Deploy & Configuration management strategies

Latest response

I am investigating the best way to do deploy and configuration management of RHEL boxes, mostly virtual on VMware. I am looking into Satelite as a one stop solution (I hate using various tools that overlap functionality). I can deploy configuration files with Satelite. Is it possible to do post deployment actions after deploying the config file? For example, the ideal situation would be to push i.e. a sshd config file and, when it is different from the old config file, the sshd service is told to reload its config from the new file. I read from the Satellite reference guide about actions with the possibility to execute remote actions, but there seems no relation to configuration file deployment. Alternative with Satelite is to build a "server" rpm with all config files and write a post install to restart the services. This gives, for example, md5 checksums on config files from rpm tooling. When installing a new version of this rpm the configfiles get overwritten (if the rpm is set up to do so), and services are notified to reload/restart. Another alternative is to build a standard server golden image and clone these in VMware. Then use puppet to give the server it's final packages and configuration. Configuration canges are then all managed using puppet. This gives other problems like subscription management, maintenance of the golden images, etc. What is the best strategy here? Speed of deployment does not have the highest prio, but known configuration and deployment automation has.

Responses

Hi Fred,

 

I believe Satellite would be the product that best suits your needs. You can certainly push post install configuration scripts via the PXE/Kickstart implementation that Satellite uses.  Additionally, Satellite will allow for you to have one place to go for provisioning updates and/or new packages to your servers, having a centralized place to see the eratta available for your servers, and allow reports to be generated via the Satellite API.

 

What I have mentioned only scratches the surface of Satellite's abilities, but based on your question, those features are ones I feel would interest you and your environment.

 

Best regards,

Chris Hudson

My tip is to use the satellite with cobbler for deployment and system management in terms of patching and environment separation (ie test,stage,prod environments). Kickstart systems with activationskeys to get a "golden image" then use puppet for the configuration management. 

 

I used chef before for configuration management since the satellite missed out some logic in configuration management, it can push out config files to servers, but then you have to run remote commands on specific machines to reload apache after deploying a new vhost configuration file. With chef/puppet as configuration manager it deploys the config files then continues with the logical step of doing a force reload on the httpd service. 

 

Hope that helps a little =)