Hey every one,
I just did a POC of Spacewalk in AWS and I thought that I would just let everyone know how it went.
So first let me say it failed sadly due to a couple of annoying little issues.

First I found that it is not compatible with RDS hosted PostgreSQL. Note I did not test wit RDS oracle yet but I may briefly just out of curiosity. this was due to the fact that RDS doesn't give you full superuser privileges it actually leaves a few permission out one of which is needed during installation. For me this wasn't a definite show stopper.

The real issue was getting the agent to work on Amazon Linux. A few things popped up first it seems like Amazon Linux even though it's based on RHEL 6 is missing a package python-gudev is not included in Amazon Linux also a few other python dependencies for some reason weren't detected by yum such as python-OpenSSL. 
I was able to compile python-gudev fairly easily and track down most of the missing dependencies by using "yum provides" but finally there was a dependencies that broke the registration involving a call to hardware_hal that I could not easily track down and that was the clincher for me.

That said I did figure out how to handle a number of potential issues for other distributions in AWS.
The biggest revelation is autoscaling now you can do lambda functions as part of the Lifecycle of instances. So one of the things that you can do is deregulated instances that autoscaling has terminated via a lambda function there is a catch to this there must be an external database with Metadata about the instance because the only thing the lambda function knows is the instance I'd and can't lookup the data about the instance after its been terminated. Amazon has a lot of well documented examples of this particularly they have an example of how to have autoscaling create and remove CNAMEs in route 53. Registration is easy there are plenty of ways to handle that like via the user Metadata and configuration management tools so I won't get too deep into that.

As for the Amazon Linux yum repository that is fairly easy to get imported and the updates reopen includes errata which imported seamlessly.
The one problem I found is in the path to the repositories they spit the releases into 9 per year prefixed with the year. Now you can substitute that with "latest" when downloading the mirror list but not on the repositories themselves.
This actually raised an issue I've been thinking about for a long time which is why can't we support mirror lists. I plan to write this up a little better in an RFE but the biggest issue there is usually the mirrors have variables that get replaced by yum. If we wanted to clone that behavior in spacewalk-repo-sync then we would probably want to define them as key Value pairs on the channel that way we could use the same mirror list with multiple channels with different architectures and or distribution release numbers.

What I did find is in my opinion spacewalk was significantly better than any of the tools being offered by Amazon for patch management so if the agent install issue on amazon Linux can be addresses and maybe we can get a few other minor details ironed out than Spacewalk might become a contender in AWS for patch management in the future

I'll send out some more details on my exact finding in a future email.

Sent from my BlackBerry - the most secure mobile device
Spacewalk-devel mailing list

Reply via email to