Thanks Martin. It sounds really good.
Would you share some configuration on place?
When you say patching you mean only linux with packages updates?
Regards
On 13/03/2015 8:08 PM, Martin Willemsma mwillem...@gmail.com wrote:
I do have a succes story for using Puppet as a patch management tool.
I do have a succes story for using Puppet as a patch management tool. We
build a system around PuppetDB and our internal CMDB to have patches
installed automatically according to update schedules (input for puppet
schedule type) and in a controlled manner.
- Display package updates from PuppetDB
I don't recommend using Puppet for anything to do with patching, even in
the distribution of the patches. (Actually, I'm not sure how Puppet would
be used to distribute patches even in principle.) Anyhow, sooner or later
you're going to want a tool that was actually designed for patch and
While it's possible to do stuff like this in Puppet, this isn't really
configuration management you're doing; it's systems administration. If
your requirement is to have patches installed automatically, I would write
a 10 line shell script, and use puppet to install it as a cron job.
On
While it's possible to do stuff like this in Puppet, it's not really
configuration management that you're doing here; it's systems
administration. If your requirement is to have patches installed
automatically, I would write this as a 10 line shell script, and have
Puppet just take care of
I don't have enough nodes to justify running my own patch repository, but
here is the manifest I use for patching our Debian-derived systems. First,
though, here is the facter called updates_already_running
Facter.add(:updates_already_running) do
confine :osfamily = Debian
setcode do
if
El 11/03/15 a las 14:26, Alessandro Franceschi escribió:
I agree with what you wrote.
Puppet is not the best tool to execute one-shot operations like patching
or deploying of applications.
It's good at maintaining the state of the resources of our systems, so
you can use it to configure what you
I agree with what you wrote.
Puppet is not the best tool to execute one-shot operations like patching or
deploying of applications.
It's good at maintaining the state of the resources of our systems, so you
can use it to configure what you need to manage the patching or the
deployment of a
Agree.
Thanks
On 12/03/2015 12:26 AM, Alessandro Franceschi a...@lab42.it wrote:
I agree with what you wrote.
Puppet is not the best tool to execute one-shot operations like patching
or deploying of applications.
It's good at maintaining the state of the resources of our systems, so you
can