Can anyone point me in the direction of configuration management software used for access and distribution level equipment? (i.e. DSLAM, GPON Equipment, Proprietary IP PBX Systems) These devices normally have telnet/ssh but have closed OS’s. Thanks for any information. Asked by notmyname for systems that support exporting to human-readable configuration files or reports, i typically using some sort of version control that integrates a visual diff function. my current preference is TortoiseHg because it’s easy [...]

I have a web Linux-based infrastructure which consists of 15 virtual machines and over 50 various services. It is fully controlled by Chef. Most of the services are developed internally. Basically the current deployment process is triggered by a shell script. A build system (a mix of Python and shell scripts) packages the services as .deb files and puts these packages into a repo. It runs apt-get update on all 15 nodes then because the [...]

I’m new to Puppet and to start using it I want to learn how to manage system users. I have several users, which share common properties, so I thought I should factor things out. After some struggle, here’s what I came with: define staff::ssh_key($user) { ssh_authorized_key { $name[name]: ensure => present, key => $name[key], type => “ssh-rsa”, user => $user, require => File["/home/${user}/.ssh"], } }define staff($fullname, $ssh_keys, $shell = “/bin/bash”) { user { $name: ensure [...]

I’m running squid-deb-proxy and I want to alter the configuration using Puppet/Augeas. When I try this: augeas {‘squid-deb-proxy.conf’: lens => ‘Squid.lns’, incl => ‘/etc/squid-deb-proxy/squid-deb-proxy.conf’, changes => ["set http_port 3129"], require => Package['squid-deb-proxy'] } I get the following error from Puppet: err: /Stage[main]/Portal::Packages::Squid-deb-proxy/Augeas[squid-deb-proxy.conf]: Could not evaluate: Save failed with return code false I tried the following with augtool: augtool> rm /augeas/load/* rm : /augeas/load/* 867 augtool> set /augeas/load/Squid/lens Squid.lns augtool> set /augeas/load/Squid/incl /etc/squid-deb-proxy/squid-deb-proxy.conf augtool> load augtool> [...]

I’m new to Amazon AWS. A lot of the time I hear about people folks spawning instances and almost instantly putting them behind a load balancer and into an existing cluster. In the traditional world of managed machines, this would include provisioning hardware, installing an OS, configuring the network on the machine and once the network is available, use a tool of your choice such as CFengine, Puppet or Chef to bootstrap the machine based [...]

I’m experimenting with large changes to Linux system runtime parameters exposed through the sysfs virtual file system. What is the most efficient way to maintain these parameters so that they persist across reboots on a RHEL/CentOS-style system? Is it simply a case of dumping commands into /etc/rc.local? Is there an init script that’s well-suited for this? I’m also thinking about standardization from a configuration management perspective. Is there a clean sysfs equivalent to sysctl? Asked [...]

I regularly but randomly get the following error message when I run the puppet client on machines (non-daemonized): err: Could not create : Parameter path failed: File paths must be fully qualified warning: Not using cache on failed catalog warning: Configuration could not be instantiated: Parameter path failed: File paths must be fully qualified It seems moderately clear what it means — that I don’t have a fully-qualified path in a parameter. However, it doesn’t [...]

This was a breeze in CFEngine… But I’m in a Puppet environment now, and need to be able to assign/ensure/check certain sysctl.conf variables. In the CFEngine world, I could simply check for specific lines within a config file… I’ve found a small reference to a sysctl module on the Puppet wiki and a project in github that appears to do what I want. But neither are really documented well. I’m simply looking for a way [...]

What are some ways for managing the installation and configuration of various software applications and settings in group of linux development and server computers? Is a set of basic scripts a good means of attack? I was thinking about just having a ton of scripts, such as: setup_dev_env [install|uninstall|reinstall] setup_nfs [...] setup_nfs_share [...] setup_http [...] setup_memcache_node [...] Is there any better method? It would be nice to be able to “upgrade” an installation script too, [...]

First of, I’m fairly new to this whole linux thing… So be gentle. The setup: I have a couple of Ubuntu servers… A pair of DNS servers running Bind, and a pair of servers running Nginx and HAProxy to load-balance requests to some back-end servers. Now, the Bind servers pretty much keep each other up to date by doing zone transfers, although there are some settings in bind that I would like to share between [...]