* Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-18 17:13]: > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>: > > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 18:59]: > > > Hi > > > > > > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>: > > > > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 15:51]: > > > > > 2008/1/16, Henning Brauer <[EMAIL PROTECTED]>: > > > > > > * Piotrek Kapczuk <[EMAIL PROTECTED]> [2008-01-16 14:18]: > > > > > > > Didn't know it is exactly the same as options. I found it in > > > > > > > flashboot. I'll look more in to other flashboot customisations. > > > > > > > Thanks > > > > > > > for pointing this out. > > > > > > > > > > > > flash boot and teh like are obsolete ways to complicate your life. > > > > > > > > > > Let me disagree with you. > > > > > Actually it's fantastic to have one system image which you can deploy > > > > > on dozen of firewalls remotely. > > > > > > > > > > Upgrade procedure from 4.1 to 4.2 ? > > > > > > > > scp bsd [EMAIL PROTECTED]:/ > > > > > ssh [EMAIL PROTECTED] "reboot" > > > > > > > > > > Total downtime = reboot time. > > > > > > > > in-place updates are trivial enough to be scripted if you can make a > > > > few assumptions for your environment. > > > > > > Really ? More trivial script than something like this ? > > > > more trivial? who gives a f***? I said trivial enough. > > Sending base42.tgz over 512Kb WAN link - 12 minutes.
the soekris has 100 MBit/s. > Extracting base42.tgz on Soekris NET4801 to flash - 16 minutes where did you find such slow flash? in any case, both these steps do not require attention and teh box will continue to work just fine in the process. > > if you add the time it takes you to bake your kernel, I am probably > > already at the 5th beer after beeing done. > If you add your time spent on writing,testing, modifying that script > of yours ... well, I don't think so. that has happened long ago. only trivial adjustments for new releases. even doing it by hand is fast. > > > Imagine you have a customer. This customer has 18 carp'ed firewalls. > > > You have to upgrade them. Boxes are in 3 different towns each town > > > 100km far from you. You have only ssh access and no remote console. > > > > > > How can you remotely upgrade a box ? (without using bsd.rd) How long > > > will it take ? > > > > how? read the upgrade-minifaq, it is in there. > > I though you do it in some other way. no, basically the upgradeXX.html way. slightly adjusted and scripted, but still basically that way. > > i have it scripted. > > i manage way over a hundred openbsd machines, many remote, and the > > "local" ones I don't touch either (i. e. i treat them like they were > > remote). > > it takes me about 2 minutes per reasonably fast machine. > You look like you're really happy with that method ... well, you've > convinced me. > I have a few fast machines. I definitely have to give a try with > "upgrade by scripting". > > I'd really love to see your scripts. How do you do it ? Could you > please send me something off the list ? Please. i don't really want to make that script public, since it allows one to shoot yourself in the foot badly if you don't know what you're doing. > > > Really, in this kind of setups I don't think bsd.rd is something evil. > > well, I am absolutely certain it is evil in that scenario. > Well, it saves a lot of time for me. For that scenario - flash > storage, slow links, slow constrained machines it's better to stay > with it - at least for me. i am totally convinced you're wrong. > > > > my update downtime is no more than that reboot, no matter what machine, > > > > flash or not. > > > Update or upgrade ? > > 4.1 to 4.2 is not an update? > I've used to think: > update - changes within major version - following -stable > upgrade - changes between major versions- 4.1 - 4.2 well, whatever terminology. call it upgrade if it makes you happier :) -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
