Tool or scripts to check configurations

Latest response

We have several web servers and weblogic nodes that we need to make sure configurations between them are matching since they are clustered the configurations in each group match.
What does everyone use for making sure system configurations match?
Currently I use puppet for somethings to make sure ntp, chrony, sysctl.conf type settings are set within puppet on our Satellite server.
Management is wanting something that is automated to say if systems match and if configurations changed between them.
They do understand there will be a few differences with IP and network. The big piece is application differences and such.
Our nodes are mixed between RHEL 7 and 6 most are RHEL 7

Thanks in advance

JA
Log in to join the conversation

Responses

Jörg Kastning's picture Expert 1223 points
29 May 2018 7:04 PM

Well, if you are already using puppet this should be sufficient to ensure running the same configuration on different hosts. If an admin changes the config by accident or on purpose it would be corrected during the next puppet run.

We are using Ansible to deploy configs like chrony.conf, sshd_config, resolv.conf, etc. to our hosts. If a config differs it gets corrected. But you could do this with puppet as well.

RD Red Hat Expert 1291 points
29 May 2018 8:34 PM

As Jörg has said, since you are already using Puppet to manage some system configuration items, I recommend you use Puppet for this situation also. If anyone manually changes a configuration item outside the Puppet environment, the configuration items will be reset when the Puppet agent next runs. For Satellite 6 the default Puppet agent is every 30 minutes.

Siem Korteweg's picture Guru 1450 points
30 May 2018 5:19 AM

Please have a look at System Configuration Collector (SCC).

From https://sourceforge.net/projects/sysconfcollect :

"System Configuration Collector collects and classifies most of your UNIX/Linux/BSD configuration data in flat files called snapshots. This unique concept allows changes in snapshots of consecutive runs to be detected. These changes are added to a logbook that is helpful for administrators during troubleshooting and for auditors during audits. Snapshot and logbook are also available in HTML format. "

The classification ensures that for example the size of the file systems is considered fixed data and the current usage variable data. Configuration data of DHCP network interfaces is another example of variable data in the snapshots.

When all snapshots and logbooks are sent to the server part, the web-interface supports comparing the configuration of the systems as can be seen at http://sysconfcollect.sourceforge.net/examples/compare_system.html

An example centos7 snapshot can be seen at http://sysconfcollect.sourceforge.net/examples/scc.centos70.html

JA Active Contributor 170 points
31 May 2018 7:03 PM

Thanks for the recommendations. The big things is we have apache and weblogic as our 2 main applications and I don't have puppet fully vetted yet to install and keep track of configurations since we have several between different servers. And the puppet is what is integrated in Satellite so I am still learning how to build and use my own modules to make life easier.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.