[Gllug] Production system - Linux 2.4.24, LVM and cciss
Martin A. Brooks
martin at clues.ltd.uk
Mon Jan 12 17:00:30 UTC 2004
At 16:46 12/01/2004 +0000, you wrote:
>Couldnt agree more. When it gets too complicated, gets something like
>those packages in. I'm just trying to think of a setup in which just 200
>machines require such specific setup that one of those config management
>setups is justified (to me)
One very simple answer: ssh keys.
My current contract is with a well known search engine. Within the
datacentre I work there are groups of machines allocated to one customer or
another. We want the people who are responsible for client Foo to be able
to get root access to all the nodes in their project. cfengine is used to
not only push out that "service user" ssh key but to enforce the keys that
are present in on the servers in question.
We have around 25 projects and clusters of machinea range from 4 machines
to 32 machines. Adding a machine to a particular project as simple as
adding it to a list in a text file. Next time cfengine runs that machine
will automatically have the right ssh keys added.
Martin A. Brooks, Clues Ltd.
http://www.clues.ltd.uk/
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list