Re: multiple ports trees
On Thursday, 9 November 2006 at 8:46:00 -0600, Christopher M. Hobbs wrote: Hello, list! I've got about six production servers and a couple of workstations running FreeBSD 6.1-STABLE and 6.2-PRERELEASE. Some of these machines are sitting in DMZ, the others are internal. Currently, each of them has their own ports tree. How terrible of an idea would it be to take one of the production servers that isn't really doing a whole lot of work, and make it's /usr/ports available over NFS to the other machines? Am I headed in a bad direction here? This is what I do. It's not completely without its problems, though: - Some programs, notably GNU autotools, get upset if you run across NFS. I've worked around this problem by copying the tree where necessary; it's not as bad as it seems. - The ports collection stores build information in the work directory. For example: $ ls -lart work3 -rw-r--r-- 1 root wheel 0 Nov 14 13:29 .patch_done.mythtv._usr_local -rw-r--r-- 1 root wheel 0 Nov 14 13:29 .extract_done.mythtv._usr_local -rw-r--r-- 1 root wheel 0 Nov 14 13:44 .configure_done.mythtv._usr_local -rw-r--r-- 1 root wheel 0 Nov 14 15:56 .build_done.mythtv._usr_local drwxr-xr-x 3 root wheel 512 Nov 14 15:56 . drwxr-xr-x 7 grog lemis 512 Nov 14 17:14 .. drwxr-xr-x 13 root wheel 1024 Nov 14 21:56 mythtv-0.20 If you build a package on one system, and then try on another, the Ports Collection will find these files and assume that there is nothing to do. You need to do a 'make clean' first to get it to do the process again, including dependency checks, on the new machine. Also, what about user accounts between machines? With NFS you typically have the same user ID on all related machines. I got to thinking that because some of the servers have the same user accounts, would it be possible to share a password file or home directories? Yes, again with some caveats. The biggest ones are configuration files in the home directory that contain references to the system you're working on. My biggest problem is the .emacs file: it refers to packages that I have installed on some systems only. Should I build another box strictly for this purpose? I get by quite happily with a separate tree on one of my existing systems. Greg -- When replying to this message, please copy the original recipients. If you don't, I may ignore the reply or reply to the original recipients. For more information, see http://www.lemis.com/questions.html See complete headers for address and phone numbers. pgpjznRodtVeC.pgp Description: PGP signature
Re: multiple ports trees
On Wednesday 15 November 2006 01:24, Greg 'groggy' Lehey wrote: On Thursday, 9 November 2006 at 8:46:00 -0600, Christopher M. Hobbs wrote: [sharing ports tree] Also, what about user accounts between machines? With NFS you typically have the same user ID on all related machines. I got to thinking that because some of the servers have the same user accounts, would it be possible to share a password file or home directories? Yes, again with some caveats. The biggest ones are configuration files in the home directory that contain references to the system you're working on. My biggest problem is the .emacs file: it refers to packages that I have installed on some systems only. The issue which bit me when doing this was that many ports add a user using pw(8) (as indeed the Porter's handbook advises them to), and this uses the ``next available'' uid. In my case, on one server I added net/isc-dhcp3-server from ports before setting up LDAP: the result was a uid clash between the dhcpd user created by the port, and a human user in LDAP. Even if LDAP had been set up, I would still have had to note, the next time I needed to add a human user, that the ``next available'' uid was being used by a port on one particular server. I'm now in the process of creating two ranges of user numbers: one available to pw(1) and ports (through pw.conf(5) settings) and a separate range for human users - see my earlier post to this list (12 Oct 2006) for more. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multiple ports trees
On 11/9/06, Christopher Hobbs [EMAIL PROTECTED] wrote: How terrible of an idea would it be to take one of the production servers that isn't really doing a whole lot of work, and make it's /usr/ports available over NFS to the other machines? Am I headed in a bad direction here? That's what I tend to do when =2 FreeBSD machines are close together. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multiple ports trees
On Thu, Nov 09, 2006 at 09:10:49AM -0600, Christopher Hobbs wrote: This message may inadvertently get sent twice. For some reason, mx1.freebsd.org has been rejecting messages from my work address. Here's the message that I originally attempted to post: Thanks! cmh -- BEGIN SNIP -- Hello, list! I've got about six production servers and a couple of workstations running FreeBSD 6.1-STABLE and 6.2-PRERELEASE. Some of these machines are sitting in DMZ, the others are internal. Currently, each of them has their own ports tree. How terrible of an idea would it be to take one of the production servers that isn't really doing a whole lot of work, and make it's /usr/ports available over NFS to the other machines? Am I headed in a bad direction here? No, this is not a bad idea at all. Just be careful about allowing hosts in the DMZ to mount disks on secure internal machines. You will need to set WRKDIRPREFIX to somewhere local on each machine - not doing so will result in your clients trying to build their ports under the NFS exported file system on the server, leading to enormous amounts of traffic over your network. You might also consider using the unused box to build packages of all the ports your other machines need, and then use pkg_add on the target boxes to install them. If you do this, you'll probably want to make sure that /usr/ports/packages exists on the build host before you start, or you'll end up with packages splattered around the ports tree. You'll also need an ftp server running on the build host, but with appropriate firewall rules this needn't be a gaping hole into your network. Also, what about user accounts between machines? I got to thinking that because some of the servers have the same user accounts, would it be possible to share a password file or home directories? Should I build another box strictly for this purpose? If so, could you point me to some documentation for achieving such a goal? Take a look at http://www.uk.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-nis.html. It sounds to me as if it is pretty close to what you want. As for sharing home directories, this is in the handbook as one of the advantages of NFS: There is no need for users to have separate home directories on every network machine. Home directories could be set up on the NFS server and made available throughout the network. You might want to look at using AMD to manage this, to avoid having lots of unused permanent NFS mounts hanging around. It very much depends on you network usage, though. HTH Dan -- Daniel Bye PGP Key: http://www.slightlystrange.org/pgpkey-dan.asc PGP Key fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A pgpvjNST5FNqN.pgp Description: PGP signature
