Matt Lawrence wrote: > So, I'm looking for references to best practices that I can take to my > boss and other management on the preferred way of doing RHEL kickstarts > and configuration management. Any suggestions? TAL?
I'm not TAL, but.... :-) This looks like a job for.... Puppet! (Or cfengine, or bcfg, or...) Kickstart is really a basic system installation tool. It's not a Configuration Management (CM) system. My take on this is that the job of the installation system is to be able to quickly and reliably install a known basic system (OS), just enough to run the real CM (or customization) system. A small number of Kickstart configs (one per base OS or so), plus puppet/cfengine/whatever to give each system its own personality/configuration seems to be the best combination of installation and CM tasks. I am probably biased, as I started with cfengine 0.8 back in about 1995? And the current $JOB is using Puppet (with other home grown tools). In both cases we managed hundreds (or today, thousands) of hosts with a relatively small number of sysadmins. In my perfect world, you load some information (MAC, hostname, system type such as "DNS server" or "web server") into the CM system and netboot the host. A "few" minutes later you have a fully functional host, with the proper name, IP, software and all configuration data. Completely untouched except to start the netboot. Also in my perfect world, you would never make a change on a host, ever. You make a change in the CM system, perhaps invoke the CM client (cfengine, pupdate) immediately or wait for cron to run, and the host picks up the change. You just can't scale, or reliably reproduce known good configurations without some form of CM tool. And Kickstart really isn't it. Trying to use Kickstart as a CM system intertwines the system installation and software with the per-host configuration data, which will (I believe) only make things more difficult. Oh, and get a copy of TPOSNA, it is a great summation of the state of the art, eg best practices for system and network administration. --tep _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
