with JP's choice of Ansible, Salt heavily uses Jinja templating, which makes the whole thing incredibly easy. Salt also has `gitfs` as a possible source of its configurations, and can listen for webhooks to trigger actions. We're not doing this yet, but I'm gradually moving toward the point where any change to a name server config or a zone file committed to our gitlab instance goes through automatic QA in gitlab, and then triggers an update in Salt. Salt sends all of its messaging between hosts using a message queue, which you can have your own code listen to and inject messages into. We're not making use of that in our modest setup, but it seems like the sort of thing that'd be very useful to a large infrastructure for reacting to events on servers.
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
